'Rapport' Security

ChiefGrasscutter

masonic wrote: »

They can't, because Rapport does not meddle with your internet traffic. It is undetectable from the outside, except when it sends information back to Trusteer. If it did, that would be far more worrying!

I was under the impression that Rapport DID indeed communicate with a server within the online banking institution concerned: all in the background without you noticing of course. It seems likely that some highly coded information would be exchanged between your pc and a secret server within your bank to verify both are whom they claim to be (ie verified IP addresses): This is why to be fully protected by Rapport, Trusteer must have a business setup with your bank: A&L are one such bank.
So the financial institution should be able to check their records - whether this is 'easy' of course who knows.......

The only way of confirming this or otherwise would be to run a packet sniffer like wireshark on your PC when you log on to your internet banking which would list all connections opened, resolve the endpoint servername along with data packets transfered. Then one might find out exactly what Rapport was doing.

Why was the Trusteer rep PPR'd?. It thought the replies quite interesting: as much as for what he/she did not say as well as what they did.

masonic

ChiefGrasscutter wrote: »

I was under the impression that Rapport DID indeed communicate with a server within the online banking institution concerned: all in the background without you noticing of course. It seems likely that some highly coded information would be exchanged between your pc and a secret server within your bank to verify both are whom they claim to be (ie verified IP addresses): This is why to be fully protected by Rapport, Trusteer must have a business setup with your bank: A&L are one such bank.
So the financial institution should be able to check their records - whether this is 'easy' of course who knows.......

I thought that initially as well (some of their marketing material seems to imply it), but it turns out Rapport only maintains a list of valid IP addresses for the domain and the security is all based around that. If the incoming traffic is from a valid IP (and for https, if the certificate is for the correct domain and signed by a known authority), then Rapport gives the green light. What the banks seem to be paying for is designating a list valid IP addresses, the right to put up a download link, automatically enabled protection for their websites and customised installation options.

The only way of confirming this or otherwise would be to run a packet sniffer like wireshark on your PC when you log on to your internet banking which would list all connections opened, resolve the endpoint servername along with data packets transfered. Then one might find out exactly what Rapport was doing.

I looked at this a few months ago when I was considering using Rapport and I didn't see anything unusual going on over the internet with Rapport enabled (I opted out of sending reports back to Trusteer, so I don't know what that entailed). I don't have it installed anymore and in fact it wouldn't have any purpose on my machine now - I've been spooked by some of the very sophisticated attacks I've read about in recent weeks and now do all of my internet banking from a live CD.

Why was the Trusteer rep PPR'd?. It thought the replies quite interesting: as much as for what he/she did not say as well as what they did.

I'm not sure exactly, but they signed up to represent Trusteer without permission from the forum team. At least one message was posted through the mods after the account was disabled, so I'd guess they weren't willing to agree to MSE's conditions for continuing to post here?

joe134

masonic wrote: »

They can't do that. That's why they are making sure you have it running now before they reactivate your account. At the end of the day you can't prove it was running in the past (and they can't prove it wasn't). I don't think there was a loss. They would have needed your password that you use when you set up a new payee and you never get asked to enter that in full.

Just had Rapport e-mail confirming rapport installed and on, on A&L site .so they asked for ID number , 8 digit to reactivate my link with A&L, still awaiting new pin.From A&L by post.They must be liasing between themselves or why would Rapport require my ID number to reactivate my a/c.I thought A&L blocked it? It makes you wonder just who is in charge of all the data provided.Too many cooks spoil the broth.

masonic

joe134 wrote: »

Just had Rapport e-mail confirming rapport installed and on, on A&L site .so they asked for ID number , 8 digit to reactivate my link with A&L, still awaiting new pin.From A&L by post.They must be liasing between themselves or why would Rapport require my ID number to reactivate my a/c.I thought A&L blocked it? It makes you wonder just who is in charge of all the data provided.Too many cooks spoil the broth.

Probably it takes someone from Rapport to look at the screenshot confirm it's installed and they then need to report back to A&L that your customer ID is ok to reactivate. But it is a little unsettling how 'involved' Trusteer are getting in A&L's operations. Then again, perhaps that's a good thing considering the quality of some of the information you've been getting direct from A&L. :undecided

elektra

masonic wrote: »

I've been spooked by some of the very sophisticated attacks I've read about in recent weeks and now do all of my internet banking from a live CD.

can you explain this please

thanks

masonic

elektra wrote: »

can you explain this please

I think there was some discussion of this a bit earlier in the thread, but the idea behind this is as follows...

There are quite a number of bootable CDs available. Most Linux installation CDs can boot up into a trial operating system so that you can see what you get before you install them. There are also CDs that come loaded with certain tools that can be used to fix problems on your PC or perform computer maintenance tasks. Often, these will come bundled with a web browser and networking enabled, so they can be used to do internet banking.

These CDs provide really excellent security because they are read only. When you turn on your computer with one of these CDs in the CD ROM drive and boot from it, you can guarantee you are always booting up into a known safe operating system, even if your hard drive is totally infested with bad things. As long as you ristrict yourself to doing your internet banking and only visit the websites that you know belong to your bank(s), then there is also no way of anything getting onto your system during the time you are doing internet banking.

If you are interested in this, there is a good, thorough discussion of the subject here. I used to recommend Parted Magic as a good fast and lightweight live CD for internet banking - it came bundled with Truecrypt, which I liked a lot. Unfortunately, the latest version of Parted Magic now runs Google Chromium browser, which doesn't seem to render online banking pages very well (the Halifax site is unusable). I now recommend Slax. It comes with Firefox as standard, but if you want to, you can also add extra 'modules' such as Truecrypt for encryption or anything else you might need for internet banking related activities. Of course, a full operating system like Ubuntu is fine to use, but you'll have to wait longer for it to boot up.

StevieJ

Why don't the banks recommend LiveCD?

masonic

StevieJ wrote: »

Why don't the banks recommend LiveCD?

How many customers do you think would be disciplined enough to reboot their system and pop in the live CD every time they want to log in to one of their bank accounts? I think it would be a very small minority. Banks, if they know/understand the concept at all, probably wouldn't think it was worth doing anything about.

joe134

masonic wrote: »

I think there was some discussion of this a bit earlier in the thread, but the idea behind this is as follows...

There are quite a number of bootable CDs available. Most Linux installation CDs can boot up into a trial operating system so that you can see what you get before you install them. There are also CDs that come loaded with certain tools that can be used to fix problems on your PC or perform computer maintenance tasks. Often, these will come bundled with a web browser and networking enabled, so they can be used to do internet banking.

These CDs provide really excellent security because they are read only. When you turn on your computer with one of these CDs in the CD ROM drive and boot from it, you can guarantee you are always booting up into a known safe operating system, even if your hard drive is totally infested with bad things. As long as you ristrict yourself to doing your internet banking and only visit the websites that you know belong to your bank(s), then there is also no way of anything getting onto your system during the time you are doing internet banking.

If you are interested in this, there is a good, thorough discussion of the subject here. I used to recommend Parted Magic as a good fast and lightweight live CD for internet banking - it came bundled with Truecrypt, which I liked a lot. Unfortunately, the latest version of Parted Magic now runs Google Chromium browser, which doesn't seem to render online banking pages very well (the Halifax site is unusable). I now recommend Slax. It comes with Firefox as standard, but if you want to, you can also add extra 'modules' such as Truecrypt for encryption or anything else you might need for internet banking related activities. Of course, a full operating system like Ubuntu is fine to use, but you'll have to wait longer for it to boot up.

Hi Masonic, very interested, looking into it , read articles. Do you download slax direct to cd? or hard drive.then transfer.I would be prepared to take the time to do this system than what I have been through.IB only,is cd preferable to stick?

atypical

joe134 wrote: »

What size flash key do you need for IB only?or is cd better

Slax is 200MB. You need to make sure your PC can boot from USB, easiest way is probably just to try.