ZA Pro ID lock Query

Discussion in 'other firewalls' started by ellison64, Jan 8, 2006.

Thread Status:
Not open for further replies.
  1. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    What am i missing here?.In za pro id lock add information section (in my vault), there are categories for what information you want to input.Under the credit card category it shows 4 boxes.In the first three you can put 4 numbers respectivly but in the last one it just shows 4 Xs and nothing can be put in there.A credit card is usually 16 figures long so how do you input credit card info , when it only allows 12 digits to be inputted instead of 16?
    tia
    ellison


    UPDATE......
    Apologies i should have read the help file more carefully

    "For added security, Zone Labs security software does not record the last 4 digits of your credit card number."

    ellison
     
  2. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    May i clarify whether web id lock only works on non https sites?.Ive just tested and ZA doesnt seem to alert when vault info is inputted at a https site.I know that apparently its impossible to remove ads at a secure site too so i guess its also impossible for ZA to monitor data input at an encrypted site?
    tia
    ellison
     
  3. metallicakid15

    metallicakid15 Registered Member

    Joined:
    Dec 6, 2005
    Posts:
    454
    i also use za pro and would also like this answer to be answered
     
  4. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
  5. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Ive had phishing email in the past supposedly from paypal etc but its pretty obvious the sites phoney because the lock is not in the browser and the address is slightly different.This made me think whether its possible for phishing sites to use https at the phoney site?,or is this something thats not possible for hackers?.Regarding the id lock i thought that it may act as a " proxy barrier" between any protocol , so i did expect it to warn me that information was being entered at a secure site.I mean an antivirus realtime scanner would pick up malware if it was on a secure site wouldnt it?.I guess i need to google for an easy to understand tutorial on how https works.
    ellison
     
  6. unhappy_viewer

    unhappy_viewer Registered Member

    Joined:
    Sep 16, 2005
    Posts:
    259
    The thing is for a site to be HTTPS secure, it has to receive a security certificate from a security company like Verisign. These companies don't just issue security certificates to anybody. They do alot of background checks as to the nature of the business company's legitimacy etc. Its very unlikely for a phishing site to be HTTPS secured.
    No ZA actually monitors the actual connection itself. It doesn't act as a proxy in any way.

    If we look an an AV, like KAV 6.0 beta, its Web scan feature too can only monitor common HTTP ports and is unable to monitor data from ports used for secure HTTPS conections or secured email conections. But even if you download a malware from a secure site (I wouldn't know why a secure site would have malware in the first place), the AV's real-time protection feature will then pick it up once you have dowloaded it. The only difference between the web-scan feature and real-time feature is that the malware will be picked up sooner(and hence can be prevented from entering your computer) in the web scan while the real-time protection will alert you later but will prevent the virus from executing.
     
  7. ellison64

    ellison64 Registered Member

    Joined:
    Oct 5, 2003
    Posts:
    2,499
    Thanks for taking the time to explain (very eloquently) those points :)
    ellison
     
Loading...
Thread Status:
Not open for further replies.