Westpac's interface is quite funny. Only very recently did they allow pasting passwords from a password manager, previously you had to use an on screen keyboard (presumably to stop keyloggers).
On that note; any recommendations for Aussie banks that have a secure and modern interface?
Westpac customer here. If you just need basic banking, you can’t beat ING. They still have a dumb type-a-PIN-by-pressing-buttons login screen, and the customer ID field doesn’t accept pasted data, but other than that I love them. No fees, even on international transactions. Apple Pay if you want it.
I'd love to endorse ING, but i must say, their security really worries me. I'm just putting this out there: you log in to internet banking with your "customer number" which is printed on your bank card, and then you have exactly 4-digit PIN you key in with their stupid on-screen keypad.
I love that they're relatively modern for Australian standards (fast payments, no fees ever, basically) so i'd love to endorse them, but i, too, am on the lookout for a replacement bank that has e.g. MFA with TOTP or a physical challenge-response box like my otherwise overpriced ABN bank account gave me back in 2002, in the Netherlands...
So i, too, am all ears for recommendations.
EDIT: and once you're in internet banking, you can willy nilly transfer cash out if you either use a "saved address" (someone you've paid before) or you'd need to hijack my mobile number. But $deity knows that's easy - just claim you own a number and get it ported over to a new service no-questions-asked. Facepalm, really.
Yes, thanks! It's hard to describe, but this page nails it including the screenshots!
Love your own
There are two kinds of objects and functions - those that
are part of the standard DOM, and those that are from your
own JavaScript code. Firebug can tell the difference, and
shows you your own script-created objects and functions in
bold at the top of the list.
To be even more discriminating, use the options menu to
completely hide different kinds of objects. For instance:
Show Own Properties Only hides derived properties from the
prototype chain, Show Enumerable Properties Only hides non-
enumerable properties and Show Inline Event Handler shows
inline event handlers that are not associated with functions.
With "your own JS code" it means the JS libraries, the JS code of your website. Also any changes to DOM made by JS code is also highlighted in bold and different colors like green and red. Try it out yourself, you will see it's very useful undo you will ask yourself, why haven't I used it in the past.
I fear as it's now hard to impossible to try out Firebug with current Firefox, and the WebDevTools have long forgotten the past functionality of Firebug, we may never again get this valuable features back. :(
But to try it out yourself, either download FF48 portable and install an older Firebug revision (the last two Firebug revisions are "fake" meaning the basically remove Firebug, so use an older Firebug from 2015, you have to install it manually, or downgrade it)
Despite the downvotes by people who don't got it, it's a very valuable feature that made a Firebug so special and useful.
Please Mozilla devs, try it out, and you will get it in 1min how useful it is, and please add it to DevTools. (@Chrome devs: please also add it)
I genuinely don't understand why you would want ipv6nat. It seems like a bog-standard firewall; but instead of being able to configure rules about incoming traffic, everything is blocked and you are stuck with that.
Maybe somebody who knows more about this topic could explain it?
Signal is built on top of the phone number system (ie. falling back to SMS, phone numbers as ids). Telephony is pretty clearly a federated system - somebody on one carrier can talk to another; even internationally.
I find it so ironic that he doesn't "support federated systems" when the Signal is tied to one.
And yet you can't create your own small phone network, assign whatever numbers you want to your users, and expect others to interconnect with you or honor your numbers. Telephony is federated within an internationally regulated system, to claim that this in any way supports federation in a similar manner as what is being discussed is to fundamentally misunderstand how the system works.
> And yet you can't create your own small phone network, assign whatever numbers you want to your users, and expect others to interconnect with you or honor your numbers.
Actually you can quite easily, and quite a few people have done so. Including hacker clubs for events (the CCC operating a local custom GSM network with their own SIMs, and working numbers a few years back for their congress comes to mind), small ISPs with only a few hundred or thousand customers, and more.
I wouldn't call these event networks "part of the federated phone system". They are clients of companies that are part of it. External numbers into these networks are extensions of a public number they get from the upstream - just like any company having a PBX, they do not participate in any of the inter-provider infrastructure, do not own the phone numbers, ...
The internet equivalent to what they are doing would be getting a business line with a fixed, provider-owned IP prefix. The equivalent to what the parent describes would be getting a prefix delegation from a registry and peering with other networks.
It's still really cool for island systems though, which is the more important thing for those events.
> I wouldn't call these event networks "part of the federated phone system". They are clients of companies that are part of it. External numbers into these networks are extensions of a public number they get from the upstream - just like any company having a PBX, they do not participate in any of the inter-provider infrastructure, do not own the phone numbers, ...
I mean, they ran their own full MVNO, with their own SIM cards, with their own code on the cards, and operated their own tower.
I meant purely from a "connection to the general phone system" perspective - at all events I've been they only had internal numbers and you could be called from the outside through an extension. If there was an event where that wasn't the case I stand corrected.
Having the entire (mostly/entirely? open-source) GSM network is really really cool and important, but from the perspective of the wider phone network still "only" a "fancy internal phone system", with the limitations of control that come with that.
> And yet you can't create your own small phone network, assign whatever numbers you want to your users, and expect others to interconnect with you or honor your numbers. Telephony is federated within an internationally regulated system, to claim that this in any way supports federation in a similar manner as what is being discussed is to fundamentally misunderstand how the system works.
Wait, but if telephony is regulated then so is our DNS system. After all, Verisign (I think) owns "dot com". I am not sure about the last statement but the point is that you have to go to a registrar to get a domain name. So, is email not truly federated either?
Thinking about the problem, we need some kind of identifier that is not controlled by a single entity and yet there is a consensus as to how we route traffic designated to that identifier. Ideally, we want to be able to designate multiple clients with the same identifier which only complicates the issue. Is there a solution to this?
"Wait, but if telephony is regulated then so is our DNS system."
What do you mean by "our"?
There is nothing that "forces" anyone to use ICANN DNS.
(There is certainly coercion and peer pressure to follow along, but as a technical matter anyone can break free at anytime. It is just a matter of changing some defaults and running some software yourself.)
People use ICANN DNS for one of the following reasons
1. because they do understand the technical details such as changing defaults and running a local authoritative server serving a root.zone file,
2. because their business relies on ICANN DNS somehow or
3. "because that is what everyone else is using" or some similar belief where any variance from status quo is per se failure.
The encryption that Signal uses is not likely to be broken. Because Marlinspike did not write it.
The protocol is a different matter. Uncertainties abound.
The author of the encryption is not the author of the protocol and if I recall the author of the encryption questioned why the distribution of the software has to be controlled by one company. (Answer: It doesn't.)
Signal is a classic example of some software (in this case written in Java) whose adoption on its own merits the author has deemed "inadequate" and so the author attaches it to some very widely adopted platform or other widely adopted software. This results in instant mass adoption.FN1 It is like entering into a distribution agreement.
Challenging this decision with respect to Signal results in mundane philosophical arguments about "user experience".
The beautiful thing about the encryption that Signal uses is that it is not attached to any particular software or platform. It gains adoption on it own merits, not by making a deal with a company like WhatsApp/Facebook.
Anyone can write software with the same encryption that Signal uses, and it does not have to be entwined with a protocol controlled by Facebook.
FN1. Another recent thread mentioned how web browser authors partner with popular software such as "CCleaner" to silently install their browser along with "CCleaner". As a result, every user who installs "CCleaner" also installs Chrome (and maybe some other malware). Parasitic software distribution.
When it comes time to boast about browser "market share", the method of distribution, the presence or absence of conscious choice by the user, is not reported.
Telephony is federated, in some senses. But not as is generally accepted when speaking about internet communication protocols. Compared to SMTP or IRC, the average person can't start their own telephony service provider - to do so is highly regulated and involves organisations such as the ITU. I'm sure, given such an infrastructure, Signal could be relatively easily moved to a "federated" set-up. But that wouldn't solve the issues that people who complain "Signal isn't federated" want fixed.
You'd be surprised by how many apps support Wayland natively. Gtk+ and QT support it transparently for app developers, and I assume other frameworks do as well.
And Wayland is a huge improvement over X. Whenever I go back to X, it really suffers from tearing on portrait sub-1080p DIV-D monitor.
Yes, all modern AMD processors have this. But Intel processors have an equivalent ""feature"", called the Intel Management Engine (ME). So take you pick really.
I don't know the plans with TALOS II, but those who are interested in what happened to the original Talos Secure Workstation crowdfunding might be interested in the following article, which I think anybody, who is interested in how an alternative could look like, should read:
On that note; any recommendations for Aussie banks that have a secure and modern interface?