Jump to content

Recommended Posts

Posted
14 minutes ago, Pickwick said:

I'd be (genuinely) grateful if you could expand on why you think bank apps are less secure than internet banking. I have never worked in IT so I have no expertise, but months of research before coming to Thailand led me to believe apps were more secure (with the caveat that you have downloaded the real app in the first place). Especially if used with WiFi disabled, fingerprint (or similar) to access the app and a secondary measure, such as a password prompt, within the individual apps, when any money is being transferred out. You could, of course, add a VPN to add another level of security.

 

What am I missing that makes the above less than secure than internet banking? Please note: it's a genuine question and not a challenge to prove me wrong. I am always eager to learn from those with more experience/knowledge.

 

I will also add that I am using an HP Chromebook at the moment. The only reason I bought it was to come to Thailand on an extended holiday and wanted to travel light with no checked luggage. I was surprised at how well the combination of ChromeOS and Android worked for me. I do have multiple Google accounts in use and on one I do have the Android part disabled, which is easy to do. I generally like to have the Firefox app running as a back up browser, however.

 

You can use Linux too, and I tried, but I am out of my depth with Linux and was never comfortable using it so reverted to ChromeOS. Surfing/Video Calls/Email/Netflix etc all very easy. I had a bit of work to do when I first bought the Chromebook and used Office 365 without issue over a six month period. I do like most of the Google software (though only require basic spreadsheets in Sheets, so cannot answer one of the questioned posed in a previous post).

 

The only problem I encountered was on an older website I found when trying to practise Thai tones. It had some software you could download to practise your tones but the download files were only available for Windows or Mac. 

I hear you and will give a brief reply - busty today catching up on 'paperworek' as they say here.

 

The first and biggest issue is the device itself. Phones just do not have the ability (Os etc) to preclude intrusion by other apps and when browsing online - such as that a computer can have. I was a business guy so I cannot give all the technical details, but as an example it is very easy for pros to hack into a nearby phone than into a nearby computer that has been setip well. I have used iPhones for many years because they are a lot better than Android devices, just for their security - lets alone their control over the apps that can be downloaded. But even they are prone to being hacked by the smarter guys out there. 

The second is that the phone is an obvious physical target - why break into a house for a laptop when you can just steal a phone. They are the preferred device for those that steal to sell to those that hack - and on it goes up the chain.  Not only can they wipe clean your device and re-sell it - they can take out much of the information stored in there - if they think you have money.  Does this house have a laptrop - versus - there is a new Samsung Galaxy. 

In Thailand the IT systems are 'less than optimal' and apps on phones from Thai organisations can be very problemmatic. It is not just the app for the phone - which are inherenbtly much weaker than the apps developed and managed in the west - it is also the other apps which can get access to info on the phone. It astounds me people using online services to buy things on their phones not realising the risks involved - like seeing an old Expat riding a bike without a helmet - why?

When you access an internet website on a computer, you are being 'protected' by both the device itself and the web browser you are using - plus any other added software etc. When you do that on a phone you are using the app direct to the network - not a browser - and most phones (as above) just cannot be protected like a computer.  When an app is given access on your phone it is given access to read all data on your phone - the access permission cannot be set to 'only this data'. 

Last one - the banks etc want you to use their app. Why - no it is not because it is easier - it is because it is cheaper for them to maintain an app, than a website accessed by 'complicated' computers. 

 

VPNs on wireless networks being used by computers. Yes VPNs are 'more secure' because they encrypt what you are sending over the network. But an open network can be used by a hacker to access other devices on the network - not just to see the traffic you send receive. Just dont ever use a laptop on a public network - problem solved.  But when out and about you can use your mobile data network - it is fully encrypted and if yopu set it up right, others cannot gain access.  Plus always use https sites only - many modern browsers will only access them - because the transmissions are encrypted - unlike the old http sites, which some still exist in Thailand. 

  • Thumbs Up 1
  • Agree 1
Posted
11 hours ago, GammaGlobulin said:

Hi Folks,

 

For many years, beginning around the year 2000, I used nothing but the Linux OS.

 

Eight years ago, I went back to Windows OS for teaching purposes.

 

However, now that I have a new computer, I think I will try installing a Linux OS, and I do NOT mean Dual Boot, either.

 

I am not sure, but I think that I can use a Linux OS, exclusively, for teaching purposes.

 

And, also, I cannot afford the big bucks for Windows 11, PRO.

 

Also, I do not like the fact that Windows 11 requires some sort of SIGN-IN.

 

With Linux, nobody asks you to provide so many personal details, or even an email address, or a telephone number, etc.

 

 

============

 

I am perfectly OK with Linux for teaching.

 

But, there are a few applications, such as ADOBE Acrobat, which I might need, and which are not ported to Linux.

 

Still, I can work around these hurdles, I think.

 

=================

 

 

I am tired of being nickeled and dimed to death by software companies which think they can charge me, by the month, for lousy software that they control.

 

Can I teach just as effectively without paying the Software Mafia?

I know that I can.

 

I just need to adapt.

And, I just need to get used to alternative solutions.

 

=============

 

This is not a philosophical post, and I do not care whether or not you might choose to wean yourselves off this TOXIC Software Bandwagon that many seem to be on.

 

There is NO DOUBT in my mind that I can teach just as well using FOSS, or even the opensource software available on the internet, today.

 

=============

 

Just be aware that FOSS and opensource software is NOT the same thing.

 

===========

 

 

Anyway, Folks, ....

 

Once I rid myself of the lousy software, such as Windows, and Adobe, I will feel FREE.

 

I will feel better.

 

I will never, again, worry about paying money to The MAN!

 

Note:  I will feel BETTER!

 

And, I hope you will soon feel better....TOO...!

 

 

FCK these lousy Software Companies who hold us HOSTAGE!

 

==========

 

I will CONTINUE to Go with OPENSUSE....

But, I have heard rumors that the SUSE Enterprise project is now winding down, which can't be good.

Still, maybe OpenSure community will remain strong?

IDK....

 

I have always LOVED SUSE....

 

 

I'm not reading all that. I'm happy for you though or sorry that it happened.

Posted
33 minutes ago, Pickwick said:

I'd be (genuinely) grateful if you could expand on why you think bank apps are less secure than internet banking.

Try this simple thought experiment.

First: 
What type of password do you use for Internet banking?
Generally (if you are smart) a password the is relatively complex containing upper/lower case letters, numbers, and special characters - or - you use a six to eight word phrase generated by following a protocol like Diceware.

What type of password protects your Android/iPhone app?
A 6 digit numerical pin or possibly a passcode pattern.  Basically - no protection at all.

Second:
Where do you enter your password for Internet banking on your computer?
Generally, in the privacy of your own home unless your on the road with a laptop.  Putting a towel over your keyboard (and head) may look stupid in public, but it is secure.  it just depends how risk adverse you are.

Where do you enter your weak-ass pin or passcode pattern on your Andriod of iPhone?
Maybe at home.  But if you are one of those who extol "the convenience of going cashless" you enter both your phone's passcode as well as your banking apps passcode in public.  Now - look around you in a public setting - how many camera do you see?  How many camera don't you see.  Get the picture? (pun intended). 

Third:
If you have any security consciousness at all, you strive to keep you home computer as secure as possible.  Using open-source operating systems and keeping your OS and apps updated, paying attention to physical and computational security and the like.  Granted - anything that isn't "air-gapped" from the Internet can be hacked, but for the average Joe Public who isn't in the cross-hairs of a state security agency, you can probably keep your computer and apps well protected.

On an Android or iPhone?  <laughs>  These OS were developed to harvest user data, and as such, the OS allows application developers to harvest data as well.  Example.  I saw an Android "flashlight" program once that was about 20 MB is size (it takes a few Kb of code to turn the bloody light on).  When you install it, it wants access to just about everything on your phone: files, pictures, contacts, location, yada yada yada - i.e., it essentially spyware as well as bloatware. 

Yes - you can find an occasional Android app that will allow you to place a "real" password on your banking app, but its a poor design that often requires making a copy of the application. It's obfuscation, not security - it's not a secure solution and the design can be easily hacked.  Then you also don't know what access you've granted to all those "useful" apps you've loaded on your Android/iPhone which have access to wayyyyy too much of your phone's capabilities. 

So no - using a banking app (or any app that you need to have a modicum of security) on a phone is at best not a very secure option.  And that, I'm afraid, is by design.

  • Agree 2
Posted

If you live in Thailand you can walk into most pc shops and have any program you want installed for around 300 baht.

No issues at all!

  • Haha 1
Posted
5 hours ago, TroubleandGrumpy said:

I found this topic very interesting. Thought I would throw in my 2cents worth.  I worked in IT&T for 30+ years and I know the issues, but I want to just use the things not manage and run them - too old/grumpy to do it.

I have 3 laptops - one running Win10 and totally locked down with full security etc - I use that for banking etc. One running Win7 that I use for online movies youtube etc. The third is sitting waiting for stand alone Win12 - if not, then whatever I decide later.

All software is either free or bought online - much much cheaper.

The virus/malware industry is a nowadays a bit of a scam - only corporates really need it - and even then it is not guaranteed - but when using online banking it would be foolish not to be 'secure'.

I never (will) use a banking app on the iphone, or any other app that has/requires details of my banks - they are not computers and are inherently insecure - using those sort of apps in a place like Thailand is very risky. 

The malware industry is a bit like the VPN - when all most people really need is an IP clone network - just dont use public/open networks.

My Win 7 laptop is totally open and has never had a problem - only a hardware fail - just reloaded from the backup.

Linuc etc are great for bare bones machines for gamers and others who dont want CPU wasted running a bloated OS.

Chromebook was a great concept and works fine - except when you want an app they dont have or does not run well - plus I like local storage.

 

 

a. I tried using Google Chrome when I was living in ChengDu, ShangHai, Beijing, and Guangdong.  You are right...  NOTHING happened without a VPN.  Without a VPN in China, you can't do anything, other than send XiJinPing a get out of town message.

 

b.  I once tried opening a few Windows files I had saved on a Windows computer, using a Linux computer.  And THIS Happened.  This is the screenshot of my Computer which I saved.  It wasn't pretty.

 

image.thumb.jpeg.037daf74a9818778a5656c24eb966cb9.jpeg

 

No anitmalware/vius/ransomware protection is guaranteed, but better to have it than not to have it.

 

Don't you think?

 

Re: Windows12, I hope I am dead before that trash sees the light of day, and Balmy Balmer, too.

 

 

  • Thanks 1
Posted
5 hours ago, connda said:

Run VirtualBox in Linux and then set up a virtual machine instance in VirtualBox to run Win10 so you can run the few Windows apps that you may need like Adobe Acrobat.

Plenty of tutorials on Youtube to help you along.
https://youtu.be/OWmD8obq4eQ

 

 

I do not want to run VB 24/7.

 

I need an app that runs in Linux, as I previously mentioned.

 

 

Posted
18 hours ago, GammaGlobulin said:

 

a. I tried using Google Chrome when I was living in ChengDu, ShangHai, Beijing, and Guangdong.  You are right...  NOTHING happened without a VPN.  Without a VPN in China, you can't do anything, other than send XiJinPing a get out of town message.

 

b.  I once tried opening a few Windows files I had saved on a Windows computer, using a Linux computer.  And THIS Happened.  This is the screenshot of my Computer which I saved.  It wasn't pretty.

 

image.thumb.jpeg.037daf74a9818778a5656c24eb966cb9.jpeg

 

No anitmalware/vius/ransomware protection is guaranteed, but better to have it than not to have it.

Don't you think?

 

Re: Windows12, I hope I am dead before that trash sees the light of day, and Balmy Balmer, too.

I will only go Win12 if there is an advantage over Win10 for me - and only for the 'safe' laptop.

 

I hear you about malware - but I would start from Bios and blow away the laptop and reinstall from backed up files on ext HDD. I knew a guy that had a separate HDD already setup and he could just install that - that is just a little too far I reckon.  The above never happened to him or I. 

 

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...