[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
tom wrote:Sounds complicated to me.
>
> What we need is sensible bank accounts - a public number that can be
> used to put money in, and another 'secret' # for withdrawing/transfers
> that the honest pubic dont need/want to know about. Simples but not
> simples enough for those grabbing.....
All we need is a sensible authentication step when making withdrawals.
The Clarkson thing was a stunt, as a Direct Debit he could simply have
asked the bank to refund the money taken, and they should have required
a signature (like that is hard to fake) before setting it up. On the
other hand ~25,000,000 had access to his account details and a direct
challenge, and one person succeeded in taking money out.
Paypal happily uses the same identifier for deposits and withdrawals,
and that is known to many parties (often), and that aspect doesn't cause
any issues because you need proper authentication as well.
Although the issue with Paypal is that email security is often very
weak, which is why I have a security key for Paypal (and my online
banking has something similar but more difficult to use - sigh). I
haven't checked how hard it is to grab money from Paypal if you can hack
my email without the token, but I'm guessing at the very least it will
put folks through a "you don't want to use your security token" pathway,
which should have extra safeguards in place (I hope).
Still I wouldn't splash my bank account details as widely as the other
Simon because there is simply no need. Anyone who feels like sending me
large sums of cash need only ask!
Opting out of the electoral register is mostly useful if you do it when
you first move house. I'm opted out, and my address appears in online
databases because they use the older Electoral Register. It also appears
because I was a director of a company, which I always felt was the place
to start with finding personal details of potentially high value
individuals if one was so inclined. Not that my directorship made me
rich, although working for myself was better than any regular job I've
ever had.
Anyone still following this thread without seeing the HOPE conference
talk on Youtube (make sure it is last years not 2006) "Privacy is Dead -
Get over it" by Steven Rambam is probably at a disadvantage.
http://www.youtube.com/watch?v=Vsxxsrn2Tfs
--
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html