Re^2: OT: How legal are automated logins

in reply to Re: OT: How legal are automated logins
in thread OT: How legal are automated logins

This post comes closest to the real issue. It's perfectly legal for your friend to use such a program, but quite illegal for anyone else to use it, even you when you're testing it. This is because only your friend is the authorized user of any such accounts.

It then only becomes illegal for your friend to use such a program if it creates some sort of unnecessary system load on the various companies' servers. Not likely, but you might be liable if it's due to a bug in your code (in theory, anyway).

But if you think about it, the real problem that every post here has danced around is whether or not such a script doesn't have some pretty nasty inherent security flaws. Is it wise for such a program to exist anywhere that has automated access to your friend's financial information? Even the companies in question only have access to their own data, not ALL of it.

I would refuse to set up such a system. If he wants someone to watch his balances for him, he needs a personal assistant and an agreement with the banks that the assistant has access to the info (or a caring wife whose name is also on the accounts). :-)

Or, best of all, he should find out whether or not the banks themselves offer some sort of similar service. (You never know, and way more secure than any of the above.)

Comment on Re^2: OT: How legal are automated logins

Replies are listed 'Best First'.
Re^3: OT: How legal are automated logins by zentara (Archbishop) on Sep 05, 2004 at 12:46 UTC
I would probably refuse to setup such as system too, even for myself. This brings up the whole spectre of 'weak security' on the internet, when it comes to financial data: WI-FI weaknesses, the ubiquitous "4-digit unique user access number", and the stupidity of people letting "their browser 'remember' the logon passwords to their account, while leaving their computers running unattended 24/7". It seems that "wide-eyed optimistic designers" are rushing in and promising banks that their security measures are adequate, for their proposed growing internet access projects. Either the financial institutions are willing "to eat losses" caused by the weak security, in order to save on security design; or they are just plain ignorant. I expect to see a "giant scandal" soon, on the level of an Enron ripoff, which will prompt the endless Congressional commitees and yada yada yada......... I'm not really a human, but I play one on earth. flash japh	[reply]

Replies are listed 'Best First'.

Re^3: OT: How legal are automated logins
by zentara (Archbishop) on Sep 05, 2004 at 12:46 UTC

This brings up the whole spectre of 'weak security' on the internet, when it comes to financial data: WI-FI weaknesses, the ubiquitous "4-digit unique user access number", and the stupidity of people letting "their browser 'remember' the logon passwords to their account, while leaving their computers running unattended 24/7". It seems that "wide-eyed optimistic designers" are rushing in and promising banks that their security measures are adequate, for their proposed growing internet access projects.

Either the financial institutions are willing "to eat losses" caused by the weak security, in order to save on security design; or they are just plain ignorant. I expect to see a "giant scandal" soon, on the level of an Enron ripoff, which will prompt the endless Congressional commitees and yada yada yada.........

I'm not really a human, but I play one on earth. flash japh

[reply]

In Section Seekers of Perl Wisdom