That's kinda true. I don't want a microprocessor or anything security
related coming from China or Russia, for instance. Sure, they
manufacture most of the laptops - but they don't make the chips like
CPU's or TPM's. The manufacturing process is also watched closely by
American companies that brand them.
Oops.. I do run Kaspersky AV though!
I know, but trust has to be placed somewhere - even if its not complete
trust. Kaspersky has caught nasties before they could do any damage
since I tend to click on some sites for research purposes that by their
very nature have malware (not pr0n BTW).
I'm usually careful enough to use a VM, but sometimes I forget or don't
realize the potential for harm on a site before I visit or download
If the En-essay wants something off my computer, they will get it. If
not by technical means, then by intimidation by men in suits with a
BTW... the 2nd phase technical audit for Truecrypt came out last week.
Its safe cryptologically.
My mere defense is UTM in front of my home network. First thing every
morning I do is checking any sign of funnies or suspicion over night.
From my working day experience, anything everything can be broken if
enough time is taken.
That isn't true. Europe went to EMV first because their phone system for online
authorizations was either non-existant or charged very expersive per call rates.
EMV cards have one option where transactions can be authorized by the card and
then uploaded to the bank at a later time.
The US didn't havethat problem and the number of credit terminals in the US is
several orders of magnatude greater than in the EU, so upgrading them for a
problem that didn't exist in the US made no financial sense.
The phone system isn't a problem in the EU now, but the EMV chip card does work
for certain newer threats, so the US is moving to implement it. Where US
merchants and banks have an big problem is paying huge sums of money to upgrade
their credit terminals, and then be told in a couple of years - "Oh, never mind.
We've decided to use scanners that can read smart phones."
There are only two other countries besides the US that don't use the
metric system. We are also behind in high-speed broadband. In S. Korea
500Mib/s is common. I pay $56 (with tax included) for 75Mib/s (and I
have yet to see it, speed tests usually come in about 50Mib/s). I don't
see credit card chip & pin as being "behind" though. I've never had a
problem disputing a charge. I don't want to remember a bunch of PINs. I
have enough to remember! Besides, sometimes I lend my bank card to
someone - I tell them to choose 'credit' rather than 'debit' so I don't
have to give away the PIN.
| The chip cards in Canada are all chip-pin.
| If the US banks do any different they are more foolish than I even
| thought. They HAVE to be chip and pin to work with the Interac banking
| system. (world wide interbank system)
From what I've read, US cards will be chip
and signature or chip and no signature for small
purchases. (We're Americans. We shouldn't have
to remember numbers or interrupt our phone
conversation to type on a dirty keypad. :)
Signature is useless for security. My own
signature written with a plastic pen on a touch-
sensitive pad looks like a 2-year-old's drawing.
I can't believe there's any check on that. It's
probably only used so that I can't easily say I
never made the purchase.
Chip and PIN sounds like it might OK. On the
other hand, why not stripe and PIN, to avoid
contactless reading? It seems to me that the
rush to achieve some fantasy of "space age"
convenience and techno-pizzazz is resulting in
a lot of dubious designs and decisions. Chips
naturally bring in all the issues of non-secure
communication, as is true of wi-fi computing:
It's convenient, it's not generally *too* risky,
but it simply can't be made as secure as direct
ALL chip cards have a PIN number - but foolishly some US banks (US
Bank being one) are not implementing the PIN security on their cards
and banking system.
If you ask your bank to have the PIN enabled, your american bank cards
will work world-wide in chip and pin terminals, and will still work,
without the PIN, in USA
HomeOwnersHub.com is a website for homeowners and building and maintenance pros. It is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.