NO NO NO.

The bank should be able to escape liability if they prove that the damage was CAUSED BY customer's negligence. Otherwise, they might have let an employee capture all your "secure" information and sell it to the Russians, but they're not liable because it turns out you didn't download the latest WinXP patch.

Just as with a car accident, there has to be an investigation into who actually caused the problem. It's reasonable to share the blame, but I think in a case where reasonable actions on the part of the bank would have prevented the problem completely, it's also reasonable for them to be responsible. They're the professional service here. They *do* have a greater burden than their customers.

Show me the bank that's been demonstrated secure by a LACK of media coverage of their failures... and I'll show you a bank that's either (a) too small to do much of anything or (b) really, really good at shutting up media.

Inductive reasoning proves nothing. Just because there's no coverage of Bank A having customers' accounts get wiped out doesn't mean that it hasn't happened and won't happen. It just means you're now subject to the media's whim as far as information goes, rather than just the bank's. And since the media doesn't have any special rights WRT getting info from the banks about their practices, you're really not a whole lot better off at all... since all you're going to see is whatever sells ad spots. (Oh, Bank A wants a 30-second spot every half hour? All we have to do is drop that story... right. I'll get right on it.)

Talk to the bank you want to move it to about a Rollover account. You don't have to pay taxes if you roll it over properly.

Those types of breaches aren't limited to the world of online banking, though. Someone can walk up to me with a gun while I'm at the ATM and demand I take out ALL my money and hand it over. Someone could kidnap my child outside the bank during business hours and hold him hostage until I went in and emptied my account and handed it over.

But... the banks *have* implemented security measures to make these types of "attacks" more difficult. ATMs cap the amount you can withdraw during a single transaction, and also during the entire day across multiple transactions. They have security cameras installed to make catching and prosecuting offenders easier. They have silent alarms at the teller, which they can set off if they think something's iffy about a transaction. Accounts with multiple account holders may require multiple signatures for certain transactions.

They can't secure my body or my family, but they *do* do what they can to secure the transactions I make via their branch or resources. Why should I expect different from online banking?

And this is primarily due to online banking, rather than ATMs?

And the banks say "Sure thing! That'll be just $5 per transaction!"

As others have pointed out, they'd *also* lose customers if they actually made online banking secure.

Think about it: first, they have to make things less convenient, because frankly, convenience and security are inversely proportional. That will lose them customers right off the bat.

But as several posters have pointed out, that's not enough... because people don't know how to keep themselves secure. So for a bank to actually make their customers' transactions as secure as feasible and reasonable, they would have to require everyone to pass a test or take a class before signing up for online banking. How many banks would permanently lose a lot of business if they cut off online access to their customers until they'd been certified to use online banking?

For exactly the reasons you stated, it's unlikely that banks will make online banking reasonably secure unless regulators step in. (And this is why we can't have nice things in a free market.)

The above post is SFW.

Gosh... I own a house in Idaho, and was planning to sell it, but maybe we should just move there!

(What's the job market like in Gooding?)

So you avoid Hawaii like the plague?

I'm guessing that's what they meant also, but really, there's no confirmation of this theory anywhere in TFA. It's simply the most sensible interpretation of their fumbling attempt to discourse.

I doubt it's either of these. A very low percentage of emails give much geographic information about their associated users, so even if Idaho was the Spam Sucker Capital of the Universe, the spammers wouldn't know how to target Idahoans. And I think that, even if it's true that Idaho adopted email later relative to other worldwide locales, by now it's been long enough since widespread adoption that the n00b effect is diminished to statistical insignificance.

The most likely explanation (if, in fact, the phenomenon poorly documented in this article bears any semblance to reality) is that Idaho has a lower rate of email-based commerce than other states, due to lower population density and an economy that is largely rooted in agriculture (no pun intended). A larger percentage of email is probably personal rather than professional, and personal email use patterns are more likely to engender large spam-to-useful ratios.

yeah... I actually read TFA because I figured the summary was just garbage. But no, that's how the article puts it, too, without EVER explaining what on earth they're trying to say.

I would be too, since it works if you visit a website in IE, but doesn't work if you visit a website in Chrome.

What I wonder is... does the Chrome Frame counter this particular exploit? I could see it doing so by either negating the "visit in IE" requirement (by using the Chrome rendering engine) or the "Chrome not running" requirement (by running the Frame).

Of course it can! It could, for example, immediately upon launch, enroll you in a roster of botnets, search your drive for 9- and 16- digit numbers to send to an email address in the Czech Republic, and post all pictures it finds on all connected drives to Flickr.

Sure, it's plausible. But the least plausible part of it is that the cops called the perp in the first place.

What makes you think that I'm using data that isn't taking that into account?

When you break up the US trade balance by region, you find that every region EXCEPT the one that contains California (I think it's region 9, but I could be mistaken) has a huge trade deficit. That takes into account where goods are shipped after they arrive at the ports, and where they come from before they depart from the ports. Unfortunately, my lecture notes are stored away somewhere obscure (maybe they're in the cabinet under the cable modem and router), but the percentage of goods that go through the California ports that are not from/to other states is pretty large... definitely a majority. That's not the case for any of the other large ports in the nation (such as Seattle, the one in New Jersey, etc.)

It helps that the state contains over 10% of the entire nation's population, of course.

Because they could... what? Go to college? Not if they couldn't get into college-track courses in high school. Not if they can't earn a scholarship. Learn a trade? Even that is expensive; during apprenticeship (such as for plumbing) you make almost no money, and it's often competitive to get into one. Just what do you suggest as the method(s) that really anyone can pull themselves up by their bootstraps? Because I have yet to learn of some path that is truly available to *everyone*, regardless of their resources.

Oh, wow. That's just... wow.

What's the poorest *you've* ever been? And what are these opportunities you speak of that don't require special training, a high degree of literacy and/or numeracy, or physical prowess? because some people don't have ANY of those things, or any way to get them.

And why? Why has she? Do you ever think about that?

Sure we do (at least, a lot of us do). We're just not willing to, and we have enough acquired power (see Hobbes, or was it Rousseau?) that we don't have to.

You know, my housekeeper makes $90/day to come to my house every other week and clean. That comes out to more than $10/hour, but that is NOT getting paid "really, really, really well" in this area. Not only that, but she's 66 years old, and can't work as physically hard as she used to. She's never had an opportunity to save for retirement, though, and her son barely makes enough to support himself and his daughter, so she can't quit. She doesn't speak English very well (some people are good with languages, but she's not one of them), and though she's very intelligent, she's not well-educated, so there aren't many non-physical opportunities for her. She's taken some jewelry-making classes, and I pay her $10-20 to fix broken necklaces every now and then, but she doesn't have the resources to start up a full-scale jewelry business.

What do you suggest for her? What are her options to make money? She's a US citizen (if you're over 65, you're allowed to take the exam in your native language), but doesn't have much else in the way of natural or acquired power.

What about the friend of a friend who, having lost her eligibility for Medicaid when her kids moved in with their dad (because she was about to be homeless), can no longer afford her medication for bipolar disorder? She's slipped farther and farther into depression and dysfunctionality, smokes too much weed and can't be a good parent, pay her rent, or keep a job. But she also can't afford mental health care or substance abuse treatment, which aren't easy to get even if you *do* have Medicaid.

If she does lose her job, she may be able to get her insurance back, but then if she regains functionality with treatment, she could lose it again. What's your solution for her problems? What's she just not doing right? Most of her skills tend toward backstage grunt work for community theater.