[Hidden-tech] Safari question

Chris Hoogendyk hoogendyk at bio.umass.edu
Thu Feb 14 12:53:31 EST 2008


Color me paranoid, but one of my responsibilities is systems, network & 
internet security. I do use my home computer for online banking, bill 
paying, credit card management, online purchasing, etc. However, there 
are a couple of ground rules that I always follow.

(1) I never, ever let my browser save personal information, usernames or 
passwords. I always type them in myself. If your machine is every 
compromised, or stolen, or just left alone so that someone can access it 
(say they broke into your house), it is just too easy to look at the 
bookmarks, see a bank or credit card link, go to it, and (oh joy, the 
magic) it remembers your login and password, and suddenly someone else 
is in your account shuffling stuff around.

(2) I never, ever put any paper that has such private information in the 
trash without passing it through a good shredder. Identity theft has 
become all too common.

(3) I never, ever click on a link from an email to do anything that 
involves personal data or that I expect to be secure. I always go to my 
bank, credit card, etc. from my own bookmark links or by typing in the 
URL directly. Spammers are very very good at making emails that look 
like the real thing, that have forged from addresses that look good, but 
that one critical link you have to click on to do whatever it is they 
want you to do has a hidden IP address underneath and goes to a fake 
website. That fake web site siphons off your personal information, 
account login, etc. and/or downloads a trojan to your computer.

(4) I never, ever do anything online involving money that I expect to be 
secure on a Windows PC. There are just far too many compromises, 
viruses, trojans, keyloggers, etc. out there that hit PC's. I'm sure 
there are those who will be up in arms to defend PC's, but I don't 
really care. If you want to know why you get so much spam in your email 
(it now constitutes the majority of the mail on the internet), it's in 
significant part because there are huge armies of botnet PCs controlled 
by spammers, and the owners of those PCs have no clue they are owned. 
Even on a private network here at work, where PCs are not addressable or 
scannable from the internet, we periodically have to clean up 
compromised PCs.

(5) My home computer is the latest Mac OS X, with the latest updates and 
patches, with all the security settings intact; but, nevertheless, it is 
on a private network behind a firewall and cannot be directly addressed 
from the internet.

(6) If I had a laptop, I would never do any kind of online banking or 
financial transactions that I expected to be secure from any public 
wireless network. Even if you are using a secure connection, there is 
just too much hostile activity and probing going on on public wireless 
networks. If I had a laptop, I might even choose not to ever use that 
laptop for online banking even when I had returned it to home base and 
was on a private network behind a firewall. It's sort of like when 
you're giving blood and they ask all those questions -- have you ever . 
. . , in the last year have you . . . , etc. It doesn't mean you're 
infected. It just means there is a significant risk involved.

OK, maybe all that was a bit overboard. But saving usernames and 
passwords for autofill for online banking just set me off like a blow 
torch to the fuel tank. Major, major security breach.



---------------

Chris Hoogendyk

-
   O__  ---- Systems Administrator
  c/ /'_ --- Biology & Geology Departments
 (*) \(*) -- 140 Morrill Science Center
~~~~~~~~~~ - University of Massachusetts, Amherst 

<hoogendyk at bio.umass.edu>

--------------- 

Erdös 4




Annamarie Pluhar wrote:
> Hi Jeff, 
>
> I'm not sure if this is your answer but I don't have that 
> problem. There is a setting Safari/Preferences/Autofill  select User 
> names and passwords.  I think that should let you save it. 
>
> Related question: How does one "get" Keychain to save a password if 
> you changed your mind after you've told it never to save? 
>
>
>
> Annamarie Pluhar
>
> *Pluhar Consulting*
> Helping organizations live their values
> /
> /
> /http://www.pluharconsulting.com/ <http://www.pluharconsulting.com/>
> /s//trategic solutions/
> /f//acilitation /
> /t//raining/
> /instructional design/
>
> /802.451.1941/
> /802.579.5975 (cell)/
>
>
> On Feb 13, 2008, at 4:52 PM, Jeff Rutherford wrote:
>
>> I have a Safari/Apple question that hopefully someone can answer. I 
>> do a lot of online banking and checking various credit card balances 
>> online, and I repeatedly get prompted with "This is a personal 
>> computer, please remember my info."
>>
>> However, no matter how many times, I choose that option, every time I 
>> revisit a site, I'm prompted yet again as if I've never visited the 
>> site before. When I used a PC, I never had this issue.
>>
>> Is there some Safari or Apple setting that I can change, so that my 
>> info for these various sites is remembered?
>>
>> Jeff
>>
>>
>>
>> Jeff Rutherford
>> jeff at jeffrutherford.com <mailto:jeff at jeffrutherford.com>
>> 413 369-4128 - phone
>> 866 677-4108 - fax



Google

More information about the Hidden-discuss mailing list