Archive for December, 2013

Online Banking & Security Q&A



Approach your online security with the right frame of mind.

Q. What’s the safest way to do my online banking: over a wired connection, powerline networking or Wi-Fi?

A. The answer doesn’t matter as much as you might think, but asking the question does mean you’re approaching your online security in the right state of mind.

Overall, a wired ethernet link is more secure than either Wi-Fi or powerline networking, in which the electrical wires in your home carry Internet data. To compromise an ethernet network, an attacker needs to get into your house and plug in a laptop, while Wi-Fi signals go beyond your home and powerline networks can leak information to adjacent dwellings.

Both Wi-Fi and powerline setups come with encryption options to scramble data flowing over the network; once you switch them on, an attacker would need to know the password to break in. But Wi-Fi’s obsolete WEP encryption can easily be defeated — and is still presented as a valid option in routers’ setup routines.

Furthermore, if you leave a router on its default administrative password, somebody who connects to your network can also monkey with the router’s settings to redirect your traffic to rogue sites. For much the same reason, you shouldn’t automatically trust third-party wireless hot spots.

Financial sites use encryption of their own to scramble data flowing to and from your computer — as reported by your browser with a lock icon in its toolbar that, when clicked, should display an info sheet including the bank’s name — and that should almost always outweigh the security of your local network.

(A determined attacker could defeat a bank’s login security by persuading a user to connect to a router running malware that subverts this encryption, but this seems to have been a theoretical exercise to date.)

Your local network, however, makes up only one part of the “attack surface” of online banking, and it may not be nearly as profitable as two others: your computer and your mind.

If an attacker can get a keylogger on your computer to record your keystrokes, the strength of your bank’s encryption and the complexity and novelty of your password won’t matter at all — each tap of the keyboard will have already been recorded and transmitted.

That’s why it’s important to keep up with security updates for both your operating system and your browser (if you haven’t disabled Oracle’s vulnerability-prone Java Web plug-in, now would be a fine time to do so).

And if an attacker can fool you into typing your username and password into a phony site by sending you a phishing e-mail, your security-fix fastidiousness won’t matter either.

You can thwart phishing attacks with the extreme measure of using a separate computer for online banking and nothing else (recommended at a panel on identity theft that I moderated earlier this month) or the lesser step of throwing a Linux LiveCD into your regular PC and booting off that for online banking sessions isolated from your usual software. But it’s just a little easier to remember this basic rule: Never log into a bank account by clicking on a link sent in an e-mail.

If you’re not sufficiently depressed about the state of financial security online, Target’s massive credit-card breach — apparently executed by exploiting the retailer’s in-store systems — offers a reminder that many account compromises happen in places we can’t control.

And the best way to watch for them is to monitor your account for unusual transactions — which means you should do more online banking, not less.


Many major sites, from Facebook to Google to Microsoft to Yahoo, now allow “two-step verification” to protect users’ logins from the loss of a password. That option requires users to vouch for all logins, or only those from strange computers or locations, by typing in a one-time password sent to their phone via text message or to a specialized app like Google Authenticator.

Most financial institutions, however, have yet to tune in to this trend. There’s Bank of America’s SafePass, CitiBank’s identification codes Ally Bank’s Security Code, and not much else. But if your bank offers this option — which may require looking around its site — you should enable it right away. And if it doesn’t, you might want to ask why.

Rob Pegoraro is a tech writer based out of Washington, D.C. To submit a tech question, e-mail Rob at Follow him on Twitter at@robpegoraro.

Answers to questions are going out….

Sadly we have been severely backlogged with questions and are finally getting caught up. Thou some might not like the answers, they are going out to people as I type.

Keep them coming!

  • Some notes, please remember to give enough details with your question so we can try to best understand the issue and give an educated answer.
  • If you really want an email back, you need to give a valid email
  • If you do not want to be mentioned on the show, please let us know in the request
  • Not all questions will be answered but we try to answer most of them
  • Not all questions can be answered in a timely manner, so if its an emergency or life threatening, call 911 or your local law enforcement


  • Rocobop_grande

Ask a Cop?: Failure to yield to an emergency vehicle


—–Original Message—–

From: katie
Sent: Thursday, August 29, 2013 7:32 AM
Subject: failure to yield to emergency vehicle?

If a cop already has someone pulled over on the side of the road, and you swerve around them but don’t go completely into the second lane, is that a considered a failure to yield to an emergency vehicle?

I received a ticket last night for this and I don’t feel that I did anything wrong. When the cop was done giving the car he had pulled over a ticket (I’m just guessing he did) he then turned on his lights and I pulled to the side thinking he had to get somewhere. But then I realized he was pulling me over. And gave me a ticket saying I failed to turn completely into the second lane while he was on the side of the road. However I did not fail to yield to him because I swerved around him pulling over the other car, and again pulled off to the side of the road when he pulled me over.

Would you agree that I do or do not deserve a ticket? I usually don’t disagree with cops, but a $178 ticket for failing to yield when I did in fact yield, I even slowed my car down as I went by him (because I always feel extra cautious when driving by a cop) and swerved around them. His arugement is that I did not turn into the second lane on the road. However, I did partially turn into the second lane, it just wasn’t a complete 100% turn into the other lane.

Do I deserve this ticket or can I go to court and fight it?



The law is often interpreted differently by different people. If you go to court and say you slowed down and partially changed lanes before passing, it will be your word against the officers. I see people disobey this law quite a bit because they just are not aware of it. If you go to court and say you knew of the law and explain the actions you took the judge may or may not side with you. In the least, if the officer doesn’t show up the citation will be dismissed. Sounds like you feel you did enough while the officer felt you didn’t do enough. If you feel strongly that you didn’t deserve the ticket you should go to court to fight it. Just remain calm, don’t interrupt the officer, and wait for your turn to explain your side. Photos of the scene would be helpful showing your view as you approached the area. With an enlarged photo you’ll be able to show the judge exactly what you did. People with great photos and prepared for their case often have a good chance in court rather than the people who just show up empty handed and say they are innocent.

Here’s the law:

The Law

Vehicle Code 21809.  (a) A person driving a vehicle on a freeway approaching a stationary authorized emergency vehicle that is displaying emergency lights, a stationary tow truck that is displaying flashing amber warning lights, or a stationary marked Department of Transportation vehicle that is displaying flashing amber warning lights, shall approach with due caution and, before passing in a lane immediately adjacent to the authorized emergency vehicle, tow truck, or Department of Transportation vehicle, absent other direction by a peace officer, proceed to do one of the following:

(1) Make a lane change into an available lane not immediately adjacent to the authorized emergency vehicle, tow truck, or Department of Transportation vehicle, with due regard for safety and traffic conditions, if practicable and not prohibited by law.

(2) If the maneuver described in paragraph (1) would be unsafe or impracticable, slow to a reasonable and prudent speed that is safe for existing weather, road, and vehicular or pedestrian traffic conditions.

(b) A violation of subdivision (a) is an infraction, punishable by a fine of not more than fifty dollars ($50).

(c) The requirements of subdivision (a) do not apply if the stationary authorized emergency vehicle that is displaying emergency lights, the stationary tow truck that is displaying flashing amber warning lights, or the stationary marked Department of Transportation vehicle that is displaying flashing amber warning lights is not adjacent to the freeway or is separated from the freeway by a protective physical barrier.

CopTalk Staff

The 13 weirdest Bay Area crime stories of 2013 – Gallery

See the full story on - Ah, the Bay Area. Weird and dirty, strange and exotic. It’s a place so quirky that we explain things away with a shrug and the phrase, “Ah, San Francisco.” The Chronicle’s reporters encounter so many bizarre tales each year. We compiled 13 of the strangest in this year-end gallery.