Essay talk:Online banking authentication recommendations

I am tired. But I am sure this article can be improved. Liberals and real conservatives can probably agree that government invasions of privacy are getting rather burdonsome. Feel free to research and improve. Heart ♥  Gold tx 23:58, 13 June 2007 (CDT)


 * While I agree that invasions of privacy are burdensome, this article seems awfully conspiracy minded. I work for a very large bank and can tell you that the only reason these types of security questions are asked is to assist the customer if they forget their chosen password, or for use as a password itself (as in the case of a mother's maiden name).  Your statement about banks trying to get inside information in order to release damaging personal information is nonsensical.  What kind of damaging information could be released based on the name of your favorite pet, for example?  Stile4aly 00:01, 14 June 2007 (CDT)


 * Hope you don't mind, but I indented your comments. Regarding your comments...If that is the only reason, it is not a good reason.  But it is not the only reason.  The only *official* reason from the financial institutions is that it is required by the feds.
 * In my case, I have banking relations with a half dozen financial institutions, and also want my wife to be able to access these accounts in the case of my demise. Banks aren't trying to get this information, they are being required (recommended) to get this information.  If a password can be copied from a database (security breach) so too can the name of my pet.  If banks want real security, there are better methods (e.g., security codes or cryptographically secure RSA electronic key generators).
 * It sounds conspiracy oriented, because it is. Subjects, like children, are often told that something is the way it is because of X, but the real reason is Y.  You have been misinformed if you think the only reason is to assist customers.  The real reason for the recommendations is partially what you claim, partially (I think) to do post mortems of "persons of interest," and partly to make it seem like banks are doing something to improve security.
 * The biggest risk to banks is the man in the middle attacks that are possible if a sufficiently funded organization or hostile government is able to compromise a DNS server, pointing your browser's request for the IP address of www.yourbank.com to a hostile server that acts as a benign "man in the middle" while allowing you to conduct financial transactions online without hinderance (while collecting the answers to all of the ridiculous questions for thousands of daily users). Another very big risk is a malicious bank information technology employee who has access to the database where this information is kept.
 * These extra authentication steps do not improve security, they only appear to improve security to those who don't know where the real threats are.
 * RSA number generators would be much more secure than collecting biographical questions and answers.
 * Also, banks would release the information to the feds, pursuant to whatever homeland security letter or warrant is required. Some underling within the feds would leak subsequently researched information to the press.  Remember Richard Jewell?  You should read "The Puzzle Palace" for information on how the U.S. government has operated in the past. See also the diatribe in the beginning of the movie Conspiracy Theory--some of the wild eyed predictions made in that scene by the crazy cabbie came true in real life a few years after the movie was released (e.g., see RFID chips in humans).  Some ideas sound crazy until they turn out to be prophesy  Heart  ♥  Gold tx 00:45, 14 June 2007 (CDT)
 * Interesting. I'd like to see actual evidence. I think that is what makes this sound like a conspiracy theory rather than an actual conspiracy.  Most conspiracy theories are plausible, and have at least some basis in fact.  It is true that security is not as good as it theoretically could be, and in fact, at certain levels, it is.  Just because the best possible security isn't used doesn't mean that it isn't used on purpose and with sinister intent.  Most of us are aware that our information isn't completely secure.  However, I would still like at least that minimal level where, for instance, some bozo with no special knowledge could call in and get my bank info.  Obviously, anyone who really wants any information these days can probably get it...it just shouldn't be easy.69.216.120.6 02:10, 14 June 2007 (CDT)
 * This paragraph feels out of place, maybe needing clarification. Just a suggestion.
 * Although we live in a global economy in which corporations are free to use slave labor in developing countries, individuals who rebel against these U.S. banking intrusions of privacy by choosing more anonymous, off-shore banks and credit card companies will be duly added to Homeland security no fly lists.


 * Yes, it is just irksome to me that while GM is free to buy their auot parts from Canada, consumers are not able to buy their prescription drugs. We have free trade, for corporations, not individuals.  Likewise, using a bank that is not subject to U.S. "recommendations" is frowned upon.  Heart  ♥  Gold tx 09:25, 14 June 2007 (CDT)
 * Sorry, let me clarify: I meant that the paragraph didn't seem to fit into the flow of the narrative. I don't mean to comment on the content of it at all, just that it sort of pops up in the middle of the essay without good transitions.--PalMD-yada yada 10:26, 14 June 2007 (CDT)
 * Upon a quick re-read, I'd leave this in but use it earlier maybe as a sort of preamble. As it is now, trying to "tie things together" it's not working so good. If it's placed higher up towards the beginning, the rest "fills in" the contrasts between the two clauses. MOO CЯacke ®  10:42, 14 June 2007 (CDT)

Shouldn't this be an essay?
Not being from the US I can't comment on a lot of this, but I notice the following comments: ''are becoming the bane of; in the guise of; they are repeating this falsehood; These measures are futile; The authentication schemes do nothing; Another likely abuse is that innocents will slandered; individuals who rebel against these intrusions.... may be duly added to Homeland security no fly lists.'' It's more like an opinion piece than anything else isn't it?--Bob_M (talk) 10:51, 15 June 2007 (CDT)
 * Or perhaps under conspiracy theories?--Bob_M (talk) 02:08, 16 June 2007 (CDT)
 * One of the usual hallmarks of conspiracy theories is that a substantial group of people believe in it. I'm not sure there are a lot of folks out there who hold to this one.--PalMD-yada yada 02:12, 16 June 2007 (CDT)
 * Yeeeeees. But in that case will it become a conspiracy theory if Heart convinces us all at RW? If not, how many does he have to convince to make it conspiracy theory? :-)--Bob_M (talk) 02:15, 16 June 2007 (CDT)
 * 83--PalMD-yada yada 02:17, 16 June 2007 (CDT)
 * Not 42?--Bob_M (talk) 05:57, 16 June 2007 (CDT)
 * You guys are forgetting, that if you convince enough people to believe in a conspiracy theory, it becomes "science". (See evolution) and the oxymoronic scientific consensus.  Heart  ♥  Gold tx 07:41, 16 June 2007 (CDT)
 * I think you may be missing little questions like "Can this hypothesis be disproved." and "What predictions does this hypothesis make?"--Bob_M (talk) 07:51, 16 June 2007 (CDT)

Disproving Evolution

 * Yes, Bob, please explain how common descent can be disproved? Try not to repeat commonly spewed canards like pre-cambrin rabbits, which, if discovered, would simply cause evolutionists to re-arrange their mythical tree of life.  Heart  ♥  Gold tx 07:53, 16 June 2007 (CDT)
 * Common descent is falsfiable in principle, as Bob's essay discusses. In truth, however, at this stage there is so much evidence behind the ToE and common descent that the chance of it being falsified in practice is essentially null.  Unless a new theory comes along the explains the evidence as well as the ToE and includes predictions and insights that explain the evidence to an even greater degree, then the the ToE will not be discounted in any meaningful way, although modification of the theory will continue the more we discover.  There's still ongoing work to determine how things like epigenetics incorporate into the ToE.  If you really have an issue with the ToE, I would suggest bringing the discussion to talk.origins, rather than hijacking the talk pages of this wiki. Stile4aly 14:39, 16 June 2007 (CDT)
 * Wow, if we're going to have this discussion, we should probably move it, but anyway, HG, how is the precambrian rabbit not ok?  69.213.86.236 09:13, 16 June 2007 (CDT)
 * Before I (or anyone) else responds here can I ask if you (HG) (or anyone else)have any objection to my copying and pasting the relevant parts to the evolution page with a link here stating where the conversation has continued?--Bob_M (talk) 12:10, 16 June 2007 (CDT)
 * I've changed my mind on this and written an article in response to the question. see Disproving Evolution

details and a similar issue
I think this article should start off by describing the recommendations it discusses. Also, that FFRSCF (whatever) acronmym should be expanded the first time it is used.

Also, yes, it reads like a conspiracy theory. I've never run into more than a dumb "question to answer" that can be used as a password prompt - and you don't have to use the truth.

But, much more alarming is the huge amount of data that can be or is mined via credit card records and supermarket discount or check cashing cards. human be in 17:09, 16 June 2007 (CDT)
 * So are we going to class this as a conspiracy theory then?--Bob_M (talk) 12:51, 22 June 2007 (CDT)
 * You use the term conspiracy theory like it's a bad thing. Heart  ♥  Gold tx 18:00, 22 June 2007 (CDT)

Futility
Is it worth mentioning that, due to banks chasing the cost savings from offshoring customer services and the like, there's an increased risk of details being stolen from within. There's a link to an article here for some details. smoke mirrors 10:53, 27 June 2007 (CDT)
 * Yes, sending IT to India makes less sense as sending it to Iraq, according to one IT security expert. Heart  ♥  Gold tx 10:58, 27 June 2007 (CDT)