this post was submitted on 11 Jan 2024
62 points (88.8% liked)

Cybersecurity - Memes

1997 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] -4 points 10 months ago* (last edited 10 months ago) (2 children)

Why are you tunnelling to your home network to use a banking app?

Your banking app, if it was decently written by a sane programmer, should be entirely immune to any MitM attacks that a VPN would allay. Thus you would not be receiving any major benefit from using a VPN with your banking app. On the other hand, there is significant security value in the bank being able to see the actual IP of connecting clients.

[–] [email protected] 8 points 10 months ago* (last edited 10 months ago) (1 children)

I'm not tunnelling to my home network in order to use the banking app. I'm tunnelling to my home network as part of my general way of accessing the internet. My banking app isn't the only thing running on my phone while I use it.

I don't want to have to turn it off just to use the banking app.

if it was decently written by a sane programmer

Better hope it is then, I guess.

On the other hand, there is significant security value in the bank being able to see the actual IP of connecting clients.

Can you expand on that?

[–] [email protected] -3 points 10 months ago* (last edited 10 months ago) (1 children)

On the other hand, there is significant security value in the bank being able to see the actual IP of connecting clients.

Can you expand on that?

Security analysis. If you used your card in country A 5 minutes ago, logging in from country B across the world should realise a red flag. That's a very basic example, but advanced versions can be extremely accurate.

[–] [email protected] 4 points 10 months ago

Fair, but sounds like that can be mitigated with 2FA

[–] [email protected] 2 points 10 months ago

Considering the bugs in this app, and considering that this is an Indian bank, I highly doubt it was 'written by a sane programmer'.