drawkcaB | Backward Compatible logo

rants and tips about software

Security

One thing really starts to go on my nerves. All the e-banking applications used for companies (personal e-banking is OK) seem to require that you run them under Windows. It amazes me how you should run your most sensitive stuff on most insecure possible system. Even if we handle the e-banking application issue (some of those are web apps., so you only need a browser), we still have a hardware issue as most of the smart-card readers used for authentication, only have drivers for Windows.

I don’t know if IT people who make applications have any valid excuse. Their arguments range from everybody else does it to most of our users require Windows version. Or perhaps there just aren’t enough skilled programmers in the industry who are able to create Linux or Mac versions?

Now, what’s the whole problem? Well, in order to get the financial data, you need to access Internet from such machine. In turn, that means you’re vulnerable to any new exploit - which are abundant to say the least. In order to transfer the data to the rest of the network, to people that need it, you connect such machine, and potentially expose the entire network to problems. Looks like that Windows machine doing e-banking needs DMZ configuration of it’s own.

Just another example of follow the crowd syndrome having bad effects.

Milan Babuškov, 2007-05-11
Copyright © Milan Babuškov 2006-2024