Epassporte adds useless security features - GoFuckYourself.com

AlexShark · 12-18-2007, 11:50 AM

So now epassporte asks me to enter 3 security questions, now sorry but it's completely useless stuff

If the poor victim has a keylogger installed it will get the keystrokes of the security answers in the same way it gets the username and password...

I think epass guys only know password stealing by phishing sites and no other ways ... newbies :P

A simple java screen keyboard would have limited the damage, but that seems just off limits for multi billion company like epass!

Maybe they are just curios about our grannies names or first time we had sex in life

Damian_Maxcash · 12-18-2007, 11:52 AM

Better than most of the banks I have seen....

CC · 12-18-2007, 12:01 PM

Quote:

Originally Posted by Damian_Maxcash

Better than most of the banks I have seen....

VERY true. I'm happy with epass's new security measures; it's definitely a step in the right direction.

AlexShark · 12-18-2007, 12:03 PM

You obviously know fuck all and you will eat your balls when u will see missing funds sooner or later ;)

WarChild · 12-18-2007, 12:07 PM

Quote:

Originally Posted by AlexShark

You obviously know fuck all and you will eat your balls when u will see missing funds sooner or later ;)

Interstingly enough the vast majority of Epassporte users have NOT been losing their funds. This makes your statement ridiculous.

Yngwie · 12-18-2007, 12:07 PM

if you're worried about having a keylogger open up notepad, type out a paragraph which contains the secret answers along with other crap text, copy the text you want, paste in in the answer box and do that for the other 2 as well. This way IF you do have a keylogger it will not get the exact answer.

Even better, type out a paragraph of text in notepad with the words of the answer scattered throughout the text and copy/paste... copy/paste etc.. There are easy ways to fuck a keylogger.

Usually, with IE and Firefox at least, it will keep info you out in those answer boxes. That way you don't have to type it out. Just use the down arrow, select the answer and voila.

At least there is some safety.

Yngwie · 12-18-2007, 12:08 PM

Quote:

Originally Posted by AlexShark

You obviously know fuck all and you will eat your balls when u will see missing funds sooner or later ;)

I've had my account for almost 4 years and never lost 1 penny.

AlexShark · 12-18-2007, 12:08 PM

webmoney.ru or fethard.biz are something they should look at when thinking about security

WarChild · 12-18-2007, 12:09 PM

Quote:

Originally Posted by Yngwie

I've had my account for almost 4 years and never lost 1 penny.

Sames goes for me.

AlexShark · 12-18-2007, 12:10 PM

Quote:

Originally Posted by Yngwie

I've had my account for almost 4 years and never lost 1 penny.

If noone had ever lost a penny in these years they would have not bothered adding security questions, obviously

Cradle · 12-18-2007, 12:10 PM

good step but its annoying as well ;x

WarChild · 12-18-2007, 12:12 PM

Quote:

Originally Posted by AlexShark

If noone had ever lost a penny in these years they would have not bothered adding security questions, obviously

Who said nobody? You implied that eventually it will happen to everyone, which is ridiculous.

AlexShark · 12-18-2007, 12:13 PM

Quote:

Originally Posted by WarChild

Who said nobody? You implied that eventually it will happen to everyone, which is ridiculous.

It happened and will happen of course, why do u think some countries had limited access on transfers etc? Just because they are racists?

TidalWave · 12-18-2007, 12:14 PM

alexshark, i guarantee that everyone has lost money from EVERY online payment transfer system.
your arguement is bad

AlexShark · 12-18-2007, 12:17 PM

Quote:

Originally Posted by TidalWave

alexshark, i guarantee that everyone has lost money from EVERY online payment transfer system.
your arguement is bad

well my original theme was that the security features they just added are pretty useless, of course every system has leaks

The Judge · 12-18-2007, 12:17 PM

Undetectable Russian rootkits also take a copy of your clipboard every time it changes so anything you copy/paste is sent too.

AlexShark · 12-18-2007, 12:18 PM

Quote:

Originally Posted by The Judge

Undetectable Russian rootkits also take a copy of your clipboard every time it changes so anything you copy/paste is sent too.

Or u can just backup protected storage to server with pstore.cpp

sortie · 12-18-2007, 12:56 PM

Quote:

Originally Posted by AlexShark

well my original theme was that the security features they just added are pretty useless, of course every system has leaks

It works to stop phising emails without a doubt. If you don't see the correct info on the page then you know the page is fake.

There is very few ways to protect a site if someone has a compromised login from a key logger etc...

It seems like you are expecting miracles from epass that noboby else has solved either.

kovacs · 12-18-2007, 01:03 PM

Quote:

Originally Posted by Yngwie

if you're worried about having a keylogger open up notepad, type out a paragraph which contains the secret answers along with other crap text, copy the text you want, paste in in the answer box and do that for the other 2 as well. This way IF you do have a keylogger it will not get the exact answer.

Even better, type out a paragraph of text in notepad with the words of the answer scattered throughout the text and copy/paste... copy/paste etc.. There are easy ways to fuck a keylogger.

Usually, with IE and Firefox at least, it will keep info you out in those answer boxes. That way you don't have to type it out. Just use the down arrow, select the answer and voila.

At least there is some safety.

retard

Jet - BANNED FOR LIFE · 12-18-2007, 01:07 PM

Quote:

Originally Posted by AlexShark

fethard.biz

great idea, considering they've had all their system money stolen just month ago

Michael O · 12-18-2007, 01:24 PM

Quote:

Originally Posted by AlexShark

So now epassporte asks me to enter 3 security questions, now sorry but it's completely useless stuff

If the poor victim has a keylogger installed it will get the keystrokes of the security answers in the same way it gets the username and password...

I think epass guys only know password stealing by phishing sites and no other ways ... newbies :P

A simple java screen keyboard would have limited the damage, but that seems just off limits for multi billion company like epass!

Maybe they are just curios about our grannies names or first time we had sex in life

You only have to enter the security question the first time you log in from a computer so if your computer is clean you have nothing to worry about.
If you log in from a different computer that have a keylogger installed then there is 2/3 risk that it picks up the security question.

Keep you system clean and don't use the same password you use at other sites and you won't have a problem.

Yngwie · 12-18-2007, 01:44 PM

Quote:

Originally Posted by kovacs

retard

hey, at least I don't have a computer infected with a shit load of crap. I've NEVER had any $ stolen from any bank or financial type site. Call me what you want, but I won't resort to childish name calling.

Grow up and post something helpful instead of trying to look "cool" calling people names.

quantum-x · 12-18-2007, 02:30 PM

If you're rootkitted, then it's not epasses fault, your bank's fault, or myspaces fault. It's YOUR fault.

Kimo · 12-18-2007, 02:33 PM

some online banks use the same exact security method, i am happy with the new features.

teg0 · 12-18-2007, 03:49 PM

Quote:

Originally Posted by AlexShark

So now epassporte asks me to enter 3 security questions, now sorry but it's completely useless stuff

If the poor victim has a keylogger installed it will get the keystrokes of the security answers in the same way it gets the username and password...

I think epass guys only know password stealing by phishing sites and no other ways ... newbies :P

A simple java screen keyboard would have limited the damage, but that seems just off limits for multi billion company like epass!

Maybe they are just curios about our grannies names or first time we had sex in life

The same thing goes for pretty much all security online. The biggest security hole anything is the human factor. Don't do retarded things, like running windows. If you're paranoid check for hardware keyloggers. Don't do anything sensitive on any open or non-encrypted wireless networks. In the end it doesn't matter what any site offers as security if the users are retards.

Your post fails

The Judge · 12-18-2007, 04:00 PM

How is it your fault? No antivirus detect that.

Quote:

Originally Posted by quantum-x

If you're rootkitted, then it's not epasses fault, your bank's fault, or myspaces fault. It's YOUR fault.

J. Falcon · 12-18-2007, 04:21 PM

Quote:

Originally Posted by AlexShark

If noone had ever lost a penny in these years they would have not bothered adding security questions, obviously

Wow that made no sense at all.

hardcoreblogger · 12-18-2007, 04:21 PM

some stupid fucks will bitch about anything epass does

madfuck · 12-18-2007, 05:16 PM

sounds lik it might help but who knws, you can try it...tht never hurts anyone...

quantum-x · 12-18-2007, 06:25 PM

Quote:

Originally Posted by The Judge

How is it your fault? No antivirus detect that.

I'm staggered here, I really am. It's your hardware, it's your software. You're responsible for it. Epass has absolutely no fault if your PC is compromised / fucked up.

VeriSexy · 12-18-2007, 06:53 PM

Well it's better then nothing

JD · 12-18-2007, 08:27 PM

and ups their fees according to the email I got...

12-18-2007, 11:50 AM	#1
AlexShark Confirmed User Industry Role: Join Date: Nov 2003 Location: Europe Posts: 476	Epassporte adds useless security features So now epassporte asks me to enter 3 security questions, now sorry but it's completely useless stuff If the poor victim has a keylogger installed it will get the keystrokes of the security answers in the same way it gets the username and password... I think epass guys only know password stealing by phishing sites and no other ways ... newbies :P A simple java screen keyboard would have limited the damage, but that seems just off limits for multi billion company like epass! Maybe they are just curios about our grannies names or first time we had sex in life __________________

12-18-2007, 12:03 PM	#4
AlexShark Confirmed User Industry Role: Join Date: Nov 2003 Location: Europe Posts: 476	You obviously know fuck all and you will eat your balls when u will see missing funds sooner or later ;) __________________

12-18-2007, 12:07 PM	#6
Yngwie I am an Alien from space Industry Role: Join Date: May 2003 Location: Ontario, Canada Posts: 11,118	if you're worried about having a keylogger open up notepad, type out a paragraph which contains the secret answers along with other crap text, copy the text you want, paste in in the answer box and do that for the other 2 as well. This way IF you do have a keylogger it will not get the exact answer. Even better, type out a paragraph of text in notepad with the words of the answer scattered throughout the text and copy/paste... copy/paste etc.. There are easy ways to fuck a keylogger. Usually, with IE and Firefox at least, it will keep info you out in those answer boxes. That way you don't have to type it out. Just use the down arrow, select the answer and voila. At least there is some safety. __________________ ICQ: 16544251 - Skype: gator37 @ eastlink.ca - email: yngwie @ isys.ca

12-18-2007, 12:08 PM	#8
AlexShark Confirmed User Industry Role: Join Date: Nov 2003 Location: Europe Posts: 476	webmoney.ru or fethard.biz are something they should look at when thinking about security __________________

12-18-2007, 12:10 PM	#11
Cradle meh Industry Role: Join Date: Apr 2004 Location: the beach Posts: 1,438	good step but its annoying as well ;x __________________

12-18-2007, 11:52 AM	#2
Damian_Maxcash So Fucking Banned Join Date: Oct 2002 Location: MaxCash.com Posts: 12,745	Better than most of the banks I have seen....

12-18-2007, 12:14 PM	#14
TidalWave Confirmed User Industry Role: Join Date: Sep 2007 Location: Los Angeles Posts: 2,706	alexshark, i guarantee that everyone has lost money from EVERY online payment transfer system. your arguement is bad __________________ www.SwiftNode.com

12-18-2007, 12:17 PM	#16
The Judge Confirmed User Join Date: Jan 2006 Location: Mobile, AL Posts: 1,647	Undetectable Russian rootkits also take a copy of your clipboard every time it changes so anything you copy/paste is sent too. __________________

12-18-2007, 02:30 PM	#23
quantum-x Confirmed User Join Date: Feb 2002 Location: ICQ: 251425 Fr/Au/Ca Posts: 6,863	If you're rootkitted, then it's not epasses fault, your bank's fault, or myspaces fault. It's YOUR fault.

12-18-2007, 02:33 PM	#24
Kimo ... Join Date: Jan 2006 Location: Maryland ICQ:87038677 Posts: 11,542	some online banks use the same exact security method, i am happy with the new features. __________________ ...

12-18-2007, 04:21 PM	#28
hardcoreblogger Confirmed User Join Date: Jul 2006 Location: Where the wild things are Posts: 761	some stupid fucks will bitch about anything epass does __________________

12-18-2007, 05:16 PM	#29
madfuck Registered User Join Date: Oct 2004 Posts: 2,032	sounds lik it might help but who knws, you can try it...tht never hurts anyone...

12-18-2007, 06:53 PM	#31
VeriSexy Join The Royal Family Join Date: Apr 2002 Posts: 25,463	Well it's better then nothing __________________ Looking for a KICK ASS TEEN SPONSOR? Check out ROYAL CASH - THE KING OF TEEN! Incredible webmaster tools FHGs, Morphing Blog and RSS Feeds, Embedded FLV & WMV Videos. With TOP RATIO Sites like TeenStarsOnly.com - Earn $$ with our New Site & Bonus Payouts!! ATMovs.com \| iTeenVideo.com \| TeenSexMovs.com \| TeenSexMania.com

12-18-2007, 08:27 PM	#32
JD Too lazy to set a custom title Industry Role: Join Date: Sep 2003 Posts: 22,651	and ups their fees according to the email I got...