Friday, January 18, 2013

PSA Security & Hacking: Shylock Banking Trojan now spreading via Skype

Primary source

As someone that is computer security conscious, I avoid online banking completely.

For friends, family, & others that insist on online banking I suggest either of the following:

  • Use a Live CD, Brian Kreb has excellent articales on how to do this or
  • Use a recent iOS device, iPhone 4S or newer, iPad 2 or newer, iPod Touch 5th generation or newer.  There are significant hardware security improvements that started with those respective devices. 
I also strongly suggest if using the iOS devices, to turn off Simple Passcode, and use a Pass Phrase, even if you don't lock your iOS device all the time, this will enable whole device encryption.

Clear instructions & screenshot for turning off Simple Passcode

The reason for this, is that a hacker with right software, can use a computer to try passwords, they can also bypass the 10 try feature.

So if your using the Simple Passcode, which is just a 4 digit number, they will probably be able to hack it in less than an hour.

However, if you use a Pass Phrase, like I <3 my iPad.  I hate green beans! the hacker will have a much more difficult time.  [Note, don't use that pass phrase, it is just to illustrate the concept.]

Since instead of only 4 numbers, there are 34 characters, counting the blank spaces, plus your using uppercase letters , lowercase letters, numbers, special characters, and blank spaces.

The hacker won't have any idea how long your password is, and by using at least one of all possible upper/lower case, numbers, symbols, and blank spaces you make hackers job a lot harder.

For more on passwords see

Additional links:

No comments:

Post a Comment