Forums65
Topics76,352
Posts1,033,281
Members14,560
|
Most Online16,551 Feb 2nd, 2024
|
|
7 members (3 invisible),
8,665
guests, and
424
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
M |
T |
W |
T |
F |
S |
S |
|
|
|
|
1
|
2
|
3
|
4
|
5
|
6
|
7
|
8
|
9
|
10
|
11
|
12
|
13
|
14
|
15
|
16
|
17
|
18
|
19
|
20
|
21
|
22
|
23
|
24
|
25
|
26
|
27
|
28
|
29
|
30
|
31
|
|
|
Joined: Jul 2008
Posts: 14,344 Likes: 19
Wiki Master
|
OP
Wiki Master
Joined: Jul 2008
Posts: 14,344 Likes: 19 |
Just had a dig through my logs, here is a list of third party sites that barclays.co.uk accessed, some of these were javascript pages, how on earth can they expect to maintain security with this going on?
tribalfusion.com adnxs.com doubleclick.net vindicosuite.com amgdgt.com intellitxt.com specificclick.net gwallet.com guardian.co.uk ecustomeropinions.com mookie1.com yieldmanager.com answercloud.com quantserve.com dsply.com omtrdc.net advertising.com
We don't do charity in Germany, we pay taxes. Charity is a failure of governments' responsibilities - Henning Wehn https://ddue.uk
|
|
|
|
Joined: Nov 2003
Posts: 21,269 Likes: 4
Wiki Master
|
Wiki Master
Joined: Nov 2003
Posts: 21,269 Likes: 4 |
Those will only be the landing pages and information. Logging in will encrypt the communication. If i remember opens in a new window.
I give up on being tracked an analysed, and thought of myself as a tiny piece of sand in a huge desert of sand.
|
|
|
|
Joined: Jul 2008
Posts: 14,344 Likes: 19
Wiki Master
|
OP
Wiki Master
Joined: Jul 2008
Posts: 14,344 Likes: 19 |
With an external javascript being active on the page its possible for it to hijack the connection and make it look like you are still dealing with the barclays site.
How are customers supposed to tell if everything is kosha when they have this amount of trash floating around. I would expect with a bank site for it only to deal with the domain I want.
I had this argument with paypal a number of years ago over a similar issue which I managed to demonstrate was unsafe, I'm glad to say they changed it. I haven't got up to date knowledge to know what is possible these days but what barclays (and no doubt others) are doing is certainly the first step in creating a potential weakness and should be avoided.
We don't do charity in Germany, we pay taxes. Charity is a failure of governments' responsibilities - Henning Wehn https://ddue.uk
|
|
|
|
Joined: Nov 2003
Posts: 21,269 Likes: 4
Wiki Master
|
Wiki Master
Joined: Nov 2003
Posts: 21,269 Likes: 4 |
I agree with your post above DD.
How did your generate those logs, as i have visited the site expecting to be hit by adverts and there was none ? Only barclays promotions.
|
|
|
|
Joined: Jul 2008
Posts: 14,344 Likes: 19
Wiki Master
|
OP
Wiki Master
Joined: Jul 2008
Posts: 14,344 Likes: 19 |
We don't do charity in Germany, we pay taxes. Charity is a failure of governments' responsibilities - Henning Wehn https://ddue.uk
|
|
|
|
Joined: Nov 2003
Posts: 21,269 Likes: 4
Wiki Master
|
Wiki Master
Joined: Nov 2003
Posts: 21,269 Likes: 4 |
|
|
|
|
Joined: Apr 2010
Posts: 574
Smartchild
|
Smartchild
Joined: Apr 2010
Posts: 574 |
With an external javascript being active on the page its possible for it to hijack the connection and make it look like you are still dealing with the barclays site. This is known as XSS (cross-site scripting). It is a very serious security risk. Most good browsers will warn you if this is being attempted. Andy, here are my recommendations. 1. If you're using Internet Exploder, STOP it now. It's FULL of vulnerabilities and weaknesses. Install Firefox. http://getfirefox.com2. Install the AdBlock Plus plugin. Click Options, Filter Preferences, Filter subscriptions, untick "Allow some non intrusive advertising" 3. Install the Ghostery plugin. Run the wizard. Tell it to block everything. 4. Install an ad and malware blocking hosts file. http://someonewhocares.org/hosts/ is a very good one. Installation instructions are at the top of the file. Once that is done, you'll never see another ad and your computer will be protected from 99% of the known malware, adware, tracking and foistware sites. You will be astonished at how much Ghostery in particular blocks (it pops up a list on each site you visit - you can disable this if you want.) You can also install a plugin called NoScript which will prevent Javascript from running, but it breaks quite a few sites. It's YOUR computer - take back control of it!
|
|
|
|
Joined: Jun 2011
Posts: 358
Old Hand
|
Old Hand
Joined: Jun 2011
Posts: 358 |
If you're a Barclays Internet banking customer, they give you Kaspersky Internet Security for free. They also give you the Kasprsky mobile banking app for your smart phone or tablet. This goes a long way in protecting you.
Fetere sum, ego sum Ergo
|
|
|
|
Joined: Jul 2008
Posts: 14,344 Likes: 19
Wiki Master
|
OP
Wiki Master
Joined: Jul 2008
Posts: 14,344 Likes: 19 |
Don't worry, I'm well protected, its stupidity of the bank that my post is about.
@MikeT
While I have had massive lists in the hosts file before now, there is a huge disadvantage in that it is difficult to check if something has interfered with it. I also use local servers on my computer so make use the hosts file myself and could do without the clutter.
I don't trust Ghostery as it is a tracker in its own right.
We don't do charity in Germany, we pay taxes. Charity is a failure of governments' responsibilities - Henning Wehn https://ddue.uk
|
|
|
Click to View Topic.
|
|
Posts: 1,315
Joined: May 2011
|
|
There are no members with birthdays on this day. |
|
Gaza
by diggingdeeper - 29th Oct 2023 9:28am
|
|
|
|
Xbox
by TudorBlue - 3rd Mar 2024 8:48pm
|
|
|
|
|
|