QuoteMicrosoft has issued a "critical" warning over a newly-discovered flaw in Windows.
In a security advisory, the company warned of a loophole that could be used by malicious hackers to steal private information or hijack computers.
The bug potentially affects every user of the Internet Explorer web browser - around 900 million people worldwide.
http://www.bbc.co.uk/news/technology-12325139
This one really is quite nasty so if are an IE user you should apply this fix now: http://support.microsoft.com/kb/2501696
Thanks Zap :thumb:
Ditto. :thumb:
:thumb:
Cheers Zap, workaround applied.
Now, Rik, if you'd taken the leap of faith to Linux you wouldn't have these sort of probelms :evil:
;D
I have the disc and the machine, even a book, I just haven't had the time. ;)
And you meed to devote a lot of time to Linux.
That's right, Mitch, encourage me. ;D
I have to admit I gave up but might get myself a laptop and dual boot it so can tinker at work.
It's a laptop I plan to convert, Mitch. Having a spare seems a bit redundant these days.
Just go for it.
I bet you can't get it to look and behave like XP though ;)
;D
I'm not playing, then. ;)
The other obvious workaround is not to use IE. The vulnerability lies in ActiveX and Active Scripting. These are not supported in Firefox, Opera, Chrome or Safari. The only thing that supports these abominations is IE. No mainstream bank or financial institution will code their sites so as to be dependent on using IE.
I think Egg requires it fo their money manager actually.
Good reason not to bank with Egg then. ;)
I don't any more :)
Unfortunately First Direct's Internet Banking Plus uses the same tech as I asked about it when I joined them.
All the passwords are supposedly encrypted on your system but I'd rather they be on a bank's server somewhere behind several firewalls.
So is their active scripting something that is fundamental to accessing the site at all or is it only needed for some money management add-on that you can get by without?
I operate on-line bank accounts at Halifax, NatWest, Barclays and Nationwide. They all have different logon and authentication procedures but they all work perfectly in Firefox.
International phone call yesterday from heavily-accented chap claiming to be Microsoft Support and wanting to help. I hung up of course. They don't waste any time do they?
Time is money. ;)
If I ever get one of those calls I'll just tell them I use Linux.
;D
Better yet, Mac OS.
Better still is to never get disturbed by any of these calls. ;)
You're not on commission, are you, Dorset? ;D
Quote from: Rik on Feb 02, 2011, 12:28:31
You're not on commission, are you, Dorset? ;D
I wish.
Quote from: armadillo on Feb 02, 2011, 00:08:02
So is their active scripting something that is fundamental to accessing the site at all or is it only needed for some money management add-on that you can get by without?
I operate on-line bank accounts at Halifax, NatWest, Barclays and Nationwide. They all have different logon and authentication procedures but they all work perfectly in Firefox.
I think the reason they insist on IE for these type of products is because perhaps the code has been developed by a third party and bought in by them.
I've no idea why a plugin hasn't been developed for FF but in any case I would be uneasy about having security passwords stored on my PC even though I'm very rigourous with regard to security.
Yes, I suppose the startups like Egg probably do buy in code as you suggest but the big banks like the ones I mentioned will have their own IT departments.
None of my banking sites stores a password on the PC and some of them make you jump through hoops to login - supply the 1st, 8th and 10th characters of your code word and the 2nd, 4th and 3rd of your PIN (which is not the same as the card PIN)
I do store other passwords on my PC and have never had a problem but, on every password protected site I have ever used, you can choose not to store them and simply enter them each time you login if you wish.
The only time I ever had a credit card hacked it was done in the real world, not in cyber land.
All the banks I deal with do that.
Quote from: armadillo on Feb 02, 2011, 22:55:59
Yes, I suppose the startups like Egg probably do buy in code as you suggest but the big banks like the ones I mentioned will have their own IT departments.
None of my banking sites stores a password on the PC and some of them make you jump through hoops to login - supply the 1st, 8th and 10th characters of your code word and the 2nd, 4th and 3rd of your PIN (which is not the same as the card PIN)
I do store other passwords on my PC and have never had a problem but, on every password protected site I have ever used, you can choose not to store them and simply enter them each time you login if you wish.
The only time I ever had a credit card hacked it was done in the real world, not in cyber land.
I like Barclays option. AFAIK it's a "onetime pad". Which is, for all intense and purpose uncrackable. They would have to physically steal your pin machine on your desk, plus your pin and card/cloned card to get on your internet banking.
Or just turn up to the bank in a convincing disguise. :whistle:
Two of the banks I have accounts with (Barclays and Natwest) have PIN machines.
I hope it doesn't become the standard otherwise I might end up with a drawer full ;D
Nationwide use them too.
Now there's a company I'd never use personally.
My folks have the mortgage and insurance with them, when we all came home from work to find a hole in the extension roof one evening it took my Mum sbout two hours to get to speak to someone who could even begin to get an assessment and repair underway but they wouldn't send anyone out to even throw a tarpaulin over it because of health and safety in torrential rain.
We ended up staying up all night watching buckets fill up with water very slowly.
Luckily the rain stopped next day but took them a further two days to get a surveyor out and then another three for a temporary repair.
The surveyor told us that the whole ceiling would have to be replaced and all because they wouldn't do a thing.
I am insured with them and, when we had subsidence problems, Mitch, they couldn't have been more helpful. I guess you get lucky or unlucky depending on who's assigned to your case.
Indeed, we are going to 'shop around' though when the three years no claims limitation is up.
I can't. Once you've had subsidence, people get very reluctant to take you on - even for contents insurance.
Quote from: pctech on Feb 03, 2011, 16:22:50
Two of the banks I have accounts with (Barclays and Natwest) have PIN machines.
I hope it doesn't become the standard otherwise I might end up with a drawer full ;D
Apparently, those machines are made to a standard. According to Barclays, you can use any bank's card reader for any other bank's card.
http://www.barclays.co.uk/Helpsupport/WhatyouneedwithPINsentry/P1242560258063
It's the last bullet point in "What you also need to know"
I just wish I'd "also known" that before waiting three weeks for Barclays to send me a reader when I already had a Natwest one.
Ah, but at least you got the right colour by waiting, Dill. ;)
I was insured with Nationwide up until 3 years ago, they paid a claim for my lost iRiver 320 MP3 player without any hassle whatsoever. The same when my kitchen window cracked, no fuss to ge it repaired, these are only small claims though.
Mine was about £16k in all, though they got 87% back from the Council in the end. They were very thorough in their monitoring, very good at including things to be replaced, eg patio door, and they moved us out for three weeks to save us having to try and camp in the one room which was unaffected. It was rather fun (though I'd have preferred not to go through it) as we ended up in a house right by the theatre district and could just walk over to take in a show. So we did. :)
Yes, it is the prettiest card reader I've ever seen.
As for Nationwide insurance, I'm glad to see they're making good use of the money I have in one of their savings accounts. I hope they don't make too many payouts before I want my money back ;)
The underwriters change frequently, it was London & Edinburgh (Aviva) when I claimed, then it was Churchill, now it's Liverpool Victoria.
Dill, take it out on Monday, my mortgage settlement arrives in their accounts then.
Quick, form a queue. ;D
Can't Glenn. It's a fixed interest bond.
Quote from: pctech on Feb 03, 2011, 16:22:50
Two of the banks I have accounts with (Barclays and Natwest) have PIN machines.
I hope it doesn't become the standard otherwise I might end up with a drawer full ;D
Oh, but you can do a bit more on the Natwest one without the pin... :whistle:
But Barclays seems to ask EVERY time, so no little slip ups.
Quote from: Rik on Feb 03, 2011, 16:50:46
I can't. Once you've had subsidence, people get very reluctant to take you on - even for contents insurance.
Yep. One of those cruel things. Until/unless the regulators offer some sort of portability of policies. Won't help with price though.
[edit]
Quote from: armadillo on Feb 03, 2011, 17:25:10
Yes, it is the prettiest card reader I've ever seen.
As for Nationwide insurance, I'm glad to see they're making good use of the money I have in one of their savings accounts. I hope they don't make too many payouts before I want my money back ;)
Insurance is not taken from savings accounts (it would never get replenished) but from a big pot of all the insurance premiums (minus costs/profit). This pot is large enough to (hopefully ;)) cover a natural disaster like a city flooding (but not the whole country! :( ) so you should be fine. Some companies share their pot though, so not sure if the overall coverage is shrinking.
You don't get returns on insurance pay outs, so no one would use them as investments. :P
Quote from: Technical Ben on Feb 03, 2011, 21:39:13
But Barclays seems to ask EVERY time, so no little slip ups.
There's a box you can tick on the Barclays payment screen so it doesn't ask every time you pay someone that you've paid before.
It's in the second part of their tour video, where they explain payments.
http://www.barclays.co.uk/Helpsupport/TourPINsentry/P1242559977752
In typical Barclays fashion, the lite version and the full version both show exactly the same video.
Quote from: Technical Ben on Feb 03, 2011, 21:42:06
Insurance is not taken from savings accounts (it would never get replenished) but from a big pot of all the insurance premiums
Indeed. Actually, I think there's some legal restriction on cross subsidy. They do fund mortgages from savings though but it would appear that they are not very forthcoming with mortgages at the moment anyway. I am not genuinely worried about savings and I don't have all my eggs in one basket.