Oliver Wong wrote:
> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message
> news:1576885.lv0c8tmYDK@xxxxxxxxxxxxxxxxxx
>> HSBC denies internet bank accounts vulnerable
> "Keyloggers" is an OS-agnostic concept
I'd have to agree that keylogging is OS agnostic, as is tempest
attacks, however the point that is being made (stretched?) is that it
is almost exclusively *Windows* that is vulnerable to the malware that
deploys these keyloggers.
In fact I have never personally even *heard* of a keylogger being
deployed through malware to a Linux box; IME such things have only
been know to happen as a result of *direct* hacking attacks (ssh?).
So this is a problem, *not* because of the bank's policies, but simply
because of the inherent insecurity of Windows.
However, as the article implied, *other* banks employ methods not
vulnerable to keylogging (e.g. "select letter 2, 3 and 6 from your
password, from the drop-down boxes"). I know for example that Cahoot
do that. It is obviously a great enough concern for other banks to
make the effort; so the HSBC should too.
--
K.
http://slated.org - Slated, Rated & Blogged
This message has not been photoshopped in any way.
Fedora Core release 5 (Bordeaux) on sky, running kernel 2.6.16-1.2133_FC5
20:55:53 up 53 days, 21:12, 1 user, load average: 0.67, 0.61, 0.64
|
|
