[Cialug] Dumb. Dumb Security.
Matthew Nuzum
newz at bearfruit.org
Sat Aug 18 20:07:30 CDT 2012
On Fri, Aug 17, 2012 at 10:40 PM, Todd Walton <tdwalton at gmail.com> wrote:
> You know... tell me if this makes sense. I signed up for what looks
> like a useful site: FutureAdvisor.com. I figured I'd try it out. It
> tracks my investments (particularly my 401k) and gives me advice on
> what to change or do, etc.
>
> So I start getting emails every week or two that say "hey, you're
> investments are up to $xx,xxx!". So I email them and say "I don't
> want you to send personal numbers like that through unsecured email".
> The response I got was a pointer to where I could change my email
> preferences. Said email preferences are to either get emails with
> personal money info in them, or get no emails at all.
>
> They may as well not secure their web pages. What's the point of the
> site being HTTPS when they send the same info by email? The only
> thing that's on the web page but not in the emails is specific advice
> like "we recommend x% exposure to domestic markets" and crap like
> that. Why would they go to the pains of securing *that*, but not my
> personal money info???
>
> Unsubscribe. No more FutureAdvisor.
>
> Sorry. It's not Linux, but I knew you guys would understand.
>
>
I think to some people this is a feature. Not having to go to a separate
website for every x, y and z in order to get the details. For example, one
of my bills I pay sends me a notice every month that my bill is due. I pay
my bills through my bank's website and it would be much more convenient for
me if they would just send me the amount to pay instead of making me click
the link and log in and find the page where my bill is listed, etc.
That is too bad that they don't let you configure it but I suspect they
weighed the differences between convenience and privacy and figured their
target audience preferred the convenience.
--
Matthew Nuzum
newz2000 on freenode, skype, linkedin and twitter
♫ You're never fully dressed without a smile! ♫
More information about the Cialug
mailing list