Slashdot Mirror
Bank Security Software EULA Allows Spying On Users
An anonymous reader writes Trusteer Rapport, a software package whose installation is promoted by several major banks as an anti-fraud tool, has recently been acquired by IBM and has an updated EULA. Among other things, the new EULA includes this gem: "In addition, You authorize personnel of IBM, as Your Sponsoring Enterprise's data processor, to use the Program remotely to collect any files or other information from your computer that IBM security experts suspect may be related to malware or other malicious activity, or that may be associated with general Program malfunction." Welcome to the future...
Security scanning software that looks at all of my files? How will I be violated next? /sarcasm
Seriously, these privacy alarmists are kooks. They have no idea how IT works.
There's a big difference between scanning files and collecting them.
We're working with our internal legal folks to force this clause out of the EULA for all of our customers.
Just letting you guys know that some of us do give a shit. Can't say which bank though.
If a bank/CD/whatever other crazy thing requires you to install software to use it, take your business elsewhere.
Agreed, these so called kooks actually understand how IT works; that's why they are alarmist.
Yeah I trust IBM to only use the software to remotely collect *malicious* files from my system, I am sure IBM never receives confidential requests from the NSA or anything like that. *rolls eyes*
Did you ever wake up in the morning, with a Zombie Woof behind your eyes? -- FZ
It wasn't alarmist when Rapport compromised the integrity of the computer I use to earn my living with a bad update. Boot from recovery disk, uninstall Rapport, revert to previous known good configuration, and the problem goes away. Let Rapport back on, computer immediately fails to boot again.
I told the bank in question that the software they asked me to install wasn't working, and now every time I log in to their business banking site, and I decline to use Rapport selecting the option that says it didn't work for me, they tell me that Rapport has been tested by them. So not only do they want me to install malware, but my bank is also incompetent at security. Great, now I'm really thrilled to be trusting them with my company's money!
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
I use a bank that likes to push this software. Everytime I log into the online banking you get an annoying "pop over" suggesting you install it, which I have to close each time. I've never installed it, and reading this very glad I didn't, I'm always suspicious of websites trying to push software as must have, even if it's banks doing it. My concern is banks moving towards making software like this mandatory, before they will allow you to log onto online banking. Go elswhere, well yes, for now, but if every bank insists on software like this? I've already heard banks can refuse to refund any fradulant transaction if they think you've not taken adequate protection. Would not installing the banks "recommended" software meen you haven't taken adequate protection? Yes I could go back to banking by phone (which is far less secure, of course) or in branches, but with more branches closing all the time, the latter probably won't be an option for much longer either.
We have had to deal with Trusteer here at work. It is utter krap and will fubar normal Windows installs. Essentially the only way to get this to work is to dedicate a VM to it. We are lucky we only have to use it occasionally.
We play the game with the bravery of being out of range