May 15, 2020

Example NaN Of Poor Security Practices

Background
I needed some specific bank statements from my bank to send to someone else for a transactional record. 🏦

How The Process Went

  1. Called my bank to request the specific statements as pdfs. (yep. called.) ☎️

  2. My bank said they would send me the encrypted pdfs via email and send me the password separately via the online banking communication system. Ok cool, that’s easy enough. Also, thanks for not sending my personal banking info as clear text through email! πŸ“§ πŸ”

  3. Received the emails in my email, and they opened right up.. No password needed. Hmm. Ok, well, I guess they forgot to actually encrypt them..? Nice. πŸ€·β€β™‚οΈ

  4. I forwarded the pdfs along to the party that needed them and assumed I was done. I then got a reply from them asking for β€œthe password to unlock the pdfs.” WTF?! πŸ”“

No idea what they used to β€œencrypt the pdf” but apparently that security only goes as far as the Windows operating system and does absolutely nothing when it comes to viewing the pdfs on a Mac via Preview, Quick Look, PDF Expert, or any other pdf viewer you can think of. πŸ€¦β€β™‚οΈ

As usual, security is given the least emphasis and lowest budget when it comes to securing our personal data. 😑


Security Mac Windows Banking


Previous post
Making A Userscript For Micro.blog One thing I absolutely love about the web is the fact that if you are viewing a webpage you can see all the code that makes up that page with a few
Next post
Playing Games - Good Job! As the clumsy child of a CEO, you must climb the corporate ladder one office-themed puzzle at a time! Complete puzzles in multiple ways as you
Jason Burk | 1999-2020
blot.im! | πŸ§›β€β™‚οΈ
πŸ“¦ Blog Archives πŸ“¦