[lug] How do you keep your passwords safe while Paying bills and Day Trading at Work?
Stephen Queen
svqueen at gmail.com
Tue Oct 7 05:17:41 MDT 2008
On Mon, Oct 6, 2008 at 9:39 PM, Nate Duehr <nate at natetech.com> wrote:
> Stephen Queen wrote:
>>
>> I, myself would not do personal financial transactions on a company
>> computer over the company network. That would be showing a lot of
>> confidence in your company IT staff that they may not deserve.
>
> More than, say ... a poor telecom worker anywhere along the line? :-)
>
> The network part is simple, all of those transactions are SSL-enabled, or
> better be.
>
> The company computer part -- I agree with in general.
>
> They could have screen capture/savers, keystroke loggers, etc... all with
> implicit permission of the employee via policy -- "Everything may be
> monitored."
>
At the company I work at the administrators have remote access to all
the company computers. They could easily control where the browser
looked for the signed key for an SSL certificate then launch a man in
the middle attack. Or at least in theory this could happen.
Then there is your computer use agreement that you probably signed
when you hired on.
How many people do you know that were actually robbed at knife point
on the street? I bet its not many. You are probably still cautious
about flashing your cash around though. Good habits can get you
through, even when you are unaware.
http://blog.wired.com/27bstroke6/2008/09/from-riches-to.html
Steve
More information about the LUG
mailing list