he's alright, he's got the entire english GDP behind him
scot bastard
scot bastard
libertarian benefit collector - anti-academic super-intellectual. http://mixlr.com/the-little-phrase/
You don't seem to understand the complexity of "hacking". It would take years to find a hole in Paypals site and exploit it, and then it would take even longer to retrieve the encrypted details from the site.steelie34 wrote:
hey, i'm just quoting off of paypal's website. and it's common sense to keep your bank info as private as possible. why would you want to spread around your account number to a bunch of websites that could possibly get hacked? fuck paypal's protection policies, what if some jaded employee steals all the bank account info and withdraws the cash some other way? i'd rather be safe than sorry.
if some nigerian has your credit or debit card, there are certain bank protections in place to stop them from bleeding you without them noticing. but if they have your direct account info, they can just straight up transfer the money out of your account, and you're fucked.
Encryption on sites only goes one way, and I'm quite positive they'll be using Blowfish/AES encryption and REAL random number algorithms to encrypt your bank codes, which just make it impossible to retrieve. So although Paypal can process the encryption due to it's system, if you retrieve the encrypted numbers, you can't decipher them, no matter what you try.
Paypal is incredibly safe, and most likely safer than having your bank information on a piece of paper at home, where anybody can break in and take it.
Even if an employee COULD do that, you'd still be protected... so what's the problem?
believe me, i am very familiar with hacking, exploits, and what it takes to steal data. remember hackers dont always just use a computer to do their deeds, but any number of social engineering techniques as well as backdoors and employee laziness to acquire what they want. not everything is a brute force hack on the back end of the data. chances are, that database does have a one-way encryption. the problem is how people access and use that data for payment processing. any hacker will be looking for a weakness in the whole system, not just the data store... remember this?
http://www.computerworld.com/s/article/ … ggest_ever
i'm sure they used a pretty secure system to store credit card numbers, but in the end, someone was able to find a way in. the point i'm trying to make is that i never trust anyone to secure my information, because in the end any system can be compromised. even banks can get hacked, and have a real headache with a major theft. i'm not saying we shouldn't use the banks or other financial institutions, but it is a calculated risk when you choose to store your money in the banking system. the FDIC exists solely to protect against the various fraud that can cause you to lose your money.
as a person responsible for network security myself, i know several security engineers who deal with intrusion attempts day in and day out. they'll be the first to tell you there is a bigger picture when it comes to securing the system, the least of which is the actual computers themselves. the best policy you can have is to share your financial data with as few people as possible, because as soon as that data is on someone else's system, that's just an additional angle of attack. call me overly paranoid, but i'd rather keep my info close to the chest, and use a credit card for online dealings since there is additional protections in place to fight credit card fraud. if someone steals my CC, i can dispute the suspect purchase, and get everything straightened out without losing any money. if someone steals my debit or bank account info, they can just withdraw all the money, leaving me empty-handed while i try to get the bank to figure out what happened. the difference is how much damage the thief can initially cause when they steal my info.
im not debating the security of just paypal's system, all i'm saying is the less people who have your bank info, the less likely you are to get defrauded.
http://www.computerworld.com/s/article/ … ggest_ever
i'm sure they used a pretty secure system to store credit card numbers, but in the end, someone was able to find a way in. the point i'm trying to make is that i never trust anyone to secure my information, because in the end any system can be compromised. even banks can get hacked, and have a real headache with a major theft. i'm not saying we shouldn't use the banks or other financial institutions, but it is a calculated risk when you choose to store your money in the banking system. the FDIC exists solely to protect against the various fraud that can cause you to lose your money.
as a person responsible for network security myself, i know several security engineers who deal with intrusion attempts day in and day out. they'll be the first to tell you there is a bigger picture when it comes to securing the system, the least of which is the actual computers themselves. the best policy you can have is to share your financial data with as few people as possible, because as soon as that data is on someone else's system, that's just an additional angle of attack. call me overly paranoid, but i'd rather keep my info close to the chest, and use a credit card for online dealings since there is additional protections in place to fight credit card fraud. if someone steals my CC, i can dispute the suspect purchase, and get everything straightened out without losing any money. if someone steals my debit or bank account info, they can just withdraw all the money, leaving me empty-handed while i try to get the bank to figure out what happened. the difference is how much damage the thief can initially cause when they steal my info.
im not debating the security of just paypal's system, all i'm saying is the less people who have your bank info, the less likely you are to get defrauded.
Actually, that's not true anymore for debit cards. You can have the same method of dispute with a debit card transaction and it will be resolved with the same swiftness (I know, I was getting scammed through a direct debit). I'm not sure how it works in the US in terms of debit cards (I will never own a credit card for as long as I can sustain myself properly) but in the UK, although you're not technically as secure, banks will do everything in their power to resolve the issue - and I've never heard of anything going wrong with a direct debit agreement or someone using their debit card and losing money.
If someone steals my debit card, I can do the exact same thing you just said about your CC, so I don't really see the problem.
That was 3 years ago Steelie, encryptions and security has massively increased since then.
Don't get me wrong, I'm para about using stuff like this online as well, but I know and have dealt with Paypal enough to trust them to a decent extent. I'd much rather use my Paypal account (direct bank transfer) to pay for something than enter my debit card details onto another site.
Also, I've worked with backends of sites for 5 years, and although all of what you say is true, the most major companies have been pretty secure over the past 3-4 years, so I'm less paranoid than you.
If someone steals my debit card, I can do the exact same thing you just said about your CC, so I don't really see the problem.
That was 3 years ago Steelie, encryptions and security has massively increased since then.
Don't get me wrong, I'm para about using stuff like this online as well, but I know and have dealt with Paypal enough to trust them to a decent extent. I'd much rather use my Paypal account (direct bank transfer) to pay for something than enter my debit card details onto another site.
Also, I've worked with backends of sites for 5 years, and although all of what you say is true, the most major companies have been pretty secure over the past 3-4 years, so I'm less paranoid than you.
English twonk.Uzique wrote:
he's alright, he's got the entire english GDP behind him
scot bastard
E: Actually toff is more fitting than twonk.
Last edited by Finray (2010-05-16 04:59:29)
yeah uzi you nig, I've got a job.Finray wrote:
English twonk.Uzique wrote:
he's alright, he's got the entire english GDP behind him
scot bastard
E: Actually toff is more fitting than twonk.
funny this was on yahoo this morning:
http://finance.yahoo.com/banking-budget … ng_savings
doesn't have anything to do with paypal, just thought the timing was funny.
im sure paypal is secure for everyday use, i guess i'm taking a very paranoid point of view of online banks. i just don't trust the industry, since it's so prone to attacks and blunders. just because something could happen, doesn't mean it will... of course i could always get hit by a bus walking down the street; doesn't mean i should stay in my house all day.
http://finance.yahoo.com/banking-budget … ng_savings
doesn't have anything to do with paypal, just thought the timing was funny.
im sure paypal is secure for everyday use, i guess i'm taking a very paranoid point of view of online banks. i just don't trust the industry, since it's so prone to attacks and blunders. just because something could happen, doesn't mean it will... of course i could always get hit by a bus walking down the street; doesn't mean i should stay in my house all day.
Last edited by steelie34 (2010-05-16 08:00:24)
Yeah but anywhere you pay with checks or credit cards, you have the risk of it being stolen. You could use your credit card at a restaurant, or walmart, or wherever and they could remember the numbers.steelie34 wrote:
funny this was on yahoo this morning:
http://finance.yahoo.com/banking-budget … ng_savings
doesn't have anything to do with paypal, just thought the timing was funny.
im sure paypal is secure for everyday use, i guess i'm taking a very paranoid point of view of online banks. i just don't trust the industry, since it's so prone to attacks and blunders. just because something could happen, doesn't mean it will... of course i could always get hit by a bus walking down the street; doesn't mean i should stay in my house all day.
If you're that paranoid you might as well use cash, tbh.
Last edited by CrazeD (2010-05-17 08:45:39)
true. paypal is the closest thing to e-cash i guess, but im a paranoid fuck. i hate buying stuff online.CrazeD wrote:
Yeah but anywhere you pay with checks or credit cards, you have the risk of it being stolen. You could use your credit card at a restaurant, or walmart, or wherever and they could remember the numbers.steelie34 wrote:
funny this was on yahoo this morning:
http://finance.yahoo.com/banking-budget … ng_savings
doesn't have anything to do with paypal, just thought the timing was funny.
im sure paypal is secure for everyday use, i guess i'm taking a very paranoid point of view of online banks. i just don't trust the industry, since it's so prone to attacks and blunders. just because something could happen, doesn't mean it will... of course i could always get hit by a bus walking down the street; doesn't mean i should stay in my house all day.
If you're that paranoid you might as well use cash, tbh.