[Gllug] how safe is linux against identity thief

[James Laver]

On 24 Mar 2009, at 15:17, Harry Rickards wrote:
> (I'm not a security expert, as you can probably tell) it seems to be
> the industry standard.
>
> Harry

Well firstly if you don't know something, sit back and learn from the  
answers of others .

Secondly, windows is the industry standard for desktops, does this  
mean we should all use it?

As far as this goes, if it was internet based, it was likely social  
engineering. Other than that it may have been a compromised cashpoint  
(i understand there are a few in london) or someone at the bank  
selling details.

Somewhat meandering off-topic, lets talk about Chip and Signature.

Before chip and pin cards, banks were liable for any fraud through  
forged signatures. When chip and pin came about, this shifted  
liability to the cardholder as the legal protections we had against  
fraud were not updated with the shift to chip and pin. That situation  
hasn't changed and all you're relying on is that banks won't want to  
lose face by not fully complying with the banking code.

Along with chip and pin, chip and signature cards were introduced, for  
people who would have difficulty typing their pin (e.g. people with  
certain types of disability). You need not be disabled to get one, of  
course, and you'll be covered by the existing legislation until the  
law catches up with chip and pin.

HSBC were more than happy to supply one, once I got to speak to  
someone who actually knew what C+S was (according to RNIB research,  
all the banks are really quite atrocious about training their staff on  
C+S).

Of course you'll have to explain why you aren't entering a pin in  
every shop you want to use it in. And IKEA Croydon refuse to accept  
it, in direct contravention of the DDA.

</rant>

--James

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug