What is your security setup these days?

Yup,ATM's are hardly a safe place.

 

I know plenty about ATM's. I worked for Citi bank dealing with them and I know quite a bit about their security.

Deal with a teller whenever possible.

 

Well since you know plenty about ATM's and their security then you should also know about their lack of security such as using "skimmers" and other means of identity theft and financial theft used against ATM's

 

LMAO,because you worked for Citibank,means nothing about the lack of security an ATM provides. All that needs to happen is,someone sees you counting cash at the ATM,they want you bad enough,your done. I could go on and on.

 

You dont think every person you come in contact with is a 100% trustworthy person these days,because if you do,your sadly mistaken,not with this economy.

 

If you're worried about skimming you're better off taking all of your money out and hiding it under the bed.

Skimming is rarely a bank issue, almost always with outdoor ATMs (I was just about to edit my post to say not to ever use these), and is more often done by disgruntled waiters from my understanding.

ATM security is terrible, that's for sure. I know the Citi banks I was at (I moved to a few branches) were running Windows XP... SP2 I believe. Maybe SP3. Either way they don't get updates, even knew machines are created with images (I saw dozens of installs.)

I talked to one of the security heads there and he was laughing about how you can buy devices to monitor ATMs from ~30 feet away.

That said, it doesn't happen a hell of a lot to indoor ATMs, and the further the ATM is into the bank the more secure it is.

The most important thing is clearing out when you're done. I can not tell you how many hundreds of people I see walk away without clearing everything out. Normally you have to reenter your pin to do any further transaction but viewing records isn't always protected if the attacker is quick enough.

 

Again, at this point just hide your money under the bed. Any time, literally any time you make a transaction you have to put your trust into someone.

No, I just know about practical security in relation to ATMs, which I have a lot of knowledge on because I worked with them every day for months and often discussed new security issues as well as the old ones. I saw hundreds of ATMs left open. I know plenty about how attacks on ATMs happen.

 

Basically, if you use an ATM there are some simple rules to remember:
Use the one further from the door.

Don't have anyone behind you or near you. (that's what the mirrors are for)

Make sure you clear out once you're done! And remember that a record will print out after a transaction!

I've seen so many records. Citi's policy, of course, is to shred them immediately after being found. The information on those records alone is not necessarily enough for identity theft but in conjunction with other information it can be brutal.

 

Oh, I see. Actually, I'm presently using Puppy and what I like best about it is the ability to save user settings to a file either on a local drive or a pen drive. You certainly can't wrong with Puppy imo.

 

unfortunately, tha't not too practical.
what is this technology good for if it can't be tamed?

anyway, i'm gonna setup email alerts for every credit card purchase, maybe debit/bank card too.
and just carry a little more cash with me for the odds and ends.

i'm liking the idea of using a Linux live cd, even if you have to reboot and spend a minute or so to drop in Linux land.

easier than to play with a bunch of security settings and apps i guess.

 

I prefer practicality as well. Always make sure your network is secure and use HTTPS.

 

There are several ways to use a flash drive with Puppy Linux, either as the boot drive or to store supplemental information to the Puppy Linux CD which makes booting up a lot faster. Though I don't know that it makes any difference for security, I only plug the flash drive in when booting into Puppy Linux, and remove it before booting into Windows.

 

I do this and use pre-paid credit cards. I don't trust real credit cards and have no need for one so I just buy a 100$ visa or so when I want to buy stuff online and call it a day. If someone manages to steal it they only get the left overs (not much normally I buy everything at once).

 

Not sure about citi bank. But here in Canada I did a pentest a couple of years ago after hearing about ATM's using weak security and WiFi for diagnostics. A bank here (not to be named) does this. Basically they have a diagnostic WiFi AP ( on 5Ghz ) that is 'protected' with WEP. I managed to crack it and access the machine through SSH (as root) From there anyone could have easily dropped spyware or tricked the machine into releasing more money then it should. Yes there is a setting where you can make it give 2x as much money per transaction.

There was alot more I could do to but the just of it is I could have stolen money or anyones info with easy and even further than 30 ft away. (I was accross a parking lot at the time).

But don't worry I had permission

 

Back to Privatefirewall from Mamutu with Win7FW, Firefox from Chrome, and MBAM to on-demand. One of these days I might be able to decide between Privatefirewall and Mamutu.

 

OS: Windows Home Premium 64-bit SP1

* SUA - SRP - UAC - EMET
* AutoRun/Play - Disabled
* Windows Defender - Disabled
* System restore - Disabled
* Windows Media - Disabled
* Quite a few Windows services disabled, but I won't mention them.
* Windows 7 Firewall (InBound/OutBound blocked)
* Norton DNS (Malware)​

Browser:

* Firefox 8.0 (Permanent private browsing mode, NO history is remembered, No third-party cookies accepted.)​

* No Script
* Ad-block plus (Easylist + Easy privacy)
* Ghostery
* Better Privacy
* Firebug​

SandBoxie 3.60 (Lifetime license):

* Separate sandbox for most of my internet facing applications.
* Each application is forced to run in its specific sandbox, with the appropriate start/Run and internet access settings.
* Each sandbox has been blocked from accessing certain drives, unless the application needs a specific drive, in which case only certain folders within that drive are blocked.
* Every sandbox has Read-Only access to C:\Windows
* Separate sandbox for testing applications.
* Sandboxed explorer.exe with a shortcut linking to my "Downloads" partition, to open new files.
* The sandboxes are configured to automatically delete on closing, well most of them.
* Drop-Rights enabled for all sandboxes.​

MBAM (Real Time)

* Automatic quick scan once everyday.
* Manual full scan whenever I feel it's necessary.
* File execution blocking - Enabled
* Website blocking - Disabled​

Backup:

* Drive Snapshot 1.40​

* Original windows snapshot (No updates or drivers)
* Windows snapshot (With drivers and updates)
* Main snapshot (Usually replaced every few weeks with an updated snapshot)​

* SyncToy 2.1​

* Used to quickly back up work from my USB to my PC.​

General Tools:

* TuneUp Utilites 2012​

* Portable Keepass 2.17 ​

* Database stored on my PC and USB.
* Keyfile also stored on my PC and USB.​

 

I don't think that's the case at Citi. I talked to the security guy and he definitely said they're accessible but only if you purchase a specific device (black market kinda thing), which would then be able to access the ATM wirelessly from ~30 feet though it's often less with walls and things in between.

There are plenty of other issues with them though. Most of them don't have to do with stealing someone other patrons money but instead stealing the banks money, which you can do fairly easily (especially with the new paperless systems) and Citi won't even investigate if it's under a certain amount.

 

Since I can't decide between Privatefirewall and Mamutu, this time I just left both of them on. So far there don't seem to be any conflicts. If you have an opinion on whether that's overkill, or on which program would be better, or why running both is a good idea, please let me know.

 

I have the HIPS turned off with Privatefirewall
as well as with Online Armor on another setup.
Just basic firewall stuff is running.
How about you? HIPS turned on?
I finally decided that Sandboxie is so good that I can run it with an AV and an AM to complement, and leave all the ring-ding HIPS features off.
Don't get me wrong, I love all that process detection/web shield/program guard/anti-keylogger/system anomaly detection stuff, but it was actually impacting performance, and I was getting further and further away from simplicity.

 

Removed EAM and l'n's.

Replaced with (the one and only - Kaspersky) signature:

 

put back my ESET Smart Security 5 and Mbam Pro back

 

Won't Sandboxie interfere with KeyScrambler?

 

No, Sandboxie is compatible with Keyscrambler

 

norton dns

Fast Five
sandboxie
panda cloud av
spyshelter
mbam
keyscrambler

other
hitman pro
macrium reflect
secunia psi

Portable:
Emsisoft emergency kit
Superantispyware
Tdssiller
F-secure easyclean
Bytehero
Norton power eraser
Remotedll

Online Scanner:
F-secure
Eset

Rescue Cd:
Avira
E-scan

 

VIPRE Antivirus Premium
Malwarebytes' Antimalware Pro
No Autorun
OpenDNS VIP (set at NAT router)