Reply to post: Re: The obvious solution is to ban OS X, Android and Linux from the Intertubes.

Halfbreed trojan targets US banks

Anonymous Coward
Anonymous Coward

Re: The obvious solution is to ban OS X, Android and Linux from the Intertubes.

Why not just shutdown online banking/purchases, business really should not be buying anything via a web page. What happened to preferred suppliers and invoicing (or more simply the art of paying as late as possible with direct bank transfers/cheques in the post). Any company worth dealing with should have enough buffer cash to wait until the transfer completes but instead everyone wants to trade with fly by nights who disappear in the morning.

That leaves the rest of the general public who quite frankly would be better only purchasing only from suppliers who will ship only to the purchaser's address with no chance for redirection, that and blocking all transactions with anonymous money transfer systems or other ways for crims to collect the loot.

Online fraud is completely avoidable but it needs everyone to realise that whilst they keep paying the banks for their insufficient security then they will keep paying forever. It also needs the public to understand that any money transfer with someone you cannot see directly is a risky business and the security of their own IT equipment is their responsibility

If you want to stop malware then you have to removed the insecure OS/hardware out of the loop, that means that you wont be doing banking via windows, apple, android etc on any open hardware platform. It is not open so the hardware/software maker is responsible when it is insecure / doesn't work.

Secure Online Banking needs to use a standalone thin client running on dedicated hardware with a secure network connection direct to bank network. No fancy wireless connections no radiation transfer to or from hardware at all, you want to do business with someone remotely then they have to be registered with your bank and provide your bank's supplier ID to set up any transfer. All ID's are at the bank's end and the user gets their own list of preferred suppliers and types in how much to send, home shopping is bank calls user on callerID enabled landline to confirm transaction via use once verbal token exchange, in store is direct connection of smart device with smart interface used to confirm. If telephone or bank system isn't secure then they pay for fraud commited upon it. I Personally would make all transactions final with card holder responsible for any costs in incident of recall, basically if you commit to a purchase then you pay any costs incurred in the event you change your mind half way though same as if you paid cash.

The fact is everyone wants security to be someone else's problem and until the people we trust to look after our money are forced to fix this problem then fraud will continue. currently nothing transferred across the internet or public comms is secure, until there is some ownership by the carriers then then it never will be.

Lastly throw away all your bank cards they are never going to be secure until they are really smart, with their own built in secure comms to link via point of sale/customer's landline, thin client,GPS, camera with decent bio-metric access control and coercion challenges anything less is just more of the same insurance companies paying criminals because everything should be easy and no one wants to fix the problem whilst they are not loosing out. IF you want security then you are better keeping gold under your bed and living in a vault.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2021