[lug] How do you keep your passwords safe while Paying bills and Day Trading at Work?

Davide Del Vento davide.del.vento at gmail.com
Thu Oct 9 15:49:04 MDT 2008

> In my example (deleted), the part that makes the attack possible is the
> access to the client computer.

The key here is the client executable (browser, ssh, or whatever). If
that is "clean", you're safe.

> However,
> corporate IT does have access like that to all their business computers.


I installed my own ubuntu myself and I self-administer it. When I
asked them if they needed root access they said no, we need it only on
Windows/Mac/RHEL which we administered directly.

Anyway, I don't do anything "sensitive" from that computer, but I use
my home one. As a best practice, I also use an user just for this
purpose, whose browser goes only on my intended internet banking and
few "trusted" ones (I fear cross-site scripting and similar


More information about the LUG mailing list