Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




552 posts

Ultimate Geek

Subscriber

#270656 20-May-2020 16:33
Send private message quote this post

Just seen this news article https://www.geekzone.co.nz/content.asp?contentid=23249

 

Anyone done some more research into this but from what i have read from a quick google search Norton are actually selling a Man in the middle attack as security!

 

Is there more to this than i'm missing but from first impressions wow that's bad.





Geoff E


Create new topic
267 posts

Ultimate Geek


  #2487327 20-May-2020 18:05
Send private message quote this post

Yeah I read that Geekzone article this afternoon and had to wonder what exactly the point of that was. I can't see much value in it personally.





Ant  Reformed geek | Referral links: Electric Kiwi  Sharesies  Stake




552 posts

Ultimate Geek

Subscriber

  #2487341 20-May-2020 18:38
Send private message quote this post

https://support.norton.com/sp/en/au/home/current/solutions/v131585157 the last item confirms my suspicions. So yes it is as bad as it looks.

 

If you have norton you really should disable this. Not only will you break the banks protections I would expect this would violate your banks terms of service.





Geoff E


 
 
 
 


467 posts

Ultimate Geek

Lifetime subscriber

  #2487389 20-May-2020 20:35
Send private message quote this post

Call me a novice here - but my basic understanding with NZ banks in particular is that:

 

     

  1. Every bank has its own URL and that using any URL that is not that of their Internet Banking service is insecure (at least).  I am with the ANZ, so internet banking should always be with an anz.co.nz website.
  2. Your bank guarantees the integrity of their website as in (1).
  3. The use of any third party service (such as that promoted by Norton) potentially invalidates (2).

 

My approach to this would be to look at my bank's documentation on Internet Banking security, or to ask my bank direct, if there is any value-add to a third party Internet Banking security product.  If the bank recommends such products consider the product bank-endorsed, if not consider it valueless.

 

Am I wrong?





--

OldGeek.


/dev/null
9302 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #2487407 20-May-2020 21:17
Send private message quote this post

While I work for a large bank which many of you guys know about what I am about to say is on a more unofficial level and relates to all banks here in NZ.

 

As you know, all banks have a Internet Banking term of service. You're best to check with your own bank regarding this, but for most of them it basically says "only login to Internet Banking on your own computer, and keep your details away from third parties", breaching this is essentially breaching the banks trust to you as a customer as you're both putting yourself and them at risk. If they have any suspicion that you've leaked your internet banking details to a third party this could mean you're not covered for any fraud that may occur down the line.

 

Lets use the following example. Customer uses POLi and logs into their internet banking. As they've provided their details to a third party (and the bank can very easily pick up on this) they have breached their internet banking terms and conditions. Now imagine if that same customer gets phished, or is reusing passwords (by the way - keep track on https://haveibeenpwned.com for this aspect) and a large sum of money gets transferred out of their account by any third party, the bank can turn around and say "nope" to refunding that money back as the customer put themselves at risk of fraud and what's to say the reason for the leak was POLi.

 

This is why banks don't allow such systems, and why systems like POLi as an example make me nervous as there is no knowing, apart from their word what information is collected, how secure their systems are etc. Banks are a huge target as it is but allowing such systems access to your internet banking widens this target.

 

Security software is also not safe from compromise. Take a look at Kaspersky as an example which has seen several high profile incidents.

 

So, with my security hat on, and my banking hat off, until I have fully verified what Norton is doing here (however on the surface it does appear they are doing a man in the middle) you're not only breaching your internet banking terms of service by using such a tool (unless, if your bank has explicitly allowed this) but you may be putting yourself at further unnecessary risk. I'm in no way qualified to make an official statement for whom I work for hence why I have not named any names. Most banks protect you and have rather sophisticated detection for common malware baked into their internet banking - if you behave, then believe me when I say your bank will look after you.

 

Also, seriously, ensure all your devices are up-to-date with the latest operating system patches / releases. This includes anyone holding back on updating their iPhone or iPad to the latest version of iOS.





1508 posts

Uber Geek


  #2487414 20-May-2020 21:46
Send private message quote this post

geocom:

 

https://support.norton.com/sp/en/au/home/current/solutions/v131585157 the last item confirms my suspicions. So yes it is as bad as it looks.

 

If you have norton you really should disable this. Not only will you break the banks protections I would expect this would violate your banks terms of service.

 

 

If you use anything Norton you should switch.


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

OPPO Find X2 Lite brings flagship features to mid-range 5G smartphone
Posted 29-May-2020 12:52


Sony introduces the digital camera ZV-1 for content creators
Posted 27-May-2020 12:47


Samsung Announces 2020 QLED TV Range
Posted 20-May-2020 16:29


D-Link A/NZ launches AI-Powered body temperature measuring system
Posted 20-May-2020 16:22


NortonLifeLock Online Banking Protection now available for New Zealand banks
Posted 20-May-2020 16:14


SD Express delivers new gigabyte speeds for SD memory cards
Posted 20-May-2020 15:00


D-Link A/NZ launches Nuclias cloud managed network solution hosted in Australia
Posted 11-May-2020 17:53


Logitech introduces new video streaming solution for home studios
Posted 11-May-2020 17:48


Next generation Volvo cars to be powered by Luminar LiDAR technology
Posted 7-May-2020 13:56


D-Link A/NZ launches Wi-Fi Certified EasyMesh system
Posted 7-May-2020 13:51


Spark teams up with Microsoft to bring Xbox All Access to New Zealand
Posted 7-May-2020 13:01


Microsoft plans to establish its first datacenter region in New Zealand
Posted 6-May-2020 11:35


Genesis School-gen has joined forces with Mind Lab Kids
Posted 1-May-2020 12:53


Malwarebytes expands into privacy with fast, frictionless VPN
Posted 30-Apr-2020 16:06


Kordia to donate TV airtime on Channel 200 to community groups
Posted 30-Apr-2020 16:00



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.