So I kept noticing on the On Line TD Banking home page a mention of protecting your computer with McAfee, and on Saturday I investigated further. The short answer is: yes, it does seem that they are giving away McAfee Anti-Virus if you are a TD client. I haven’t actually installed the “Free” software, but I have registered for it, and it does seem to be a real copy of the software (if anyone has done this, please leave me a comment on your experience).
At first blush this is a bit annoying (for me) if it is a real copy of the software, as I have already updated my software (now I got it very cheap on sale, but I still paid money, for something I could have received for free which always annoys me). No Alanis that is not Ironic, just really annoying.
The second thing that I noticed was that after I registered the software with my existing McAfee account, this “Free” software asked me to update my credit card information (since I let it lapse), and the “Free” subscription would not allow me to continue until I gave a valid credit card number with a valid expiration date. This seems odd to me since I am not paying for this “Free” software, so why do they need a credit card?
Why you may ask indeed, and after I finished the registration process the system noted (in a side column, where I might not have looked) that the “Free” software had Auto-Renewal set to ON, so that I wouldn’t lose my “security experience”. To quote George Costanza, “A HA!!!!!!!“, now I get why they wanted an up to date credit card, so they could auto-renew it some time in the future and charge me $75 for the year (also remember George’s comments about “… sticking it to me!”).
To stop the auto-renewal is a simple matter of finding the auto-renewal page, and turning auto-renewal to OFF, however, I would guess many folks who would not go looking for that (or even notice that auto-renewal was on).
Why does computer security software marketing tricks seem solely based on Used Car Sales and Carnival Games of “Skill” trickery?
Do you have a magic list of passwords for all of your various on line profiles? Do you have a system for changing your passwords often? Do you have the same password for all of you on line profiles?
If you answered Yes to the last question, allow me to say, “DON’T DO THAT!”, for the love of MyDoom, if any of the many sinister nasty folks on the Interweb get into one of your accounts, suddenly they are into all of them. I have talked about Financial On Line Security before, but this was triggered by yet another interesting discussion with Mrs. C8j.
Security Needs to be Watching
There is actually a very long list of different financial on-line profiles with user ids and passwords, but Mrs. C8j pointed out that she really should have access to this information in case of an emergency. My guess is that a solution to this will be to actually print out this information and put it in a safe deposit box or somewhere safe for her.
This is actually a terrible solution, because:
You should not have a file with this information on a computer anywhere (unless you have it under some kind of heavy encryption, but even then, that may not be that safe).
Printing it just means that it will be even less safe (paper is much easier to pilfer).
Printing the information means she has a snapshot, at that moment, however, when I change those passwords, the list is suddenly useless.
The other ideas like putting it on your cell phone is bad, because the phone is easily stolen, and putting it “in the cloud”, just makes it easier to find.
What is the best way to keep this information secure, while being able to share it (securely) for the “what if” scenario.
Yesterday on Boxing Day here in Ottawa that point was driven home like a nail from a pneumatic nail gun.
Anti-Virus which is Cheaper when Bought New
Last week, my mail program came up with a note saying, “About to renew your Norton 360 Subscription”, and it was going to use the credit card that it had on file, and it was going to cost $79.00 for my machine. After I stopped yelling obscenities, I logged onto the Norton site, to see that in fact the “renewal” had not gone through, it was Norton attempting to influence me to go to the site and simply hit the “ReNew” button (which I did not). I managed to figure out how to stop this automatic renewal from happening. I sort of suspected that this might happen given Michael James’ post on McAfee’s Persistent Trickery, but I was quite happy to have caught it before it happened.
I have noticed that the Boxing Day sales regularly have Anti-Virus software on sale so I decided I was going to wait and see what might happen with the sales.
Sure enough our Amigos at Future Shop delivered and had Norton 360 on Sale for $29.99, for 3 machines and for a 15 month subscription (remember to renew for 1 machine for 12 months was going to cost $79.99), so my patience seems to have paid off. I checked the Norton site and they had a Boxing Day sale for the same product (3 licenses Norton 360) for $69.99 (wow).
I guess we can add Anti-Virus software that you can purchase at the Boxing Day madhouse.
Over at Data Genetics they did a little PIN Safety study and they found out that there are a lot of dumber than posts people out there, because the most popular PIN is 1234. Really you say? Really, I reply.
Remember this scene from Space Balls?
Dark Helmet was right, if your PIN is 1234 (or 12345 in this instance) that is the stupidest password in the world.
These are the WORST PIN you can Have!
I enjoy when real statistics come out to blow the whistle on those lazy folks who think their birthday or the like is a good PIN for their security system.
Want the best PIN to have? I won’t spoil it for you but a really good one is 6835, check the link above and you’ll see what might be the best choices (but now these are known, are they the best any more? Maybe 1234 is now the best?).
Gotta love some of those PINs, read the article, you may want to go out and change your PIN, very quickly.
It might be fun to ask if you can add another number to your PINs? Of course going to 12345 as a PIN, might not be that good either? Buy Spaceballs the movie too, it’s available on Blu-Ray.
Last week I noticed that my ATM access card for TD was cracking (right through the middle of the on card chip), and my wife told me I should go get a new one before this card stopped working (because it would most likely stop working at the most inopportune moment). This sounded like a good idea to me, so one night last week I managed to get to the TD branch near my house.
Mrs. C8j had told me that you didn’t actually have to go to a teller to get a card, you could simply drop by the desk at the front door and they would take care of you, and so I did, and I met a bubbly young lady who was very helpful. She had a look at my card and said yes now would be a good time to replace the card as it wasn’t going to last much longer. The next question she asked is sort of the crux of my point here: did I want to replace my existing card or simply take a new card with a new number?
The TD ATM card doesn’t have your name on it, so it can be quickly replaced if you wished, and then the young lady pointed out that if I wanted the same number, it would take 10 days to get a new card, however, to get a new card with a new number could be done right away. I decided I’d rather have a new card with a new number, since my old card was not going to last.
This meant I then had to change my on-line access information with the new card number (after the young lady had set up the new number as my new access card number), but it was pretty easy to do, and didn’t take very long.
The inadvertent security crossed my mind as I changed my on-line interface, as now that number is changed if anyone had stolen my banking info or “cloned” my card (as Mrs. C8j had in TD I Apologize ) . I wonder what TD might do if every 6 months or so I came in with a damaged card and asked for a new one? My guess is they might not care much, although their security division might notice after a while, but this looks like an interesting security measure. The number on my ATM access card is not needed for anything except for ATM transactions and Interac transactions, so changing it just means I have to change my on-line banking.
I believe I have stumbled across an interesting inadvertent security measure.