Gaining access to online banking for the vast majority of users is fruitless. It’s the reason Financial institutions truncate account numbers. Not only that, knowing the correct ABA for the account it tough. Account number and ABA are the two pieces of info you need to know in order to execute a debit on the account. Also he mention wires, you cannot debit an account via a wire.
My above statement only addresses the one example he gave. I think what is more destructive is stored form information in IE. Information like Credit Card numbers can be stored there. You can have much more fun with a CC # than a truncated account #.
That was a script kiddy attack. That does not detract from the real threat. The gentleman does mention this is only one vector out of many. I agree, vista is no more secure than XP. In my opinion, being an educated consumer is the best defense against fraud and identity theft.
This is FUD in the hands of the uneducated, which is the vast majority.
suc Said,
July 30, 2007 @ 12:15 pm
this news is pure FUD
Farley Said,
August 2, 2007 @ 8:14 am
I believe Publisher was patched against this attack on July 10 by the following bulletin: http://www.microsoft.com/technet/security/bulletin/ms07-037.mspx
Tom Ferris Said,
August 3, 2007 @ 9:21 pm
Yeah.. was a nice find.
steve Said,
August 4, 2007 @ 9:29 pm
Gaining access to online banking for the vast majority of users is fruitless. It’s the reason Financial institutions truncate account numbers. Not only that, knowing the correct ABA for the account it tough. Account number and ABA are the two pieces of info you need to know in order to execute a debit on the account. Also he mention wires, you cannot debit an account via a wire.
My above statement only addresses the one example he gave. I think what is more destructive is stored form information in IE. Information like Credit Card numbers can be stored there. You can have much more fun with a CC # than a truncated account #.
That was a script kiddy attack. That does not detract from the real threat. The gentleman does mention this is only one vector out of many. I agree, vista is no more secure than XP. In my opinion, being an educated consumer is the best defense against fraud and identity theft.
This is FUD in the hands of the uneducated, which is the vast majority.
Tom Said,
August 5, 2007 @ 9:49 am
By default, the Telnet server in Vista is disabled, so people cant connect to your PC using Telnet like that guy did in the video.