Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 02:57 AM   #41
Dryer sheet wannabe
 
Join Date: Mar 2006
Posts: 16
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by Islandboy
It is amazing that Fidelity still only requires the minimum for signing on : userid and password. When are they going to start catching up with better security ?
Schwab is the same. A few days ago I sent them an e-mail asking them to implement better security. Many banks do better now and require more than just a user id and password.
__________________

__________________
safari is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 05:18 AM   #42
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by safari
I arrived there on 30 May 1975, got formed into A Company, Platoon 157.

...

Then after a total of 4 weeks at MRP I got put in Platoon 172 for the rest of 2nd phase. When Platoon 172 went to the rifle range (which I had already done) they put me ahead to Platoon 160 to do 3rd phase. I graduated with Platoon 160 on 12 September 1975. By the way, you have probably guessed that I'm pretty good with dates! Smiley I think that for the couple of weeks or so I was with Platoon 172 we were probably in the same series. Small world!!!
Yes indeed, a small world. I remember the rifle range well. I left PI in early Oct. Went home for a week, then on to NAS Millington in Tennessee for training. I was an air winger. On from there to MCAS New River (Camp Lejeune) in Jax NC. Two med floats (USS GUAM) and home after 4 years.
__________________

__________________
chinaco is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 05:54 AM   #43
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by Islandboy
It is amazing that Fidelity still only requires the minimum for signing on : userid and password. When are they going to start catching up with better security ?


Security is advancing for authentication.

Here is a good link that describes it.

http://www.cs.cornell.edu/Courses/cs...uthPeople.html


Some financial institutions are moving to two-factor authentication. Something you know (password) and Something you have (an authentication mechanism)... they are implemented in a variety of ways. But typically in the more secure mechanisms there is a randomly generated security token.

http://www.tech-faq.com/two-factor-authentication.shtml

Two factor can be implemented in a number of ways...

Here is a link to RSA's solution.

http://www.rsa.com/node.aspx?id=1156

I think some companies also allow you implement a security measure that requires a known third-party to verify your signature (your bank for example) before they will release funds.

The RSA two factor will increase security substantially. But there is a cost to implementing it. Plus you would need to carry the key fob around.

__________________
chinaco is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 08:32 AM   #44
Thinks s/he gets paid by the post
saluki9's Avatar
 
Join Date: Feb 2005
Posts: 2,032
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by chinaco




The RSA two factor will increase security substantially. But there is a cost to implementing it. Plus you would need to carry the key fob around.

our company uses the token that is shaped like a credit card. It fits in the wallet just like any other card which makes it very handy
__________________
saluki9 is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 09:18 AM   #45
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by saluki9
our company uses the token that is shaped like a credit card. It fits in the wallet just like any other card which makes it very handy
Yes. I have seen several credit card style implementations. Some automatically generate a random large number that is the key. Others are just a plastic card with something that you need to interpret (not electronically generated). Some of the keys are a usb implementation that you plug into your computer.

I like the key generation model. I should be able to use that with a voice call also.

The problem is if you wind up with several of these devices. It could get cumbersome to keep up with.... The solution generates a new problem.
__________________
chinaco is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 11:37 AM   #46
Dryer sheet wannabe
 
Join Date: Mar 2006
Posts: 16
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by chinaco
Yes indeed, a small world. I remember the rifle range well. I left PI in early Oct. Went home for a week, then on to NAS Millington in Tennessee for training. I was an air winger. On from there to MCAS New River (Camp Lejeune) in Jax NC. Two med floats (USS GUAM) and home after 4 years.
Well, the world is getting even smaller. After I left Parris Island, I also, got a week off and went home. Then I went to NAS Millington too. We were there at the same time. I was in MATSG-90, MATSS-901. I was there longer than you though because I stayed at NAS Millington until May 1978.
__________________
safari is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 01:18 PM   #47
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by safari
Well, the world is getting even smaller. After I left Parris Island, I also, got a week off and went home. Then I went to NAS Millington too. We were there at the same time. I was in MATSG-90, MATSS-901. I was there longer than you though because I stayed at NAS Millington until May 1978.
I originally was slated to be a tin bender on airframes. When I arrived at NAS Millington and was being processed for school... I was informed that I did fairly well on the math portion of a test and they needed some people to qualify for Navigator school in NAS Corpus Christi. I thought that sounded kinda interesting so I said OK. I waited around for several months... there were some delays. I got impatient and talked to the Gunny. He indicated that there were some opening in Avionics school. I went to Naval AE school. I was an avionic technician. I was in Millington for about 8 months total... about three or four of those months were just waiting around. Then on to New River to HMM264.... Worked on Boeing CH46F and E model helicopter. Those things are still being used. I see them moving troops and equipment around in Iraq on the news.
__________________
chinaco is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 03:18 PM   #48
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Re: Be careful managing assets, accounts, money, over the internet on wireless

http://blogs.zdnet.com/security/?p=19

Nice little handheld device that can be carried into a coffee shop and raid all the wifi enabled devices within range...
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-20-2007, 09:46 PM   #49
Thinks s/he gets paid by the post
 
Join Date: Nov 2005
Location: North of Montana
Posts: 2,753
Re: Be careful managing assets, accounts, money, over the internet on wireless

As the information security guy (until June 1) of a large corporation, I'll suggest that most of these announcements are BS.

Many times, cosultants have told me how their guys will break in to our networks (we do pn-testing). Whenever I suggest no results, no fee, they run like a CFB.
__________________
There are two kinds of people in the world: those who can extrapolate conclusions from insufficient data and ..
kumquat is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-21-2007, 04:10 AM   #50
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by kumquat
As the information security guy (until June 1) of a large corporation, I'll suggest that most of these announcements are BS.
Not sure of which announcements you are referring (as BS). The post from Bunny about the hand held is a fact. Those devices exist...

There are many possible ways (exploits) to pen a corporate network. If a company has a very active/pro-active security program... they might have things in good shape (today). But as new implementations occur (new technology or new implementations of existing technology), improper implementations and/or inherent flaws in the technology open up cracks in the defense in depth security implementation (if it exists).

Quote:
Originally Posted by kumquat
Many times, cosultants have told me how their guys will break in to our networks (we do pn-testing). Whenever I suggest no results, no fee, they run like a CFB.
Your statement, while a clever quip, is faulty in logic. Of course they would not do it free. As you should know, external security companies do pen tests to verify (audit) that people have implemented (are using) technology properly and/or implementation drift has not opened up holes. Their work is the validation. No company is going to checkout your corporate implementation for free.

-------------------------------------

This is a very real problem... not BS.
__________________
chinaco is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-21-2007, 06:27 AM   #51
Thinks s/he gets paid by the post
teejayevans's Avatar
 
Join Date: Sep 2006
Posts: 1,222
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by mja
Dude, that doesn't matter. I said I would attempt to directly access https://www.fidelity.com
They can point that to any IP address they want, but they (given no compromise of fidelity's key, or one of the root CAs) can't present a certificate that my browser will accept without presenting a warning.
BTW, vanguard has a customize login page (you select a picture and add a
caption) so that you know for sure that you are going to vanguard.com not
trojan site.
__________________
teejayevans is offline   Reply With Quote
Re: Be careful managing assets, accounts, money, over the internet on wireless
Old 05-21-2007, 09:58 AM   #52
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Re: Be careful managing assets, accounts, money, over the internet on wireless

Quote:
Originally Posted by kumquat
they run like a CFB.
Hey, this bunny doesnt run!

Did you mean "cFp"?
__________________

__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


 

 
All times are GMT -6. The time now is 09:16 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.