[clug] Internet banking and browser compatibility

Alex Satrapa grail at goldweb.com.au
Tue Feb 17 22:47:45 GMT 2009

On 17/02/2009, at 21:28 , Sam Couter wrote:

> Aren't X.509 certificates transferrable? I should be able to export  
> the
> certificate to a USB key and carry it to work, right? Right?

Yes BUT.

a) you'd have to have rights on the computer to import X.509 keys.
b) you'd have to trust that the Powers That Be and their minions  
aren't maliciously trying to sniff your X.509 passphrase.
c) you'd have to trust that the computer is not infected with a dozen  
different keyboard sniffer malwares.
d) you'd have to trust …

See the common theme there?

> Does anybody work anywhere that actually does this? I've heard of it  
> as
> a theoretical attack, but not even the network nazis where I work do
> this.

Your network NAZIs are really only network neo-liberals. They're  
nothing compared to what evil is being perpetrated out there in the  
name of "workplace efficiency" and "policing use of work resources."

Have you ever had to sign a stationery request slip when all you  
wanted was 1 highlighter pen? That's the office administrator and  
myself tied up for three minutes filling out paperwork for the sake of  
a $2 pen.

Which reminds me of a quote from a famous movie:
> "The tighter you clench your fist, Tarkin, the more star systems  
> will slip through your fingers."


More information about the linux mailing list