Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday September 29 2016, @03:26AM   Printer-friendly
from the is-it-okay-if-they-pay-me? dept.

While waiting for ten minutes on "hold" to make an appointment with my local branch of Scotiabank, I had time read through the new "Digital Services Agreement. Most of the eighteen pages were unremarkable, but a couple of things stood out.

When you click "Accept", you are agreeing to not give your password to police if they ask!

You are responsible for maintaining the confidentiality and safekeeping of your Card, Card Number, Username, and Electronic Signature. ... These responsibilities include:

  - not voluntarily disclosing your Electronic Signature to anyone else at any time, including any family member, friend, law enforcement agency, or financial institution employee;

You're also agreeing to not use "public" wifi:

(These responsibilities include:) using your own private wireless data connection, and avoiding use of public Wi-Fi services, when you are using the Digital Services;

This of course is from a bank that still refuses to allow Uppercase letters or Special characters in a password.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Insightful) by pkrasimirov on Thursday September 29 2016, @07:38AM

    by pkrasimirov (3358) Subscriber Badge on Thursday September 29 2016, @07:38AM (#407776)

    What's wrong with coffee shop WiFi and SSL?

    Starting Score:    1  point
    Moderation   +3  
       Insightful=3, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2) by frojack on Thursday September 29 2016, @07:14PM

    by frojack (1554) on Thursday September 29 2016, @07:14PM (#408075) Journal

    Ask the pimply faced kid lurking behind his laptop screen in the corner.
    He probably already knows what level of SSL your bank is using and may have already tried a downgrade attack on your phone. (How sure are you that your phone isn't still using SSL 3?)

    VPNs are actually WORSE [infosecurity-magazine.com] then most new browsers.

    --
    No, you are mistaken. I've always had this sig.
    • (Score: 2) by pkrasimirov on Thursday September 29 2016, @09:21PM

      by pkrasimirov (3358) Subscriber Badge on Thursday September 29 2016, @09:21PM (#408125)

      But that is 1) bank's fault at cyber security, 2) user's fault for using the bank and 3) unrelated to the coffee shop wifi. With compromised SSL I am at risk even at home.