[Hidden-tech] Safari question

[B. Kimo Lee]

Ditto what Chris said...
I never save my bank login info onto something that could be stolen,  
or confiscated while traveling abroad...
(Even though I do have my book password protected.)
Kimo


On Feb 14, 2008, at 12:53 PM, Chris Hoogendyk wrote:

>   ** The author of this post was a Good Dobee.
>   ** You too can help the group
>   ** Fill out the survey/skills inventory in the member's area.
>   ** If you did, we all thank you.
>
>
> Color me paranoid, but one of my responsibilities is systems,  
> network & internet security. I do use my home computer for online  
> banking, bill paying, credit card management, online purchasing,  
> etc. However, there are a couple of ground rules that I always follow.
>
> (1) I never, ever let my browser save personal information,  
> usernames or passwords. I always type them in myself. If your  
> machine is every compromised, or stolen, or just left alone so that  
> someone can access it (say they broke into your house), it is just  
> too easy to look at the bookmarks, see a bank or credit card link,  
> go to it, and (oh joy, the magic) it remembers your login and  
> password, and suddenly someone else is in your account shuffling  
> stuff around.
>
> (2) I never, ever put any paper that has such private information  
> in the trash without passing it through a good shredder. Identity  
> theft has become all too common.
>
> (3) I never, ever click on a link from an email to do anything that  
> involves personal data or that I expect to be secure. I always go  
> to my bank, credit card, etc. from my own bookmark links or by  
> typing in the URL directly. Spammers are very very good at making  
> emails that look like the real thing, that have forged from  
> addresses that look good, but that one critical link you have to  
> click on to do whatever it is they want you to do has a hidden IP  
> address underneath and goes to a fake website. That fake web site  
> siphons off your personal information, account login, etc. and/or  
> downloads a trojan to your computer.
>
> (4) I never, ever do anything online involving money that I expect  
> to be secure on a Windows PC. There are just far too many  
> compromises, viruses, trojans, keyloggers, etc. out there that hit  
> PC's. I'm sure there are those who will be up in arms to defend  
> PC's, but I don't really care. If you want to know why you get so  
> much spam in your email (it now constitutes the majority of the  
> mail on the internet), it's in significant part because there are  
> huge armies of botnet PCs controlled by spammers, and the owners of  
> those PCs have no clue they are owned. Even on a private network  
> here at work, where PCs are not addressable or scannable from the  
> internet, we periodically have to clean up compromised PCs.
>
> (5) My home computer is the latest Mac OS X, with the latest  
> updates and patches, with all the security settings intact; but,  
> nevertheless, it is on a private network behind a firewall and  
> cannot be directly addressed from the internet.
>
> (6) If I had a laptop, I would never do any kind of online banking  
> or financial transactions that I expected to be secure from any  
> public wireless network. Even if you are using a secure connection,  
> there is just too much hostile activity and probing going on on  
> public wireless networks. If I had a laptop, I might even choose  
> not to ever use that laptop for online banking even when I had  
> returned it to home base and was on a private network behind a  
> firewall. It's sort of like when you're giving blood and they ask  
> all those questions -- have you ever . . . , in the last year have  
> you . . . , etc. It doesn't mean you're infected. It just means  
> there is a significant risk involved.
>
> OK, maybe all that was a bit overboard. But saving usernames and  
> passwords for autofill for online banking just set me off like a  
> blow torch to the fuel tank. Major, major security breach.
>
>
>
> ---------------
>
> Chris Hoogendyk
>
> -
>   O__  ---- Systems Administrator
>  c/ /'_ --- Biology & Geology Departments
> (*) \(*) -- 140 Morrill Science Center
> ~~~~~~~~~~ - University of Massachusetts, Amherst
> <hoogendyk at bio.umass.edu>
>
> ---------------
> Erdös 4
>
>
>
>
> Annamarie Pluhar wrote:
>> Hi Jeff,
>> I'm not sure if this is your answer but I don't have that problem.  
>> There is a setting Safari/Preferences/Autofill  select User names  
>> and passwords.  I think that should let you save it.
>> Related question: How does one "get" Keychain to save a password  
>> if you changed your mind after you've told it never to save?
>>
>>
>> Annamarie Pluhar
>>
>> *Pluhar Consulting*
>> Helping organizations live their values
>> /
>> /
>> /http://www.pluharconsulting.com/ <http://www.pluharconsulting.com/>
>> /s//trategic solutions/
>> /f//acilitation /
>> /t//raining/
>> /instructional design/
>>
>> /802.451.1941/
>> /802.579.5975 (cell)/
>>
>>
>> On Feb 13, 2008, at 4:52 PM, Jeff Rutherford wrote:
>>
>>> I have a Safari/Apple question that hopefully someone can answer.  
>>> I do a lot of online banking and checking various credit card  
>>> balances online, and I repeatedly get prompted with "This is a  
>>> personal computer, please remember my info."
>>>
>>> However, no matter how many times, I choose that option, every  
>>> time I revisit a site, I'm prompted yet again as if I've never  
>>> visited the site before. When I used a PC, I never had this issue.
>>>
>>> Is there some Safari or Apple setting that I can change, so that  
>>> my info for these various sites is remembered?
>>>
>>> Jeff
>>>
>>>
>>>
>>> Jeff Rutherford
>>> jeff at jeffrutherford.com <mailto:jeff at jeffrutherford.com>
>>> 413 369-4128 - phone
>>> 866 677-4108 - fax
> _______________________________________________
> Hidden-discuss mailing list - home page: http://www.hidden-tech.net
> Hidden-discuss at lists.hidden-tech.net
>
> You are receiving this because you are on the Hidden-Tech  
> Discussion list.
> If you would like to change your list preferences, Go to the  
> Members   page on the Hidden Tech Web site.
> http://www.hidden-tech.net/members