Scientist Second your posting. But I would say that XP is less secure than Win2000, there are some suggestions I made in an earlier posting in this thread. E.G. the PnP. In addition you can encrypt your whole hard disk through the OS so that when someone installs another copy of the same OS they still cannot look at your sensitive information. See the link I mentioned in the other posting. Kicking Just remember that someone here in New Zealand was recently convicted and send to jail because he DISPLAYED in-appropriate porn on the schools PC (did not save it, but they traced that he downloaded it through the ISP and was still considered as possessing it....) Big Brother is watching you!
Should I build a nuclear bomb shelter in the backyard as well? Your obviouslu ignorant about business practices. A business, here in the U.S., is required by law to have controls in place. Since we know that this has happened before, they are aware that such a scenario exists. Therefore, IB needs to take steps to remedy it. It's funny that I have yet find any other malfeasance associated with this hack. It is the ease with which IB's controls make it possible for such an event to occur that makes the firm criticism worthy and exposed to legal action. I am responsible for the hack. If the perpetrator had started trading in the account, that's my fault since there isn't anything IB can do to prevent that. There are reasons why limits are placed on transactions over the net(and in many offline as well, such as holds on checks), it is to prevent fraud from occuring. The blame shifts from me to IB's when they don't put in some sort of control to stop something that happens everyday on the net. And also, if you would have read my posts(no wonder people think you're a jackass), I did take many precautions. Just yesterday, I scanned my system with an updated Norton and IT DID NOT FIND ANYTHING. 1. It was something XVID something. XVID is a codecs like DIVX. I guess it came along with it when I downloaded it. Found a link that says the trojan came with from a Kazaa version, but I thought I downloaded from the developers site(I don't use Kazaa). There was a second one with a file called ALL.EXE in the windows folder, don't remember the name.
Read Defs comments - Yes this type of technique is a good method to ensure security. The use of smart cards - where the identification algorithm is encoded in a piece of hardware - is an excellent way to prevent unauthorized access to an account. We do this for certain systems within our company. Another technique adds the hardware and network fingerprint in addition to the use of the smart cards. A hardware fingerprint could be spoofed but the network fingerprint - in the way that we implement this patented technology - would be nearly impossible to counterfeit without the attacker having physical access to the originating network.
Your tone suggests you think that the problem was not your fault. However, the fact that you are relying on a virus scanner as your main tool for security defense makes you open to attack. Learn how to protect yourself. Don't download any nonessential files to your trading machine. Check your router's log of incoming/outgoing traffic for trojan horses. Understand that Norton's isn't a panacea.
I recently received my token device for generating a response to IB's challenge. I've previously used them and they are as fool proof a method of security as you can get. Any one can get one from IB at no charge (deposit required for some accounts). There are only two ways I can think of to bypass this security. Method 1 requires having the account name and password to log into an account, stealing the device, and knowing the password of the device. That is, you're not going to loose money this way. Method 2 would be if you called IB to set up the wire, knowing personal information, etc. Do they even allow this or must everything be on-line? As for a protective feature mentioned earlier about the receiving account having the same name as the IB account, in practice this is not a good control. In many countries the application of payments to accounts is automated and there's no guarantee (or responsibility on the part of the bank) to ensure that the account name matches the payee name. If the account number is correct, the deposit will be made.
ive been using the secure id cards for VPN access to our company for years. nice stuff changes your pin every 1 minute. sometimes the card can get out of sync with the login server but ive never had that problem.
Two things. Change your passwords frequently. At least once a week. Make sure you have a different one for every account. Do not enable any kind of "wire transfer" from your account. I know it is convenient, but it is inviting this kind of disaster. Do it all by check and mail if you can. Have a dedicated "internet purchaces" credit card with a very low limit. Never give out the number to a "debit" or high limit card.