Comments on: Nine Low-Tech Ways to Increase Your Security http://wealthfly.com/blog/2007/10/31/security-attacks-are-changing/ A blog for investment advisors, brokers and financial planners. Tue, 06 Jan 2009 12:26:50 +0000 http://wordpress.org/?v=2.3.3 By: Mike Benson http://wealthfly.com/blog/2007/10/31/security-attacks-are-changing/#comment-418 Mike Benson Fri, 02 Nov 2007 02:56:21 +0000 http://wealthfly.com/blog/2007/10/31/security-attacks-are-changing/#comment-418 Sensitive data should never... never... be accessed from a public computer (like the ones in an internet cafe). You should never access sensitive data using a <a target="_blank" title="Wikipedia WIFI" href="http://en.wikipedia.org/wiki/Wifi">wifi</a> connection in a public location. Many financial firms will not even allow wireless connections inside their own building. <a target="_blank" title="Wikipedia WEP" href="http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy">WEP</a> encryption can be cracked in under 15 minutes and then all your data can be captured. If <em>your</em> computer in <em>your</em> office gets compromised, then your web browser sessions are also compromised. Probably no more than any other software though. An attacker could just key log everything no matter what the application is. Sensitive data should never… never… be accessed from a public computer (like the ones in an internet cafe). You should never access sensitive data using a wifi connection in a public location.

Many financial firms will not even allow wireless connections inside their own building. WEP encryption can be cracked in under 15 minutes and then all your data can be captured.

If your computer in your office gets compromised, then your web browser sessions are also compromised. Probably no more than any other software though. An attacker could just key log everything no matter what the application is.

]]> By: Bill Ramsay http://wealthfly.com/blog/2007/10/31/security-attacks-are-changing/#comment-416 Bill Ramsay Wed, 31 Oct 2007 16:39:11 +0000 http://wealthfly.com/blog/2007/10/31/security-attacks-are-changing/#comment-416 Interesting connection between the last two posts. I took a look at XLR8, and noticed the breadth of data that is stored, and wondered about employees logging on from questionable computers. If you have a compromised computer, to what extent can a thief steal browser displayed data? The combination of names, socials, login usernames and passwords, birthdates, addresses are all there. Interesting connection between the last two posts. I took a look at XLR8, and noticed the breadth of data that is stored, and wondered about employees logging on from questionable computers. If you have a compromised computer, to what extent can a thief steal browser displayed data? The combination of names, socials, login usernames and passwords, birthdates, addresses are all there.

]]>