Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: OT: How legal are automated logins

by zentara (Archbishop)
on Aug 11, 2004 at 12:46 UTC ( [id://381957]=note: print w/replies, xml ) Need Help??


in reply to OT: How legal are automated logins

I wouldn't worry about the bank's robot.txt as much as what your "friend" will do if somehow his account gets hacked? Will he unjustly blame(and possibly sue) you?. You are doing it for money, so beware. Friendships can die quite suddenly when thousands of dollars are involved. Write a contract that makes it "his responsibility" for the use of the script.

I'm not really a human, but I play one on earth. flash japh

Replies are listed 'Best First'.
Re^2: OT: How legal are automated logins
by Rhys (Pilgrim) on Sep 04, 2004 at 16:54 UTC
    This post comes closest to the real issue. It's perfectly legal for your friend to use such a program, but quite illegal for anyone else to use it, even you when you're testing it. This is because only your friend is the authorized user of any such accounts.

    It then only becomes illegal for your friend to use such a program if it creates some sort of unnecessary system load on the various companies' servers. Not likely, but you might be liable if it's due to a bug in your code (in theory, anyway).

    But if you think about it, the real problem that every post here has danced around is whether or not such a script doesn't have some pretty nasty inherent security flaws. Is it wise for such a program to exist anywhere that has automated access to your friend's financial information? Even the companies in question only have access to their own data, not ALL of it.

    I would refuse to set up such a system. If he wants someone to watch his balances for him, he needs a personal assistant and an agreement with the banks that the assistant has access to the info (or a caring wife whose name is also on the accounts). :-)

    Or, best of all, he should find out whether or not the banks themselves offer some sort of similar service. (You never know, and way more secure than any of the above.)

      I would probably refuse to setup such as system too, even for myself.

      This brings up the whole spectre of 'weak security' on the internet, when it comes to financial data: WI-FI weaknesses, the ubiquitous "4-digit unique user access number", and the stupidity of people letting "their browser 'remember' the logon passwords to their account, while leaving their computers running unattended 24/7". It seems that "wide-eyed optimistic designers" are rushing in and promising banks that their security measures are adequate, for their proposed growing internet access projects.

      Either the financial institutions are willing "to eat losses" caused by the weak security, in order to save on security design; or they are just plain ignorant. I expect to see a "giant scandal" soon, on the level of an Enron ripoff, which will prompt the endless Congressional commitees and yada yada yada.........


      I'm not really a human, but I play one on earth. flash japh

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://381957]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others contemplating the Monastery: (5)
As of 2024-03-28 20:53 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found