<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_02_22_2353257</id>
	<title>How Banker Trojans Steal Millions Every Day</title>
	<author>kdawson</author>
	<datestamp>1266849180000</datestamp>
	<htmltext>redsoxh8r notes a blog post describing in some detail the operation of "man in the browser" Trojans used to empty victims' bank accounts. <i>"Banker trojans have become a serious problem, especially in South America and the US. <a href="http://blog.fireeye.com/research/2010/02/man-in-the-browser.html">Trojans like Zeus, URLZone and others are the tip of the iceberg</a>. These toolkits are now standard-issue weapons for criminals and state-sponsored hackers. Like Zeus, URLZone was created using a toolkit (available in underground markets). What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations (such as which banks to attack), but having all the flexibility and power of the original toolkit. Having such a toolkit in the hands of multiple criminal groups paints a scary picture. It's simply not enough to eliminate a particular botnet and criminal group to solve this problem."</i></htmltext>
<tokenext>redsoxh8r notes a blog post describing in some detail the operation of " man in the browser " Trojans used to empty victims ' bank accounts .
" Banker trojans have become a serious problem , especially in South America and the US .
Trojans like Zeus , URLZone and others are the tip of the iceberg .
These toolkits are now standard-issue weapons for criminals and state-sponsored hackers .
Like Zeus , URLZone was created using a toolkit ( available in underground markets ) .
What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations ( such as which banks to attack ) , but having all the flexibility and power of the original toolkit .
Having such a toolkit in the hands of multiple criminal groups paints a scary picture .
It 's simply not enough to eliminate a particular botnet and criminal group to solve this problem .
"</tokentext>
<sentencetext>redsoxh8r notes a blog post describing in some detail the operation of "man in the browser" Trojans used to empty victims' bank accounts.
"Banker trojans have become a serious problem, especially in South America and the US.
Trojans like Zeus, URLZone and others are the tip of the iceberg.
These toolkits are now standard-issue weapons for criminals and state-sponsored hackers.
Like Zeus, URLZone was created using a toolkit (available in underground markets).
What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations (such as which banks to attack), but having all the flexibility and power of the original toolkit.
Having such a toolkit in the hands of multiple criminal groups paints a scary picture.
It's simply not enough to eliminate a particular botnet and criminal group to solve this problem.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243538</id>
	<title>I LOL'd so hard</title>
	<author>GameboyRMH</author>
	<datestamp>1266935280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Your post is hilarious, but you're totally offtopic so I can't bring myself to mod you Funny.</p></htmltext>
<tokenext>Your post is hilarious , but you 're totally offtopic so I ca n't bring myself to mod you Funny .</tokentext>
<sentencetext>Your post is hilarious, but you're totally offtopic so I can't bring myself to mod you Funny.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242188</id>
	<title>Re:The problem is Bob</title>
	<author>jimicus</author>
	<datestamp>1266919920000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>Trojans have moved on a bit since a couple of years ago.</p><p>You no longer need to be an utter moron or surfing to some dodgy websites to get infected.  It's not unknown for rooted webservers to be serving up a side order of drive-by download (I have actually seen this happen on a respectable retailer's website).</p><p>It no longer sticks out like a sore thumb - you won't, for instance, find that attempting to point your web browser at www.symantec.com mysteriously doesn't work.</p><p>Your PC doesn't slow down to a total crawl.</p><p>You don't find something which looks a little bit like your bank's login page on an unsecured website registered in China.  Instead, a keylogger takes the details from your keyboard when you visit the real website and ships them on.</p><p>Even if you have up to date AV software, it doesn't necessarily detect the trojan.</p><p>In short, the malware authors have upped their game considerably and the security industry is playing catch-up.</p></htmltext>
<tokenext>Trojans have moved on a bit since a couple of years ago.You no longer need to be an utter moron or surfing to some dodgy websites to get infected .
It 's not unknown for rooted webservers to be serving up a side order of drive-by download ( I have actually seen this happen on a respectable retailer 's website ) .It no longer sticks out like a sore thumb - you wo n't , for instance , find that attempting to point your web browser at www.symantec.com mysteriously does n't work.Your PC does n't slow down to a total crawl.You do n't find something which looks a little bit like your bank 's login page on an unsecured website registered in China .
Instead , a keylogger takes the details from your keyboard when you visit the real website and ships them on.Even if you have up to date AV software , it does n't necessarily detect the trojan.In short , the malware authors have upped their game considerably and the security industry is playing catch-up .</tokentext>
<sentencetext>Trojans have moved on a bit since a couple of years ago.You no longer need to be an utter moron or surfing to some dodgy websites to get infected.
It's not unknown for rooted webservers to be serving up a side order of drive-by download (I have actually seen this happen on a respectable retailer's website).It no longer sticks out like a sore thumb - you won't, for instance, find that attempting to point your web browser at www.symantec.com mysteriously doesn't work.Your PC doesn't slow down to a total crawl.You don't find something which looks a little bit like your bank's login page on an unsecured website registered in China.
Instead, a keylogger takes the details from your keyboard when you visit the real website and ships them on.Even if you have up to date AV software, it doesn't necessarily detect the trojan.In short, the malware authors have upped their game considerably and the security industry is playing catch-up.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240338</id>
	<title>Re:The problem is Bob</title>
	<author>Anonymous</author>
	<datestamp>1266856380000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>My how high is that horse you're on! Think about Bob for a minute. Bob's not a techie. Bob doesn't seem to mind those pop ups he gets when he turns on his computer - they're just ads. Those ads on websites are relevant, and so are those emails that remind him to reset his Facebook/Paypal/Bank password. Bob also uses that computer work gave him when he logs into the online payroll processing account to make sure that you get paid this month. That's right, Bob's got other stuff in life to worry about than some stupid program on his computer. Would you like to convince Bob otherwise?</p><p>To start, you're going to have to acknowledge that Bob isn't an idiot. Bob might actually enjoy learning stuff about that computer - like how to make it faster and safer. Talk to Bob like a human being because he's not trying to screw up. Bob's just doing the best he knows how.</p><p>Oh yeah, one other thing: you can't fire Bob because he's your boss. Being nice to him might help you out.</p></htmltext>
<tokenext>My how high is that horse you 're on !
Think about Bob for a minute .
Bob 's not a techie .
Bob does n't seem to mind those pop ups he gets when he turns on his computer - they 're just ads .
Those ads on websites are relevant , and so are those emails that remind him to reset his Facebook/Paypal/Bank password .
Bob also uses that computer work gave him when he logs into the online payroll processing account to make sure that you get paid this month .
That 's right , Bob 's got other stuff in life to worry about than some stupid program on his computer .
Would you like to convince Bob otherwise ? To start , you 're going to have to acknowledge that Bob is n't an idiot .
Bob might actually enjoy learning stuff about that computer - like how to make it faster and safer .
Talk to Bob like a human being because he 's not trying to screw up .
Bob 's just doing the best he knows how.Oh yeah , one other thing : you ca n't fire Bob because he 's your boss .
Being nice to him might help you out .</tokentext>
<sentencetext>My how high is that horse you're on!
Think about Bob for a minute.
Bob's not a techie.
Bob doesn't seem to mind those pop ups he gets when he turns on his computer - they're just ads.
Those ads on websites are relevant, and so are those emails that remind him to reset his Facebook/Paypal/Bank password.
Bob also uses that computer work gave him when he logs into the online payroll processing account to make sure that you get paid this month.
That's right, Bob's got other stuff in life to worry about than some stupid program on his computer.
Would you like to convince Bob otherwise?To start, you're going to have to acknowledge that Bob isn't an idiot.
Bob might actually enjoy learning stuff about that computer - like how to make it faster and safer.
Talk to Bob like a human being because he's not trying to screw up.
Bob's just doing the best he knows how.Oh yeah, one other thing: you can't fire Bob because he's your boss.
Being nice to him might help you out.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242682</id>
	<title>Thanks</title>
	<author>noob22</author>
	<datestamp>1266927000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Now I'm gonna have to freak out every time my browser crashes. And with opera, thats about 4</htmltext>
<tokenext>Now I 'm gon na have to freak out every time my browser crashes .
And with opera , thats about 4</tokentext>
<sentencetext>Now I'm gonna have to freak out every time my browser crashes.
And with opera, thats about 4</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241772</id>
	<title>Switch off Javascript...</title>
	<author>Anonymous</author>
	<datestamp>1266957360000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>...and all other active content. Oh, and cookies too, that makes the job of those data gatherers slightly harder.</p><p>That's why I'm stuck posting anonymous.</p></htmltext>
<tokenext>...and all other active content .
Oh , and cookies too , that makes the job of those data gatherers slightly harder.That 's why I 'm stuck posting anonymous .</tokentext>
<sentencetext>...and all other active content.
Oh, and cookies too, that makes the job of those data gatherers slightly harder.That's why I'm stuck posting anonymous.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240436</id>
	<title>Re:The problem is Bob</title>
	<author>gmuslera</author>
	<datestamp>1266857160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The key component there is visiting with an insecure browser a "trusted" site. No matter if uses an antivirus to check whatever he is aware to download, the site exploited a vulnerability on the browser (that if well is not named there, IE have all the tickets) and in that way compromised his machine (no matter if was with admin or just that user priviledges, for what have to do to be as user is enough).<br><br>No matter neither if use secure or insecure connection, once he went to internet, is the machine and not the connection the compromised one...and that is enough.<br><br>Regarding your other points, no matter where he is, while he can visit that site, And about programs crashing and having strange behavior... ever used windows/IE?</htmltext>
<tokenext>The key component there is visiting with an insecure browser a " trusted " site .
No matter if uses an antivirus to check whatever he is aware to download , the site exploited a vulnerability on the browser ( that if well is not named there , IE have all the tickets ) and in that way compromised his machine ( no matter if was with admin or just that user priviledges , for what have to do to be as user is enough ) .No matter neither if use secure or insecure connection , once he went to internet , is the machine and not the connection the compromised one...and that is enough.Regarding your other points , no matter where he is , while he can visit that site , And about programs crashing and having strange behavior... ever used windows/IE ?</tokentext>
<sentencetext>The key component there is visiting with an insecure browser a "trusted" site.
No matter if uses an antivirus to check whatever he is aware to download, the site exploited a vulnerability on the browser (that if well is not named there, IE have all the tickets) and in that way compromised his machine (no matter if was with admin or just that user priviledges, for what have to do to be as user is enough).No matter neither if use secure or insecure connection, once he went to internet, is the machine and not the connection the compromised one...and that is enough.Regarding your other points, no matter where he is, while he can visit that site, And about programs crashing and having strange behavior... ever used windows/IE?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240400</id>
	<title>Re:Well...</title>
	<author>moco</author>
	<datestamp>1266856800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>My bank already has this as well as several other banks.  What ends up happening is that the attackers are performing the man in the middle attack in "real time".  The one time token is sent to the attackers through the malicious website and they have whatever time the designers allowed for timeout to use it.  After all they already have your credentials.</p></htmltext>
<tokenext>My bank already has this as well as several other banks .
What ends up happening is that the attackers are performing the man in the middle attack in " real time " .
The one time token is sent to the attackers through the malicious website and they have whatever time the designers allowed for timeout to use it .
After all they already have your credentials .</tokentext>
<sentencetext>My bank already has this as well as several other banks.
What ends up happening is that the attackers are performing the man in the middle attack in "real time".
The one time token is sent to the attackers through the malicious website and they have whatever time the designers allowed for timeout to use it.
After all they already have your credentials.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242390</id>
	<title>Re:Test</title>
	<author>micheas</author>
	<datestamp>1266922920000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p><div class="quote"><blockquote><div><p>What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations (such as which banks to attack), but having all the flexibility and power of the original toolkit. Having such a toolkit in the hands of multiple criminal groups paints a scary picture. It's simply not enough to eliminate a particular botnet and criminal group to solve this problem.</p></div></blockquote><p>
I agree it's not enough.  They should also eliminate the use of any Windows computer by all banks.  Seriously, name just one large botnet that contains no infected Windows machines.  I dare you.</p></div><p> <b>iServices.A </b> is a mac only botnet that is distributed with pirated copies of iwork.</p></div>
	</htmltext>
<tokenext>What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations ( such as which banks to attack ) , but having all the flexibility and power of the original toolkit .
Having such a toolkit in the hands of multiple criminal groups paints a scary picture .
It 's simply not enough to eliminate a particular botnet and criminal group to solve this problem .
I agree it 's not enough .
They should also eliminate the use of any Windows computer by all banks .
Seriously , name just one large botnet that contains no infected Windows machines .
I dare you .
iServices.A is a mac only botnet that is distributed with pirated copies of iwork .</tokentext>
<sentencetext>What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations (such as which banks to attack), but having all the flexibility and power of the original toolkit.
Having such a toolkit in the hands of multiple criminal groups paints a scary picture.
It's simply not enough to eliminate a particular botnet and criminal group to solve this problem.
I agree it's not enough.
They should also eliminate the use of any Windows computer by all banks.
Seriously, name just one large botnet that contains no infected Windows machines.
I dare you.
iServices.A  is a mac only botnet that is distributed with pirated copies of iwork.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241008</id>
	<title>A simple solution might be on the horizon...</title>
	<author>x-irrad</author>
	<datestamp>1266862980000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The key to solving this problem is secure and cheap transaction authentication, which is what IBM has been trying to achieve with their ztic, but even that I fear is vulnerable.
The solution I think that will ultimately put something of a stop to the mitb/trojan is this: <a href="http://passwindow.com/" title="passwindow.com" rel="nofollow">http://passwindow.com/</a> [passwindow.com]
It seems at first glance too good to be true, but I read parts of the whitepaper and it seems legit.
I heard it mentioned that a few banks might be rolling it out some time this year....</htmltext>
<tokenext>The key to solving this problem is secure and cheap transaction authentication , which is what IBM has been trying to achieve with their ztic , but even that I fear is vulnerable .
The solution I think that will ultimately put something of a stop to the mitb/trojan is this : http : //passwindow.com/ [ passwindow.com ] It seems at first glance too good to be true , but I read parts of the whitepaper and it seems legit .
I heard it mentioned that a few banks might be rolling it out some time this year... .</tokentext>
<sentencetext>The key to solving this problem is secure and cheap transaction authentication, which is what IBM has been trying to achieve with their ztic, but even that I fear is vulnerable.
The solution I think that will ultimately put something of a stop to the mitb/trojan is this: http://passwindow.com/ [passwindow.com]
It seems at first glance too good to be true, but I read parts of the whitepaper and it seems legit.
I heard it mentioned that a few banks might be rolling it out some time this year....</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243076</id>
	<title>Re:The problem is Bob</title>
	<author>1s44c</author>
	<datestamp>1266931020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Bob isn't an idiot, he's a typical windows user.</p></div><p>So he is an idiot then.</p></div>
	</htmltext>
<tokenext>Bob is n't an idiot , he 's a typical windows user.So he is an idiot then .</tokentext>
<sentencetext>Bob isn't an idiot, he's a typical windows user.So he is an idiot then.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243644</id>
	<title>Re:Well...</title>
	<author>lehphyro</author>
	<datestamp>1266936000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Here in Brazil every major bank have this kind of device. I dont need to worry about losing my password because the thief will not have my device which is always with me. I'm actually surprised this tech is still to be deployed in US.
Link (in portuguese): <a href="http://www.itau.com.br/itoken/index.htm" title="itau.com.br" rel="nofollow">http://www.itau.com.br/itoken/index.htm</a> [itau.com.br]</htmltext>
<tokenext>Here in Brazil every major bank have this kind of device .
I dont need to worry about losing my password because the thief will not have my device which is always with me .
I 'm actually surprised this tech is still to be deployed in US .
Link ( in portuguese ) : http : //www.itau.com.br/itoken/index.htm [ itau.com.br ]</tokentext>
<sentencetext>Here in Brazil every major bank have this kind of device.
I dont need to worry about losing my password because the thief will not have my device which is always with me.
I'm actually surprised this tech is still to be deployed in US.
Link (in portuguese): http://www.itau.com.br/itoken/index.htm [itau.com.br]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240918</id>
	<title>Re:Well duh!</title>
	<author>Anonymous</author>
	<datestamp>1266862140000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><p><div class="quote"><p>Speaking of Trojans, they didn't even lube it up before they put it in our ass!</p></div><p>No Need. The Republicans pulled one cheek to the side and The Democrats pulled the other cheek to the side. It's good to see politicians put aside party differences and get together for an old fashioned mass ass raping of their mutual constituency. I tell you, it gives me a warm feeling... speaking of that, does anyone have any Preparation-H?</p></div>
	</htmltext>
<tokenext>Speaking of Trojans , they did n't even lube it up before they put it in our ass ! No Need .
The Republicans pulled one cheek to the side and The Democrats pulled the other cheek to the side .
It 's good to see politicians put aside party differences and get together for an old fashioned mass ass raping of their mutual constituency .
I tell you , it gives me a warm feeling... speaking of that , does anyone have any Preparation-H ?</tokentext>
<sentencetext>Speaking of Trojans, they didn't even lube it up before they put it in our ass!No Need.
The Republicans pulled one cheek to the side and The Democrats pulled the other cheek to the side.
It's good to see politicians put aside party differences and get together for an old fashioned mass ass raping of their mutual constituency.
I tell you, it gives me a warm feeling... speaking of that, does anyone have any Preparation-H?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212</id>
	<title>I have a simple solution</title>
	<author>Giant Electronic Bra</author>
	<datestamp>1266855300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>We should just give away copies of all the best hack tools. As soon as they appear they should be all over the net for free. What will this do? Simple. It removes the monetary incentive to write good hacking tools. If what any idiot can download for free is as good as it gets then the money is sucked right out of the market for supplying tools.</p><p>On top of that when you have every idiot out there using the best tools vendors WILL be forced to deal with the flaws a lot more quickly and release higher quality code to start with. It won't stop the people using the tools from using them and stealing money, but nothing is going to stop that.</p><p>The first property crime happened the day property was invented. Nothing we do is going to stop it, but we can suck some of the wind out of the blackhats sails.</p></htmltext>
<tokenext>We should just give away copies of all the best hack tools .
As soon as they appear they should be all over the net for free .
What will this do ?
Simple. It removes the monetary incentive to write good hacking tools .
If what any idiot can download for free is as good as it gets then the money is sucked right out of the market for supplying tools.On top of that when you have every idiot out there using the best tools vendors WILL be forced to deal with the flaws a lot more quickly and release higher quality code to start with .
It wo n't stop the people using the tools from using them and stealing money , but nothing is going to stop that.The first property crime happened the day property was invented .
Nothing we do is going to stop it , but we can suck some of the wind out of the blackhats sails .</tokentext>
<sentencetext>We should just give away copies of all the best hack tools.
As soon as they appear they should be all over the net for free.
What will this do?
Simple. It removes the monetary incentive to write good hacking tools.
If what any idiot can download for free is as good as it gets then the money is sucked right out of the market for supplying tools.On top of that when you have every idiot out there using the best tools vendors WILL be forced to deal with the flaws a lot more quickly and release higher quality code to start with.
It won't stop the people using the tools from using them and stealing money, but nothing is going to stop that.The first property crime happened the day property was invented.
Nothing we do is going to stop it, but we can suck some of the wind out of the blackhats sails.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244900</id>
	<title>What about Linux</title>
	<author>Anonymous</author>
	<datestamp>1266942780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Are Linux machine also vulnerable to these trojans? Or should I be feeling comfortable using Ubuntu9.10 + FF3.6/Chrome?</p></htmltext>
<tokenext>Are Linux machine also vulnerable to these trojans ?
Or should I be feeling comfortable using Ubuntu9.10 + FF3.6/Chrome ?</tokentext>
<sentencetext>Are Linux machine also vulnerable to these trojans?
Or should I be feeling comfortable using Ubuntu9.10 + FF3.6/Chrome?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240184</id>
	<title>Re:The problem is Bob</title>
	<author>Anonymous</author>
	<datestamp>1266855120000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Uh. Yeah. Bob is an idiot.</p><p>I work for a big ass company that's undoubtedly targeted for these things, and I'd say a good 75\% of the folks (with VPN access) I know are Bobs.</p><p>Unfortunately, Bob is a damned good salesman who's bringing in money hand over fist. <b>That</b> is why Bob doesn't get fired.</p><p>(AC for fairly obvious reasons)</p></htmltext>
<tokenext>Uh .
Yeah. Bob is an idiot.I work for a big ass company that 's undoubtedly targeted for these things , and I 'd say a good 75 \ % of the folks ( with VPN access ) I know are Bobs.Unfortunately , Bob is a damned good salesman who 's bringing in money hand over fist .
That is why Bob does n't get fired .
( AC for fairly obvious reasons )</tokentext>
<sentencetext>Uh.
Yeah. Bob is an idiot.I work for a big ass company that's undoubtedly targeted for these things, and I'd say a good 75\% of the folks (with VPN access) I know are Bobs.Unfortunately, Bob is a damned good salesman who's bringing in money hand over fist.
That is why Bob doesn't get fired.
(AC for fairly obvious reasons)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240866</id>
	<title>Re:The problem is Bob</title>
	<author>powerspike</author>
	<datestamp>1266861480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>First 3 would be a failure on your side not his for allowing this and not locking down the machine(s).

4th would be a failure of education, if he hasn't been told, how is he going to know. "Bob" is busy doing his job, not yours.

5th - this is 50/50, if he gets to many red flags, in doing his normal work, he's just going to ignore them all isn't he ?

if i discovered a tech going on a warpath to fire another employee for not doing his job, i'd fire the tech on the spot

There's two sides to every story.


On another note, do you think bob is going to go and spend hours researching software when he just wants to listen to some music, or watch a video?</htmltext>
<tokenext>First 3 would be a failure on your side not his for allowing this and not locking down the machine ( s ) .
4th would be a failure of education , if he has n't been told , how is he going to know .
" Bob " is busy doing his job , not yours .
5th - this is 50/50 , if he gets to many red flags , in doing his normal work , he 's just going to ignore them all is n't he ?
if i discovered a tech going on a warpath to fire another employee for not doing his job , i 'd fire the tech on the spot There 's two sides to every story .
On another note , do you think bob is going to go and spend hours researching software when he just wants to listen to some music , or watch a video ?</tokentext>
<sentencetext>First 3 would be a failure on your side not his for allowing this and not locking down the machine(s).
4th would be a failure of education, if he hasn't been told, how is he going to know.
"Bob" is busy doing his job, not yours.
5th - this is 50/50, if he gets to many red flags, in doing his normal work, he's just going to ignore them all isn't he ?
if i discovered a tech going on a warpath to fire another employee for not doing his job, i'd fire the tech on the spot

There's two sides to every story.
On another note, do you think bob is going to go and spend hours researching software when he just wants to listen to some music, or watch a video?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240346</id>
	<title>Re:I have a simple solution</title>
	<author>pnewhook</author>
	<datestamp>1266856380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Thats kinda like saying that guns are a problem in armed home robberies, so lets give everyone a gun, then there will be so many stupid people with guns firing them off that houses will have to be built with better security..
</p><p> The problem with your solution is that the internet will be so unsafe that no one will be able to use it for anything lest they be robbed blind.  We might as well just throw out the computers and go back to manual bank transactions.</p></htmltext>
<tokenext>Thats kinda like saying that guns are a problem in armed home robberies , so lets give everyone a gun , then there will be so many stupid people with guns firing them off that houses will have to be built with better security. . The problem with your solution is that the internet will be so unsafe that no one will be able to use it for anything lest they be robbed blind .
We might as well just throw out the computers and go back to manual bank transactions .</tokentext>
<sentencetext>Thats kinda like saying that guns are a problem in armed home robberies, so lets give everyone a gun, then there will be so many stupid people with guns firing them off that houses will have to be built with better security..
 The problem with your solution is that the internet will be so unsafe that no one will be able to use it for anything lest they be robbed blind.
We might as well just throw out the computers and go back to manual bank transactions.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241982</id>
	<title>Re:The problem is Bob</title>
	<author>Anonymous</author>
	<datestamp>1266916860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Not all idiots are Windows users. The Apple fanboys make up a far larger percentage of the total idiots demographic.</p></htmltext>
<tokenext>Not all idiots are Windows users .
The Apple fanboys make up a far larger percentage of the total idiots demographic .</tokentext>
<sentencetext>Not all idiots are Windows users.
The Apple fanboys make up a far larger percentage of the total idiots demographic.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240244</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</id>
	<title>Well...</title>
	<author>Anonymous</author>
	<datestamp>1266853380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>We need to develop greater use of proveable correctness in bank security, promote the use of isolated secure workstations for private banking transactions online, and use contractual incentives and accountability to incentivize better security systems.</p><p>Seriously, how about a physical random token generator where someone has to enter what the token currently displays each time they make a transaction for an account with a $5000+ balance, or more than $500 in a single transaction, or $1000 in a day?  Or similar systems that make phishing alone useless.</p></htmltext>
<tokenext>We need to develop greater use of proveable correctness in bank security , promote the use of isolated secure workstations for private banking transactions online , and use contractual incentives and accountability to incentivize better security systems.Seriously , how about a physical random token generator where someone has to enter what the token currently displays each time they make a transaction for an account with a $ 5000 + balance , or more than $ 500 in a single transaction , or $ 1000 in a day ?
Or similar systems that make phishing alone useless .</tokentext>
<sentencetext>We need to develop greater use of proveable correctness in bank security, promote the use of isolated secure workstations for private banking transactions online, and use contractual incentives and accountability to incentivize better security systems.Seriously, how about a physical random token generator where someone has to enter what the token currently displays each time they make a transaction for an account with a $5000+ balance, or more than $500 in a single transaction, or $1000 in a day?
Or similar systems that make phishing alone useless.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240668</id>
	<title>Re:fuckfuck</title>
	<author>T Murphy</author>
	<datestamp>1266859380000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>1</modscore>
	<htmltext>Wow, time to beak out the +5 offtopic mod.</htmltext>
<tokenext>Wow , time to beak out the + 5 offtopic mod .</tokentext>
<sentencetext>Wow, time to beak out the +5 offtopic mod.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282</id>
	<title>Re:Well...</title>
	<author>plover</author>
	<datestamp>1266855900000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext><p>Done.  There's already a cryptographic device that offers near-perfect cryptographic security for web banking.  ABN AMRO uses it for their <a href="http://www.abnamro.nl/en/images/Generiek/PDFs/Overig/edentifier2\_usermanual\_english.pdf" title="abnamro.nl">e.dentifier2</a> [abnamro.nl] device.  The brilliant part is that the trust lies only within the card's chip and the handheld device, never only the PC or the browser.  It's exactly what a bank should provide:  end to end encryption of the user's authorization to perform a transaction, where both ends are created and maintained by the bank.</p><p>Now we just need a bank that's willing to deploy those here in the U.S.</p></htmltext>
<tokenext>Done .
There 's already a cryptographic device that offers near-perfect cryptographic security for web banking .
ABN AMRO uses it for their e.dentifier2 [ abnamro.nl ] device .
The brilliant part is that the trust lies only within the card 's chip and the handheld device , never only the PC or the browser .
It 's exactly what a bank should provide : end to end encryption of the user 's authorization to perform a transaction , where both ends are created and maintained by the bank.Now we just need a bank that 's willing to deploy those here in the U.S .</tokentext>
<sentencetext>Done.
There's already a cryptographic device that offers near-perfect cryptographic security for web banking.
ABN AMRO uses it for their e.dentifier2 [abnamro.nl] device.
The brilliant part is that the trust lies only within the card's chip and the handheld device, never only the PC or the browser.
It's exactly what a bank should provide:  end to end encryption of the user's authorization to perform a transaction, where both ends are created and maintained by the bank.Now we just need a bank that's willing to deploy those here in the U.S.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240336</id>
	<title>Re:News?</title>
	<author>jhol13</author>
	<datestamp>1266856380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>MITB attack happened in Finland just a month ago. If criminals are willing to attack a very small audience with a very difficult language[1] what do you think, is this happening to bigger banks?</p><p>One bank now requires SMS *reply* for "suspicious" transfers. Note that the query and reply both go through SMS so it is much harder to crack - MITB is not enough.</p><p>[1] They did use English, but that does decrease the success rate a lot.</p></htmltext>
<tokenext>MITB attack happened in Finland just a month ago .
If criminals are willing to attack a very small audience with a very difficult language [ 1 ] what do you think , is this happening to bigger banks ? One bank now requires SMS * reply * for " suspicious " transfers .
Note that the query and reply both go through SMS so it is much harder to crack - MITB is not enough .
[ 1 ] They did use English , but that does decrease the success rate a lot .</tokentext>
<sentencetext>MITB attack happened in Finland just a month ago.
If criminals are willing to attack a very small audience with a very difficult language[1] what do you think, is this happening to bigger banks?One bank now requires SMS *reply* for "suspicious" transfers.
Note that the query and reply both go through SMS so it is much harder to crack - MITB is not enough.
[1] They did use English, but that does decrease the success rate a lot.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243272</id>
	<title>It's the end of "no rules" online home banking</title>
	<author>davidwr</author>
	<datestamp>1266933180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>There will come a time where if you want to pay bills or transfer money outside your "normal pattern" at an "unsecured" computer or terminal you'll have to "call ahead" and give a limited-time authorization.  Checking transaction history and making savings-to-checking transfers or "routine" things like paying recurring bills will still be allowed, but things like your full account number might not show up on your screen and entering them won't be part of your login process.</p><p>There will be "secure terminals" such as ATMs or perhaps computer-on-a-dongle devices that plug into your cell phone or PC for those who need them.</p><p>The bigger long-term issue is that telephones and caller-id are no longer trustworthy.  Time was, you could have someone call you from their home phone, enter a PIN, and barring some serious inside-job hacking at the bank or telco or someone physically tapping the line, you knew it was them.  Not any more.</p><p>In the near-term, I see banks encouraging small businesses to set up dedicated "banking only" computers that use dial-in directly to the bank or to a "banker's ISP" to do online banking.  Yes, I said dial-in, bypassing the Internet.</p></htmltext>
<tokenext>There will come a time where if you want to pay bills or transfer money outside your " normal pattern " at an " unsecured " computer or terminal you 'll have to " call ahead " and give a limited-time authorization .
Checking transaction history and making savings-to-checking transfers or " routine " things like paying recurring bills will still be allowed , but things like your full account number might not show up on your screen and entering them wo n't be part of your login process.There will be " secure terminals " such as ATMs or perhaps computer-on-a-dongle devices that plug into your cell phone or PC for those who need them.The bigger long-term issue is that telephones and caller-id are no longer trustworthy .
Time was , you could have someone call you from their home phone , enter a PIN , and barring some serious inside-job hacking at the bank or telco or someone physically tapping the line , you knew it was them .
Not any more.In the near-term , I see banks encouraging small businesses to set up dedicated " banking only " computers that use dial-in directly to the bank or to a " banker 's ISP " to do online banking .
Yes , I said dial-in , bypassing the Internet .</tokentext>
<sentencetext>There will come a time where if you want to pay bills or transfer money outside your "normal pattern" at an "unsecured" computer or terminal you'll have to "call ahead" and give a limited-time authorization.
Checking transaction history and making savings-to-checking transfers or "routine" things like paying recurring bills will still be allowed, but things like your full account number might not show up on your screen and entering them won't be part of your login process.There will be "secure terminals" such as ATMs or perhaps computer-on-a-dongle devices that plug into your cell phone or PC for those who need them.The bigger long-term issue is that telephones and caller-id are no longer trustworthy.
Time was, you could have someone call you from their home phone, enter a PIN, and barring some serious inside-job hacking at the bank or telco or someone physically tapping the line, you knew it was them.
Not any more.In the near-term, I see banks encouraging small businesses to set up dedicated "banking only" computers that use dial-in directly to the bank or to a "banker's ISP" to do online banking.
Yes, I said dial-in, bypassing the Internet.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243016</id>
	<title>Re:fuckfuck</title>
	<author>daem0n1x</author>
	<datestamp>1266930480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Yeah. He should, at least have said kittens...</htmltext>
<tokenext>Yeah .
He should , at least have said kittens.. .</tokentext>
<sentencetext>Yeah.
He should, at least have said kittens...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240658</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241234</id>
	<title>A good solution to phishing</title>
	<author>jonwil</author>
	<datestamp>1266865560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A good solution to phishing is PassWindow (no I have no connection to their product, I just think its a damn good idea). See www.passwindow.com for details of the system.</p><p>Basically your card (ATM card, credit card, bank card or whatever) has a translucent window on it (translucent to make it hard to photocopy). This window contains segments like those on a 7 segment LED display. These segments are in a pre-defined pattern.</p><p>When you log in, the bank generates another set of 7-segment patterns. When you hold your card over the pattern, the segments on the card and the segments on the screen match up to generate 1 or more numbers that you then key into the login form.</p><p>Each time you login, the set of segments generated by the bank will be different (resulting in different numbers)</p><p>This system has the following advantages:<br>1.Unlike calculators and key-fobs and similar, it requires no batteries to operate. Plus, it is something you would carry with you anyway.<br>2.Unlike card/pin pads, special certificates and dongles and other devices that plug into your computer, PassWindow cards will work with any device that is capable of rendering the PassWindow image (including cellphones, internet cafe/kiosk computers and work PCs where plugging things in is not allowed)<br>3.The PassWindow system is essentially totally resistant to social engineering (due to the fact that its not easy to describe in words the layout of the PassWindow markings)<br>4.Unlike on-screen-keyboards, "click the right picture" and other such systems, the PassWindow system is resistant to trojan horses, keyloggers and any other software or hardware that may be running when you access the bank as the number generated by the PassWindow is 1-time-use-only and will not be valid if the trojan/hacker attempts to log in with it (if the trojan/hacker simply stores it and returns a "bank not working" error instead of actually logging in with it, it wont be valid since it will have expired)<br>5.The PassWindow system is resistant to brute force due to the number of possible combinations of PassWindow patterns that could be on the card (and the fact that the random image returned by the bank each time you try and log in is different each time)</p><p>Now I am not saying its perfect but its better than any other solution I have seen to date. (and cheaper than anything requiring a seperate electronic device of some sort)</p><p>If anyone knows of any ways in which the PassWindow technology would be insecure (or more to the point, less secure than alternatives that are currently in use) please speak up.</p></htmltext>
<tokenext>A good solution to phishing is PassWindow ( no I have no connection to their product , I just think its a damn good idea ) .
See www.passwindow.com for details of the system.Basically your card ( ATM card , credit card , bank card or whatever ) has a translucent window on it ( translucent to make it hard to photocopy ) .
This window contains segments like those on a 7 segment LED display .
These segments are in a pre-defined pattern.When you log in , the bank generates another set of 7-segment patterns .
When you hold your card over the pattern , the segments on the card and the segments on the screen match up to generate 1 or more numbers that you then key into the login form.Each time you login , the set of segments generated by the bank will be different ( resulting in different numbers ) This system has the following advantages : 1.Unlike calculators and key-fobs and similar , it requires no batteries to operate .
Plus , it is something you would carry with you anyway.2.Unlike card/pin pads , special certificates and dongles and other devices that plug into your computer , PassWindow cards will work with any device that is capable of rendering the PassWindow image ( including cellphones , internet cafe/kiosk computers and work PCs where plugging things in is not allowed ) 3.The PassWindow system is essentially totally resistant to social engineering ( due to the fact that its not easy to describe in words the layout of the PassWindow markings ) 4.Unlike on-screen-keyboards , " click the right picture " and other such systems , the PassWindow system is resistant to trojan horses , keyloggers and any other software or hardware that may be running when you access the bank as the number generated by the PassWindow is 1-time-use-only and will not be valid if the trojan/hacker attempts to log in with it ( if the trojan/hacker simply stores it and returns a " bank not working " error instead of actually logging in with it , it wont be valid since it will have expired ) 5.The PassWindow system is resistant to brute force due to the number of possible combinations of PassWindow patterns that could be on the card ( and the fact that the random image returned by the bank each time you try and log in is different each time ) Now I am not saying its perfect but its better than any other solution I have seen to date .
( and cheaper than anything requiring a seperate electronic device of some sort ) If anyone knows of any ways in which the PassWindow technology would be insecure ( or more to the point , less secure than alternatives that are currently in use ) please speak up .</tokentext>
<sentencetext>A good solution to phishing is PassWindow (no I have no connection to their product, I just think its a damn good idea).
See www.passwindow.com for details of the system.Basically your card (ATM card, credit card, bank card or whatever) has a translucent window on it (translucent to make it hard to photocopy).
This window contains segments like those on a 7 segment LED display.
These segments are in a pre-defined pattern.When you log in, the bank generates another set of 7-segment patterns.
When you hold your card over the pattern, the segments on the card and the segments on the screen match up to generate 1 or more numbers that you then key into the login form.Each time you login, the set of segments generated by the bank will be different (resulting in different numbers)This system has the following advantages:1.Unlike calculators and key-fobs and similar, it requires no batteries to operate.
Plus, it is something you would carry with you anyway.2.Unlike card/pin pads, special certificates and dongles and other devices that plug into your computer, PassWindow cards will work with any device that is capable of rendering the PassWindow image (including cellphones, internet cafe/kiosk computers and work PCs where plugging things in is not allowed)3.The PassWindow system is essentially totally resistant to social engineering (due to the fact that its not easy to describe in words the layout of the PassWindow markings)4.Unlike on-screen-keyboards, "click the right picture" and other such systems, the PassWindow system is resistant to trojan horses, keyloggers and any other software or hardware that may be running when you access the bank as the number generated by the PassWindow is 1-time-use-only and will not be valid if the trojan/hacker attempts to log in with it (if the trojan/hacker simply stores it and returns a "bank not working" error instead of actually logging in with it, it wont be valid since it will have expired)5.The PassWindow system is resistant to brute force due to the number of possible combinations of PassWindow patterns that could be on the card (and the fact that the random image returned by the bank each time you try and log in is different each time)Now I am not saying its perfect but its better than any other solution I have seen to date.
(and cheaper than anything requiring a seperate electronic device of some sort)If anyone knows of any ways in which the PassWindow technology would be insecure (or more to the point, less secure than alternatives that are currently in use) please speak up.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126</id>
	<title>Re:The problem is Bob</title>
	<author>Anonymous</author>
	<datestamp>1266854580000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>Bob isn't an idiot, he's a typical windows user. Not to ping on MS, but they do manage to capture the low end of the market in that respect. A vast majority of computer users think that computer programmers are modern day wizards, and blindly trust that only bad programmers build bad programs. Further there are only two kinds of programs, good ones and bad ones like viruses and malware. Any program that is not bad is good, and has things like virus checking and mind reading built into them. Stack overflow is a card mishap at the casino and cross site scripting sounds like a multi site movie writers program.</p><p>These warped expectations leads to things like<nobr> <wbr></nobr>... well, like Bob.</p><p>Bob and his friends are why so many virus and malware programs are profitable, so in a sad way, Bob is right.</p></htmltext>
<tokenext>Bob is n't an idiot , he 's a typical windows user .
Not to ping on MS , but they do manage to capture the low end of the market in that respect .
A vast majority of computer users think that computer programmers are modern day wizards , and blindly trust that only bad programmers build bad programs .
Further there are only two kinds of programs , good ones and bad ones like viruses and malware .
Any program that is not bad is good , and has things like virus checking and mind reading built into them .
Stack overflow is a card mishap at the casino and cross site scripting sounds like a multi site movie writers program.These warped expectations leads to things like ... well , like Bob.Bob and his friends are why so many virus and malware programs are profitable , so in a sad way , Bob is right .</tokentext>
<sentencetext>Bob isn't an idiot, he's a typical windows user.
Not to ping on MS, but they do manage to capture the low end of the market in that respect.
A vast majority of computer users think that computer programmers are modern day wizards, and blindly trust that only bad programmers build bad programs.
Further there are only two kinds of programs, good ones and bad ones like viruses and malware.
Any program that is not bad is good, and has things like virus checking and mind reading built into them.
Stack overflow is a card mishap at the casino and cross site scripting sounds like a multi site movie writers program.These warped expectations leads to things like ... well, like Bob.Bob and his friends are why so many virus and malware programs are profitable, so in a sad way, Bob is right.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240474</id>
	<title>PMITAP</title>
	<author>Anonymous</author>
	<datestamp>1266857520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>You mean like in Superman 2?</p></htmltext>
<tokenext>You mean like in Superman 2 ?</tokentext>
<sentencetext>You mean like in Superman 2?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240070</id>
	<title>Dingey Harry hasn't met his House counterpart</title>
	<author>Anonymous</author>
	<datestamp>1266853920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"Reid said that the effects of joblessness on domestic violence were especially pronounced among men, because, Reid said, women tend to be less abusive.</p><p>"Women don't have jobs either, but women aren&rsquo;t abusive, most of the time," he said."<br>--Excerpt from thehill.com</p><p>I guess ol' Dingey Harry hasn't met his House counterpart.  Most people consider her to be quite abusive, which is why her popularity rating is even lower than Obama's.</p></htmltext>
<tokenext>" Reid said that the effects of joblessness on domestic violence were especially pronounced among men , because , Reid said , women tend to be less abusive .
" Women do n't have jobs either , but women aren    t abusive , most of the time , " he said .
" --Excerpt from thehill.comI guess ol ' Dingey Harry has n't met his House counterpart .
Most people consider her to be quite abusive , which is why her popularity rating is even lower than Obama 's .</tokentext>
<sentencetext>"Reid said that the effects of joblessness on domestic violence were especially pronounced among men, because, Reid said, women tend to be less abusive.
"Women don't have jobs either, but women aren’t abusive, most of the time," he said.
"--Excerpt from thehill.comI guess ol' Dingey Harry hasn't met his House counterpart.
Most people consider her to be quite abusive, which is why her popularity rating is even lower than Obama's.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243172</id>
	<title>mTAN</title>
	<author>Anonymous</author>
	<datestamp>1266931980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Here in Germany many banks use mTAN which includes the amount and destination of the wire with the confirmation code in the SMS to prevent a man in the middle attack as described in the article.</p><p>The idea is that if you attempt to send a wire to John Smith at account 203424 for &euro;200, but the mTAN says Mary Jan for &euro;2000 at account 3422233, then you've got a problem.</p></htmltext>
<tokenext>Here in Germany many banks use mTAN which includes the amount and destination of the wire with the confirmation code in the SMS to prevent a man in the middle attack as described in the article.The idea is that if you attempt to send a wire to John Smith at account 203424 for    200 , but the mTAN says Mary Jan for    2000 at account 3422233 , then you 've got a problem .</tokentext>
<sentencetext>Here in Germany many banks use mTAN which includes the amount and destination of the wire with the confirmation code in the SMS to prevent a man in the middle attack as described in the article.The idea is that if you attempt to send a wire to John Smith at account 203424 for €200, but the mTAN says Mary Jan for €2000 at account 3422233, then you've got a problem.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240160</id>
	<title>Re:News?</title>
	<author>Darkness404</author>
	<datestamp>1266854820000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>3</modscore>
	<htmltext>Sure, but its a -lot- easier to prove that John Smith working at the bank got your PIN and made a withdraw of $XXX on X day. Its quite hard to get money from Vladimir Hacker who lives in Russia. While it might be easy to trace an IP, if it is outside of the US jurisdiction, theres not that much you can do. Yeah, you -might- be able to get the money back, but Vladimir Hacker can still do the same thing to someone else and no doubt it will require a lot of paperwork to get your money back.</htmltext>
<tokenext>Sure , but its a -lot- easier to prove that John Smith working at the bank got your PIN and made a withdraw of $ XXX on X day .
Its quite hard to get money from Vladimir Hacker who lives in Russia .
While it might be easy to trace an IP , if it is outside of the US jurisdiction , theres not that much you can do .
Yeah , you -might- be able to get the money back , but Vladimir Hacker can still do the same thing to someone else and no doubt it will require a lot of paperwork to get your money back .</tokentext>
<sentencetext>Sure, but its a -lot- easier to prove that John Smith working at the bank got your PIN and made a withdraw of $XXX on X day.
Its quite hard to get money from Vladimir Hacker who lives in Russia.
While it might be easy to trace an IP, if it is outside of the US jurisdiction, theres not that much you can do.
Yeah, you -might- be able to get the money back, but Vladimir Hacker can still do the same thing to someone else and no doubt it will require a lot of paperwork to get your money back.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240952</id>
	<title>I know a non technical solution...</title>
	<author>Yaa 101</author>
	<datestamp>1266862500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I know a non technical solution which even generate jobs, bring back the physical counter...</p></htmltext>
<tokenext>I know a non technical solution which even generate jobs , bring back the physical counter.. .</tokentext>
<sentencetext>I know a non technical solution which even generate jobs, bring back the physical counter...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240798</id>
	<title>The sites where my money is involved are safe...</title>
	<author>Anonymous</author>
	<datestamp>1266860760000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Basically the "big bucks" are on my banking accounts. Great, I happen to have a bank mandating the use of a cryptographic token. Even better, for account numbers never used before or for big amount it is mandatory to make the account number of the recipient part of a cryptographic challenge: good game lowlifes, it is mathematically provable that you cannot work around that.</p><p>Noticed the "cryptographic challenge" part? That defeats *every* MITM attack (renamed "Man In The Browser" in TFA for no good reason).</p><p>Now another site where I've got $1.5K or so is an online Poker site. The biggest one. 300K players at peak hours. The good news? That site *also* provide a RSA security token. (cue all the clueless about online poker sites being all rigged but I'm actually making money with this while having a lot of fun and, yes, I did already cashout a lot of times and, no, I never had any issue).</p><p>Anyway, it ain't the point: the point is... More and more sites are starting to use two-form authentication and this trend ain't going to stop.</p><p>Either people using botnet to steal money out of customer account become a real problem and bank SHALL all (or most) mandate the use of physical security tokens + crytographic challenge (once again, it's already done here and it works flawlessly and people don't whine about it) or people using botnet to steal money shall stay an insignificant problem.</p><p>I didn't think about using an iPhone to connect to my online banking website (supposed to be safer due to non-unsigned application and also greatly due to the better track security record of OS X compared to Windows)...</p><p>That said my security token + cryptographic challenge + Linux bootable CD gives low-lifes a nice finger<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>Basically the " big bucks " are on my banking accounts .
Great , I happen to have a bank mandating the use of a cryptographic token .
Even better , for account numbers never used before or for big amount it is mandatory to make the account number of the recipient part of a cryptographic challenge : good game lowlifes , it is mathematically provable that you can not work around that.Noticed the " cryptographic challenge " part ?
That defeats * every * MITM attack ( renamed " Man In The Browser " in TFA for no good reason ) .Now another site where I 've got $ 1.5K or so is an online Poker site .
The biggest one .
300K players at peak hours .
The good news ?
That site * also * provide a RSA security token .
( cue all the clueless about online poker sites being all rigged but I 'm actually making money with this while having a lot of fun and , yes , I did already cashout a lot of times and , no , I never had any issue ) .Anyway , it ai n't the point : the point is... More and more sites are starting to use two-form authentication and this trend ai n't going to stop.Either people using botnet to steal money out of customer account become a real problem and bank SHALL all ( or most ) mandate the use of physical security tokens + crytographic challenge ( once again , it 's already done here and it works flawlessly and people do n't whine about it ) or people using botnet to steal money shall stay an insignificant problem.I did n't think about using an iPhone to connect to my online banking website ( supposed to be safer due to non-unsigned application and also greatly due to the better track security record of OS X compared to Windows ) ...That said my security token + cryptographic challenge + Linux bootable CD gives low-lifes a nice finger : )</tokentext>
<sentencetext>Basically the "big bucks" are on my banking accounts.
Great, I happen to have a bank mandating the use of a cryptographic token.
Even better, for account numbers never used before or for big amount it is mandatory to make the account number of the recipient part of a cryptographic challenge: good game lowlifes, it is mathematically provable that you cannot work around that.Noticed the "cryptographic challenge" part?
That defeats *every* MITM attack (renamed "Man In The Browser" in TFA for no good reason).Now another site where I've got $1.5K or so is an online Poker site.
The biggest one.
300K players at peak hours.
The good news?
That site *also* provide a RSA security token.
(cue all the clueless about online poker sites being all rigged but I'm actually making money with this while having a lot of fun and, yes, I did already cashout a lot of times and, no, I never had any issue).Anyway, it ain't the point: the point is... More and more sites are starting to use two-form authentication and this trend ain't going to stop.Either people using botnet to steal money out of customer account become a real problem and bank SHALL all (or most) mandate the use of physical security tokens + crytographic challenge (once again, it's already done here and it works flawlessly and people don't whine about it) or people using botnet to steal money shall stay an insignificant problem.I didn't think about using an iPhone to connect to my online banking website (supposed to be safer due to non-unsigned application and also greatly due to the better track security record of OS X compared to Windows)...That said my security token + cryptographic challenge + Linux bootable CD gives low-lifes a nice finger :)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240254</id>
	<title>Re:Well...</title>
	<author>buchner.johannes</author>
	<datestamp>1266855660000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>There are two choices:</p><p>a) Build the perfect system. Complicated to do. Users will not understand it and still be vulnerable to scams.</p><p>b) Build a simple system and use trust. For example, you can revert transactions from your bank account that you didn't authorize within 14 days.</p><p>Everyone that works in a bank today knows that stuff isn't secure. But it doesn't really matter because damages are small, and the profits cover mistakes quite easily.</p></htmltext>
<tokenext>There are two choices : a ) Build the perfect system .
Complicated to do .
Users will not understand it and still be vulnerable to scams.b ) Build a simple system and use trust .
For example , you can revert transactions from your bank account that you did n't authorize within 14 days.Everyone that works in a bank today knows that stuff is n't secure .
But it does n't really matter because damages are small , and the profits cover mistakes quite easily .</tokentext>
<sentencetext>There are two choices:a) Build the perfect system.
Complicated to do.
Users will not understand it and still be vulnerable to scams.b) Build a simple system and use trust.
For example, you can revert transactions from your bank account that you didn't authorize within 14 days.Everyone that works in a bank today knows that stuff isn't secure.
But it doesn't really matter because damages are small, and the profits cover mistakes quite easily.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240830</id>
	<title>Re:The problem is Bob</title>
	<author>Anonymous</author>
	<datestamp>1266861000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>Windows users tend to have a LIFE outside the basement so they couldn't care less how free or how open is the shit that make the stuff they want to do. Nobody cares, you do, get a life, leave other people alone with the money they have harvested from that HUGE Windblox Lu$er user base.</htmltext>
<tokenext>Windows users tend to have a LIFE outside the basement so they could n't care less how free or how open is the shit that make the stuff they want to do .
Nobody cares , you do , get a life , leave other people alone with the money they have harvested from that HUGE Windblox Lu $ er user base .</tokentext>
<sentencetext>Windows users tend to have a LIFE outside the basement so they couldn't care less how free or how open is the shit that make the stuff they want to do.
Nobody cares, you do, get a life, leave other people alone with the money they have harvested from that HUGE Windblox Lu$er user base.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240244</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240730</id>
	<title>Healthy industry!</title>
	<author>postmortem</author>
	<datestamp>1266860160000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>There is still money to be made in IT/CS!</htmltext>
<tokenext>There is still money to be made in IT/CS !</tokentext>
<sentencetext>There is still money to be made in IT/CS!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244796</id>
	<title>Re:I think Banks Don't Actually Care</title>
	<author>Anonymous</author>
	<datestamp>1266942240000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Its rediculous and frankly illogical to think Banks dont care. As someone who has worked in financial IT for two very large institutions I can tell you they do care and take security quite seriously. They do this not because they are nice loving places who coddle thier customers, they do it because its good for business. No one wants to do business with a bank that gets repeatedly hacked. Its just bad for your image as a bank if you cant keep your cusomters money safe . . . its just common sense.</p></htmltext>
<tokenext>Its rediculous and frankly illogical to think Banks dont care .
As someone who has worked in financial IT for two very large institutions I can tell you they do care and take security quite seriously .
They do this not because they are nice loving places who coddle thier customers , they do it because its good for business .
No one wants to do business with a bank that gets repeatedly hacked .
Its just bad for your image as a bank if you cant keep your cusomters money safe .
. .
its just common sense .</tokentext>
<sentencetext>Its rediculous and frankly illogical to think Banks dont care.
As someone who has worked in financial IT for two very large institutions I can tell you they do care and take security quite seriously.
They do this not because they are nice loving places who coddle thier customers, they do it because its good for business.
No one wants to do business with a bank that gets repeatedly hacked.
Its just bad for your image as a bank if you cant keep your cusomters money safe .
. .
its just common sense.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240466</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240244</id>
	<title>Re:The problem is Bob</title>
	<author>Anonymous</author>
	<datestamp>1266855600000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>"Bob isn't an idiot, he's a typical windows user."<br>I seem to have missed something, what's the difference again?</p></htmltext>
<tokenext>" Bob is n't an idiot , he 's a typical windows user .
" I seem to have missed something , what 's the difference again ?</tokentext>
<sentencetext>"Bob isn't an idiot, he's a typical windows user.
"I seem to have missed something, what's the difference again?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240280</id>
	<title>This isn't the only thing going wrong</title>
	<author>Anonymous</author>
	<datestamp>1266855900000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext>Millions of fags get pounded in the ass every day. Too bad they just didn't all get the aids and die.</htmltext>
<tokenext>Millions of fags get pounded in the ass every day .
Too bad they just did n't all get the aids and die .</tokentext>
<sentencetext>Millions of fags get pounded in the ass every day.
Too bad they just didn't all get the aids and die.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243864</id>
	<title>Security protections</title>
	<author>kangsterizer</author>
	<datestamp>1266937440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Here in Germany I'm using PostBank (which is the post office bank service)<br>They have a more or less fine web interface for paiments and so on.</p><p>When you make a new paiment, you have to look up a transaction number from a paper, physical list you have sent with the creation of your account<br>alternatively you can signup for SMS tan, where they send the transaction number by SMS and you type it on the screen.<br>A nice layer of security and all.</p><p>Now.. if a company gets my bank account number bank code, and name, they can also simply request the money. I don't even have to send or confirm the paiment myself. They can just serve themselves. A trojan for this bank would then just need to capture the said data and sent it upstream and take money per small amounts. Same with the credit card numbers, or just a paypal account.</p><p>As usual, the weakest link wins.</p></htmltext>
<tokenext>Here in Germany I 'm using PostBank ( which is the post office bank service ) They have a more or less fine web interface for paiments and so on.When you make a new paiment , you have to look up a transaction number from a paper , physical list you have sent with the creation of your accountalternatively you can signup for SMS tan , where they send the transaction number by SMS and you type it on the screen.A nice layer of security and all.Now.. if a company gets my bank account number bank code , and name , they can also simply request the money .
I do n't even have to send or confirm the paiment myself .
They can just serve themselves .
A trojan for this bank would then just need to capture the said data and sent it upstream and take money per small amounts .
Same with the credit card numbers , or just a paypal account.As usual , the weakest link wins .</tokentext>
<sentencetext>Here in Germany I'm using PostBank (which is the post office bank service)They have a more or less fine web interface for paiments and so on.When you make a new paiment, you have to look up a transaction number from a paper, physical list you have sent with the creation of your accountalternatively you can signup for SMS tan, where they send the transaction number by SMS and you type it on the screen.A nice layer of security and all.Now.. if a company gets my bank account number bank code, and name, they can also simply request the money.
I don't even have to send or confirm the paiment myself.
They can just serve themselves.
A trojan for this bank would then just need to capture the said data and sent it upstream and take money per small amounts.
Same with the credit card numbers, or just a paypal account.As usual, the weakest link wins.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243532</id>
	<title>Re:Test</title>
	<author>selven</author>
	<datestamp>1266935280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It's not just Windows. It's the concept of using a full computer operating system for things as simple as ATMs. Using Windows for those is horrible, but using Mac, Linux or BSD is still pretty bad. Full computer OSes are bloated, and every megabyte of bloat contains potential security vulnerabilities. You need a specially designed minimal system that can't do anything except banking, since such a system would not only have very few vulnerabilities due to lack of size but would also not even be capable of half the things a cracker would want to do (such as sending stuff to a remote server).</p></htmltext>
<tokenext>It 's not just Windows .
It 's the concept of using a full computer operating system for things as simple as ATMs .
Using Windows for those is horrible , but using Mac , Linux or BSD is still pretty bad .
Full computer OSes are bloated , and every megabyte of bloat contains potential security vulnerabilities .
You need a specially designed minimal system that ca n't do anything except banking , since such a system would not only have very few vulnerabilities due to lack of size but would also not even be capable of half the things a cracker would want to do ( such as sending stuff to a remote server ) .</tokentext>
<sentencetext>It's not just Windows.
It's the concept of using a full computer operating system for things as simple as ATMs.
Using Windows for those is horrible, but using Mac, Linux or BSD is still pretty bad.
Full computer OSes are bloated, and every megabyte of bloat contains potential security vulnerabilities.
You need a specially designed minimal system that can't do anything except banking, since such a system would not only have very few vulnerabilities due to lack of size but would also not even be capable of half the things a cracker would want to do (such as sending stuff to a remote server).</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242350</id>
	<title>Re:I have a simple solution</title>
	<author>Anonymous</author>
	<datestamp>1266922320000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Your line of reasoning is interesting and fresh, but hacking tools are probably custom made, on "contract", for exactly the reason which would otherwise make your plan work: writer cannot ask the government to uphold his or her copyright.<br>On a side note, it is an glimpse into how content industries would make living without IP law protection: paying customers would be only those most desperate to be early adopters/viewers/listeners, those who need to be assured they are buying the original (mission-critical scenario), and those who buy it to resell for less to cheaper buyers of lower echelon for profit<nobr> <wbr></nobr>... and oh, pay they would indeed! Of course, in such world, reputation would be everything, because sellers can't trust buyers to pay them later, so buyers would have to trust sellers instead. I guess usual disclaimers wouldn't apply either.</p></htmltext>
<tokenext>Your line of reasoning is interesting and fresh , but hacking tools are probably custom made , on " contract " , for exactly the reason which would otherwise make your plan work : writer can not ask the government to uphold his or her copyright.On a side note , it is an glimpse into how content industries would make living without IP law protection : paying customers would be only those most desperate to be early adopters/viewers/listeners , those who need to be assured they are buying the original ( mission-critical scenario ) , and those who buy it to resell for less to cheaper buyers of lower echelon for profit ... and oh , pay they would indeed !
Of course , in such world , reputation would be everything , because sellers ca n't trust buyers to pay them later , so buyers would have to trust sellers instead .
I guess usual disclaimers would n't apply either .</tokentext>
<sentencetext>Your line of reasoning is interesting and fresh, but hacking tools are probably custom made, on "contract", for exactly the reason which would otherwise make your plan work: writer cannot ask the government to uphold his or her copyright.On a side note, it is an glimpse into how content industries would make living without IP law protection: paying customers would be only those most desperate to be early adopters/viewers/listeners, those who need to be assured they are buying the original (mission-critical scenario), and those who buy it to resell for less to cheaper buyers of lower echelon for profit ... and oh, pay they would indeed!
Of course, in such world, reputation would be everything, because sellers can't trust buyers to pay them later, so buyers would have to trust sellers instead.
I guess usual disclaimers wouldn't apply either.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010</id>
	<title>News?</title>
	<author>Meshach</author>
	<datestamp>1266853380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>This is somebody's blog describing some hypothetical situation.  "Oh no!  My browser session is going to get hacked."  Seems just as likely someone working at the bank could steal your account or someone behind you at the atm seeing your pin.  This article was not worth the five minutes I spent reading it.</htmltext>
<tokenext>This is somebody 's blog describing some hypothetical situation .
" Oh no !
My browser session is going to get hacked .
" Seems just as likely someone working at the bank could steal your account or someone behind you at the atm seeing your pin .
This article was not worth the five minutes I spent reading it .</tokentext>
<sentencetext>This is somebody's blog describing some hypothetical situation.
"Oh no!
My browser session is going to get hacked.
"  Seems just as likely someone working at the bank could steal your account or someone behind you at the atm seeing your pin.
This article was not worth the five minutes I spent reading it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</id>
	<title>The problem is Bob</title>
	<author>bughunter</author>
	<datestamp>1266853740000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>Just R'ed the FA, and my first reaction was "Bob's an idiot."</p><p>First, either he is using his home PC to make financial transactions for his employer, or he is taking a laptop home that can be used to access his employer's financial institution.</p><p>Second, he's installing shareware/freeware on this machine, and he does it without scanning the downloaded files or researching the reliability of the publisher.</p><p>Third, he uses a browser over an unsecured internet connection instead of via VPN to the company network, which should incorporate well maintained filters and firewalls.</p><p>Fourth, he continues to use this browser after it exhibits strange behavior.</p><p>Fifth, he ignores red flags like unexplained 'Safety Pass' requests.</p><p>If I discovered Bob did this when he worked for me, I'd fire Bob, no matter how much the boss on the temp agency radio commercials loves him.</p></htmltext>
<tokenext>Just R'ed the FA , and my first reaction was " Bob 's an idiot .
" First , either he is using his home PC to make financial transactions for his employer , or he is taking a laptop home that can be used to access his employer 's financial institution.Second , he 's installing shareware/freeware on this machine , and he does it without scanning the downloaded files or researching the reliability of the publisher.Third , he uses a browser over an unsecured internet connection instead of via VPN to the company network , which should incorporate well maintained filters and firewalls.Fourth , he continues to use this browser after it exhibits strange behavior.Fifth , he ignores red flags like unexplained 'Safety Pass ' requests.If I discovered Bob did this when he worked for me , I 'd fire Bob , no matter how much the boss on the temp agency radio commercials loves him .</tokentext>
<sentencetext>Just R'ed the FA, and my first reaction was "Bob's an idiot.
"First, either he is using his home PC to make financial transactions for his employer, or he is taking a laptop home that can be used to access his employer's financial institution.Second, he's installing shareware/freeware on this machine, and he does it without scanning the downloaded files or researching the reliability of the publisher.Third, he uses a browser over an unsecured internet connection instead of via VPN to the company network, which should incorporate well maintained filters and firewalls.Fourth, he continues to use this browser after it exhibits strange behavior.Fifth, he ignores red flags like unexplained 'Safety Pass' requests.If I discovered Bob did this when he worked for me, I'd fire Bob, no matter how much the boss on the temp agency radio commercials loves him.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244830</id>
	<title>How Banker Million gets depleted by Trojans and</title>
	<author>SankaCoffeee</author>
	<datestamp>1266942480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>other Whores:</p><p>Oh please !</p></htmltext>
<tokenext>other Whores : Oh please !</tokentext>
<sentencetext>other Whores:Oh please !</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239952</id>
	<title>I like Bacon</title>
	<author>Anonymous</author>
	<datestamp>1266853080000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>-1</modscore>
	<htmltext><p>Yumm Bacon!!</p></htmltext>
<tokenext>Yumm Bacon !
!</tokentext>
<sentencetext>Yumm Bacon!
!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242218</id>
	<title>Re:The problem is Bob</title>
	<author>cerberusss</author>
	<datestamp>1266920280000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Bob isn't an idiot, he's a typical windows user.</p></div><p>In general I agree with you. In this case, I think you have it wrong on Bob and he's really a tool.</p><p>My mom knows jack sh1t about computers, and jack just left town. But multiple times, she surprised me by mentioning how she called the bank when experiencing something dodgy, deleting strange mails, rather used the laptop when her desktop displayed strange behavior, etc. She notices, like most human beings, when something is out of the ordinary. Bob noticed, too -- but with copious amounts of stupidity, managed to do the wrong thing.</p></div>
	</htmltext>
<tokenext>Bob is n't an idiot , he 's a typical windows user.In general I agree with you .
In this case , I think you have it wrong on Bob and he 's really a tool.My mom knows jack sh1t about computers , and jack just left town .
But multiple times , she surprised me by mentioning how she called the bank when experiencing something dodgy , deleting strange mails , rather used the laptop when her desktop displayed strange behavior , etc .
She notices , like most human beings , when something is out of the ordinary .
Bob noticed , too -- but with copious amounts of stupidity , managed to do the wrong thing .</tokentext>
<sentencetext>Bob isn't an idiot, he's a typical windows user.In general I agree with you.
In this case, I think you have it wrong on Bob and he's really a tool.My mom knows jack sh1t about computers, and jack just left town.
But multiple times, she surprised me by mentioning how she called the bank when experiencing something dodgy, deleting strange mails, rather used the laptop when her desktop displayed strange behavior, etc.
She notices, like most human beings, when something is out of the ordinary.
Bob noticed, too -- but with copious amounts of stupidity, managed to do the wrong thing.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240236</id>
	<title>Re:The problem is Bob</title>
	<author>geekmux</author>
	<datestamp>1266855600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Just R'ed the FA, and my first reaction was "Bob's an idiot."</p><p>First, either he is using his home PC to make financial transactions for his employer, or he is taking a laptop home that can be used to access his employer's financial institution.</p><p>Second, he's installing shareware/freeware on this machine, and he does it without scanning the downloaded files or researching the reliability of the publisher.</p><p>Third, he uses a browser over an unsecured internet connection instead of via VPN to the company network, which should incorporate well maintained filters and firewalls.</p><p>Fourth, he continues to use this browser after it exhibits strange behavior.</p><p>Fifth, he ignores red flags like unexplained 'Safety Pass' requests.</p><p>If I discovered Bob did this when he worked for me, I'd fire Bob, no matter how much the boss on the temp agency radio commercials loves him.</p></div><p>Er, yeah, the real problem is when Bobs official title to you is "Sir", which far too often online ignorance rises with pay grade.</p></div>
	</htmltext>
<tokenext>Just R'ed the FA , and my first reaction was " Bob 's an idiot .
" First , either he is using his home PC to make financial transactions for his employer , or he is taking a laptop home that can be used to access his employer 's financial institution.Second , he 's installing shareware/freeware on this machine , and he does it without scanning the downloaded files or researching the reliability of the publisher.Third , he uses a browser over an unsecured internet connection instead of via VPN to the company network , which should incorporate well maintained filters and firewalls.Fourth , he continues to use this browser after it exhibits strange behavior.Fifth , he ignores red flags like unexplained 'Safety Pass ' requests.If I discovered Bob did this when he worked for me , I 'd fire Bob , no matter how much the boss on the temp agency radio commercials loves him.Er , yeah , the real problem is when Bobs official title to you is " Sir " , which far too often online ignorance rises with pay grade .</tokentext>
<sentencetext>Just R'ed the FA, and my first reaction was "Bob's an idiot.
"First, either he is using his home PC to make financial transactions for his employer, or he is taking a laptop home that can be used to access his employer's financial institution.Second, he's installing shareware/freeware on this machine, and he does it without scanning the downloaded files or researching the reliability of the publisher.Third, he uses a browser over an unsecured internet connection instead of via VPN to the company network, which should incorporate well maintained filters and firewalls.Fourth, he continues to use this browser after it exhibits strange behavior.Fifth, he ignores red flags like unexplained 'Safety Pass' requests.If I discovered Bob did this when he worked for me, I'd fire Bob, no matter how much the boss on the temp agency radio commercials loves him.Er, yeah, the real problem is when Bobs official title to you is "Sir", which far too often online ignorance rises with pay grade.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242718</id>
	<title>Re:fuckfuck</title>
	<author>Anonymous</author>
	<datestamp>1266927480000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>I, for one, welcome our new insect overlords, to kick your ass.</p></htmltext>
<tokenext>I , for one , welcome our new insect overlords , to kick your ass .</tokentext>
<sentencetext>I, for one, welcome our new insect overlords, to kick your ass.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241602</id>
	<title>No no no! Please!</title>
	<author>Anonymous</author>
	<datestamp>1266955800000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I'm forced to use those things here in Sweden. They are an incredible PITA. You have to put in the card, punch in a PIN, and then digitally sign every transaction. It's such a pain. This also means you have to take your card and reader with you anytime you travel if you want to log into your bank.</p></htmltext>
<tokenext>I 'm forced to use those things here in Sweden .
They are an incredible PITA .
You have to put in the card , punch in a PIN , and then digitally sign every transaction .
It 's such a pain .
This also means you have to take your card and reader with you anytime you travel if you want to log into your bank .</tokentext>
<sentencetext>I'm forced to use those things here in Sweden.
They are an incredible PITA.
You have to put in the card, punch in a PIN, and then digitally sign every transaction.
It's such a pain.
This also means you have to take your card and reader with you anytime you travel if you want to log into your bank.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240452</id>
	<title>Chump change ...</title>
	<author>joelsanda</author>
	<datestamp>1266857280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>... elected officials do better than that, and they get the girls.</htmltext>
<tokenext>... elected officials do better than that , and they get the girls .</tokentext>
<sentencetext>... elected officials do better than that, and they get the girls.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241484</id>
	<title>How about simple upgrading?</title>
	<author>SmallFurryCreature</author>
	<datestamp>1266868200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I have noticed in IT an almost physical revulsion of the idea of upgrading. I can't count the times I have worked on a system and found it to be several versions out of date, the reason? "Well it works".
</p><p>No, it does not.
</p><p>While for some software new releases indeed only happen to sell more copies and add useless features, for production software and OS, security, reliability and bug fixes tend to be improved. If nothing else, then at least you present a moving target.
</p><p>A lot of exploits happen with code BASED on FIXES. So the bad guys learn what to attack by watching the patches that don't come out and basically attack everyone who hasn't patched.
</p><p>Often the official excuse is that code must be tested... yeah... because you tested it so well before that you did not find the security holes. If you ever been told that you can't upgrade beyond IE6 because it hasn't been certified yet, ask yourself: "Who the hell certified IE6?" Really, how did that ever get approved if any ever did any real testing? Answer: Nobody ever did.
</p><p>It is just that the support companies want to see big bucks first because if they upgrade their clients they got to retrain their people. Same with stuff that is developed for legacy systems, to cheap to do essential maintenance.
</p><p>Car anology: It is like not replacing your brakes because they still stop your car eventually and you need to cut costs and then when the remains of the brakes have becomes fused to the rims you can't afford the now increased costs so you defend that you need the car as it is and everyone else is to blame for it being a road hazard.
</p><p>UPGRADE. If you are afraid that you might be bitten by some new bug, then at least such a bug is an honest mistake, you might loose some data but that is what backups are for. If you do not, your data might not simply be lost but be stolen. And sooner or later someone will start to hold you accountable for your lousy business practices... oh we are talking the financial industry here? Never mind.</p></htmltext>
<tokenext>I have noticed in IT an almost physical revulsion of the idea of upgrading .
I ca n't count the times I have worked on a system and found it to be several versions out of date , the reason ?
" Well it works " .
No , it does not .
While for some software new releases indeed only happen to sell more copies and add useless features , for production software and OS , security , reliability and bug fixes tend to be improved .
If nothing else , then at least you present a moving target .
A lot of exploits happen with code BASED on FIXES .
So the bad guys learn what to attack by watching the patches that do n't come out and basically attack everyone who has n't patched .
Often the official excuse is that code must be tested... yeah... because you tested it so well before that you did not find the security holes .
If you ever been told that you ca n't upgrade beyond IE6 because it has n't been certified yet , ask yourself : " Who the hell certified IE6 ?
" Really , how did that ever get approved if any ever did any real testing ?
Answer : Nobody ever did .
It is just that the support companies want to see big bucks first because if they upgrade their clients they got to retrain their people .
Same with stuff that is developed for legacy systems , to cheap to do essential maintenance .
Car anology : It is like not replacing your brakes because they still stop your car eventually and you need to cut costs and then when the remains of the brakes have becomes fused to the rims you ca n't afford the now increased costs so you defend that you need the car as it is and everyone else is to blame for it being a road hazard .
UPGRADE. If you are afraid that you might be bitten by some new bug , then at least such a bug is an honest mistake , you might loose some data but that is what backups are for .
If you do not , your data might not simply be lost but be stolen .
And sooner or later someone will start to hold you accountable for your lousy business practices... oh we are talking the financial industry here ?
Never mind .</tokentext>
<sentencetext>I have noticed in IT an almost physical revulsion of the idea of upgrading.
I can't count the times I have worked on a system and found it to be several versions out of date, the reason?
"Well it works".
No, it does not.
While for some software new releases indeed only happen to sell more copies and add useless features, for production software and OS, security, reliability and bug fixes tend to be improved.
If nothing else, then at least you present a moving target.
A lot of exploits happen with code BASED on FIXES.
So the bad guys learn what to attack by watching the patches that don't come out and basically attack everyone who hasn't patched.
Often the official excuse is that code must be tested... yeah... because you tested it so well before that you did not find the security holes.
If you ever been told that you can't upgrade beyond IE6 because it hasn't been certified yet, ask yourself: "Who the hell certified IE6?
" Really, how did that ever get approved if any ever did any real testing?
Answer: Nobody ever did.
It is just that the support companies want to see big bucks first because if they upgrade their clients they got to retrain their people.
Same with stuff that is developed for legacy systems, to cheap to do essential maintenance.
Car anology: It is like not replacing your brakes because they still stop your car eventually and you need to cut costs and then when the remains of the brakes have becomes fused to the rims you can't afford the now increased costs so you defend that you need the car as it is and everyone else is to blame for it being a road hazard.
UPGRADE. If you are afraid that you might be bitten by some new bug, then at least such a bug is an honest mistake, you might loose some data but that is what backups are for.
If you do not, your data might not simply be lost but be stolen.
And sooner or later someone will start to hold you accountable for your lousy business practices... oh we are talking the financial industry here?
Never mind.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241238</id>
	<title>Re:Well...</title>
	<author>stephanruby</author>
	<datestamp>1266865560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>When you said near-perfect security, you were not kidding. Here is a customer's <a href="http://lau.savingadvice.com/2007/03/01/abn-amro-sucks\_22996/#comment-131993" title="savingadvice.com">testimonial</a> [savingadvice.com] confirming that very point.<blockquote><div><p>Absolute worst service I have ever encountered with any institution. I left Holland after being a client of ABN for over a year, for a year of traveling. I desperately needed a new e.dentifier, but after many emails and many phone calls to the bank, it seems like they are doing everything in their power not to be of help. They said they can only send it to my Amsterdam address, which is useless for me, as I am not there, and don't know anyone in Amsterdam to post one to me. I had a very simple and straightforward suggestion: Please could you send me a new e.dentifier to the address I am currently staying in London. My God what a revalation!! Simple yeah? Nope. Sorry, we can only send it to the address that is in the computer. Can you get someone to post it to you from there they asked. No I replied, there is no one at that address. The idea of simply posting it to the address I was at in London, seemed to go against what the almighty computer screen displayed. After pleading over emails and phone calls to let common sense and logic prevail, I received a snotty email saying they simply cannot help me. Hmm, I wonder if having a couple of million in my account would have persuaded ABN to help a client get a new e.dentifier. I cannot wrap my mind around it. So they suggested I change my address to the London one. Can't do that, as I don't live in London, I was visiting family. Changing the address would have to be done online anyway, and guess what - no identifier so no can do!! It seems that logic still has to take a back seat, even today. Shocking service from an unhelpful bank, which doesn't seem to be concerned about a client who was in desperate need of assistance. Thanks, I had to spend 200 euros on a flight to Amsterdam simply to get another e.dentifier before I went on my travels.</p></div> </blockquote></div>
	</htmltext>
<tokenext>When you said near-perfect security , you were not kidding .
Here is a customer 's testimonial [ savingadvice.com ] confirming that very point.Absolute worst service I have ever encountered with any institution .
I left Holland after being a client of ABN for over a year , for a year of traveling .
I desperately needed a new e.dentifier , but after many emails and many phone calls to the bank , it seems like they are doing everything in their power not to be of help .
They said they can only send it to my Amsterdam address , which is useless for me , as I am not there , and do n't know anyone in Amsterdam to post one to me .
I had a very simple and straightforward suggestion : Please could you send me a new e.dentifier to the address I am currently staying in London .
My God what a revalation ! !
Simple yeah ?
Nope. Sorry , we can only send it to the address that is in the computer .
Can you get someone to post it to you from there they asked .
No I replied , there is no one at that address .
The idea of simply posting it to the address I was at in London , seemed to go against what the almighty computer screen displayed .
After pleading over emails and phone calls to let common sense and logic prevail , I received a snotty email saying they simply can not help me .
Hmm , I wonder if having a couple of million in my account would have persuaded ABN to help a client get a new e.dentifier .
I can not wrap my mind around it .
So they suggested I change my address to the London one .
Ca n't do that , as I do n't live in London , I was visiting family .
Changing the address would have to be done online anyway , and guess what - no identifier so no can do ! !
It seems that logic still has to take a back seat , even today .
Shocking service from an unhelpful bank , which does n't seem to be concerned about a client who was in desperate need of assistance .
Thanks , I had to spend 200 euros on a flight to Amsterdam simply to get another e.dentifier before I went on my travels .</tokentext>
<sentencetext>When you said near-perfect security, you were not kidding.
Here is a customer's testimonial [savingadvice.com] confirming that very point.Absolute worst service I have ever encountered with any institution.
I left Holland after being a client of ABN for over a year, for a year of traveling.
I desperately needed a new e.dentifier, but after many emails and many phone calls to the bank, it seems like they are doing everything in their power not to be of help.
They said they can only send it to my Amsterdam address, which is useless for me, as I am not there, and don't know anyone in Amsterdam to post one to me.
I had a very simple and straightforward suggestion: Please could you send me a new e.dentifier to the address I am currently staying in London.
My God what a revalation!!
Simple yeah?
Nope. Sorry, we can only send it to the address that is in the computer.
Can you get someone to post it to you from there they asked.
No I replied, there is no one at that address.
The idea of simply posting it to the address I was at in London, seemed to go against what the almighty computer screen displayed.
After pleading over emails and phone calls to let common sense and logic prevail, I received a snotty email saying they simply cannot help me.
Hmm, I wonder if having a couple of million in my account would have persuaded ABN to help a client get a new e.dentifier.
I cannot wrap my mind around it.
So they suggested I change my address to the London one.
Can't do that, as I don't live in London, I was visiting family.
Changing the address would have to be done online anyway, and guess what - no identifier so no can do!!
It seems that logic still has to take a back seat, even today.
Shocking service from an unhelpful bank, which doesn't seem to be concerned about a client who was in desperate need of assistance.
Thanks, I had to spend 200 euros on a flight to Amsterdam simply to get another e.dentifier before I went on my travels. 
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240466</id>
	<title>I think Banks Don't Actually Care</title>
	<author>weston</author>
	<datestamp>1266857460000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>I'm thinking of some past conversations I've had with people in banking and payment systems. I have a suspicion based off of some of those conversations and what we actually see. Banking has two related security problems:</p><p>1) They think they don't need to care (and might be somewhat right)<br>2) Leadership in the industry largely just doesn't have the ability to tell who's good at security.</p><p>As an industry bankers have long naturally had an awful lot of clout legally and politically, and so they're very used to dealing with problems that way. It might not be particularly more expensive to hire some good security professionals and developers to get their systems right than it would be to do some lobbying for harder penalties, more attention from specialized law enforcement, some kind of public insurance against this kind of theft and fraud, and most importantly, laws that push the liability onto other parties (remember, being a banker means *never* having to take any responsibility!), but I suspect they're a lot more practiced at the latter approach than the former. And this is *before* you get into some of the darker corners of banking. There are no small number of people who will tell you a little bit of looseness in the system is a feature, not a bug, because it makes it a lot easier to handle money for, shall we say, extralegal enterprises.</p><p>And while it might not be more *expensive* to hire good security professionals, it's probably harder. As the old saying goes, it takes one to know one. The banking community knows good lawyers and lobbyists. They don't really know what computer security looks like.</p></htmltext>
<tokenext>I 'm thinking of some past conversations I 've had with people in banking and payment systems .
I have a suspicion based off of some of those conversations and what we actually see .
Banking has two related security problems : 1 ) They think they do n't need to care ( and might be somewhat right ) 2 ) Leadership in the industry largely just does n't have the ability to tell who 's good at security.As an industry bankers have long naturally had an awful lot of clout legally and politically , and so they 're very used to dealing with problems that way .
It might not be particularly more expensive to hire some good security professionals and developers to get their systems right than it would be to do some lobbying for harder penalties , more attention from specialized law enforcement , some kind of public insurance against this kind of theft and fraud , and most importantly , laws that push the liability onto other parties ( remember , being a banker means * never * having to take any responsibility !
) , but I suspect they 're a lot more practiced at the latter approach than the former .
And this is * before * you get into some of the darker corners of banking .
There are no small number of people who will tell you a little bit of looseness in the system is a feature , not a bug , because it makes it a lot easier to handle money for , shall we say , extralegal enterprises.And while it might not be more * expensive * to hire good security professionals , it 's probably harder .
As the old saying goes , it takes one to know one .
The banking community knows good lawyers and lobbyists .
They do n't really know what computer security looks like .</tokentext>
<sentencetext>I'm thinking of some past conversations I've had with people in banking and payment systems.
I have a suspicion based off of some of those conversations and what we actually see.
Banking has two related security problems:1) They think they don't need to care (and might be somewhat right)2) Leadership in the industry largely just doesn't have the ability to tell who's good at security.As an industry bankers have long naturally had an awful lot of clout legally and politically, and so they're very used to dealing with problems that way.
It might not be particularly more expensive to hire some good security professionals and developers to get their systems right than it would be to do some lobbying for harder penalties, more attention from specialized law enforcement, some kind of public insurance against this kind of theft and fraud, and most importantly, laws that push the liability onto other parties (remember, being a banker means *never* having to take any responsibility!
), but I suspect they're a lot more practiced at the latter approach than the former.
And this is *before* you get into some of the darker corners of banking.
There are no small number of people who will tell you a little bit of looseness in the system is a feature, not a bug, because it makes it a lot easier to handle money for, shall we say, extralegal enterprises.And while it might not be more *expensive* to hire good security professionals, it's probably harder.
As the old saying goes, it takes one to know one.
The banking community knows good lawyers and lobbyists.
They don't really know what computer security looks like.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31249936</id>
	<title>Re:Test</title>
	<author>Anonymous</author>
	<datestamp>1266918060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Plus there's yesterday's story about the current router-based botnet -- it's MIPS Linux only.</p></htmltext>
<tokenext>Plus there 's yesterday 's story about the current router-based botnet -- it 's MIPS Linux only .</tokentext>
<sentencetext>Plus there's yesterday's story about the current router-based botnet -- it's MIPS Linux only.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242390</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31251112</id>
	<title>Is this like in Superman III....</title>
	<author>Ogre332</author>
	<datestamp>1266922260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>where Ricahrd Pryor wrote the program to steal all the half cents?</p></htmltext>
<tokenext>where Ricahrd Pryor wrote the program to steal all the half cents ?</tokentext>
<sentencetext>where Ricahrd Pryor wrote the program to steal all the half cents?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31245506</id>
	<title>Not enoughq</title>
	<author>DrYak</author>
	<datestamp>1266945900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This device uses a time-dependant (be it iterative or time-synchronised) password. It requires no input from the bank it self. The device simply gives you a number, you type it into the log-in screen and you're logged in.<br>Once logged in, a hi-jacked browser could pretty much change the account information on-the-fly during a transfer (the browser screen says your transfering money to the merchant you're buying from, but secretly the trojans changes it on the fly, so the bank is actually ordered to transfer money to a criminal. See case 2 in TFA).</p><p>In Switzerland, UBS use a slightly <a href="https://www2.ubs.com/1/e/ebanking/internet\_security/requirements.html" title="ubs.com">different device</a> [ubs.com].<br>That device is closer to the kind of stuff you see in a public-key infrastructure : you just type a number in, and an encoded version is spit out.<br>The log-in is slightly different : UBS gives you a challenge on the log-in screen, and you must respond with the encoded version of it.</p><p>Where it gets interesting is, as the device can encode any string, you can also use it to secure wire transfers :<br>instead of directly typing the account number of the merchang you're paying, you type the account into the device, and give the encoded version to the web-form (for each new recipient. Once a recipient account is known as "safe", you can also do it without encryption).<br>Case 2-type injection can't work : the torjan can't change the recipient on the fly because there's no merchant's account number to replace. In theory, the trojan should replace the encrypted merchant's account with an encrypted criminal account. But that's impossible because the encryption is done on a separate device which isn't accessible to the trojan*.</p><p>*: That would require a rather more elaborated (and therefore more prone to detection) case.<br>The trojan should initially simulate internally a couple of failed logins, where it requires the user to attempt to log using a challenge which is actually the criminal's account. Thus the trojan gains knowledge of the number encoded with the victim's key.<br>Then it proceed as in case 2, but instead injects the encrypted criminal account number it obtained during the fake failed log-in step.<br>Could work, but the first step will look highly suspicious to lots of users. And is easily subverted if the bank starts to ask encrypting random part of the recipient account instead of a fix part - the torjan doesn't know in advance which part it must encrypt during the fake-log-in.</p></htmltext>
<tokenext>This device uses a time-dependant ( be it iterative or time-synchronised ) password .
It requires no input from the bank it self .
The device simply gives you a number , you type it into the log-in screen and you 're logged in.Once logged in , a hi-jacked browser could pretty much change the account information on-the-fly during a transfer ( the browser screen says your transfering money to the merchant you 're buying from , but secretly the trojans changes it on the fly , so the bank is actually ordered to transfer money to a criminal .
See case 2 in TFA ) .In Switzerland , UBS use a slightly different device [ ubs.com ] .That device is closer to the kind of stuff you see in a public-key infrastructure : you just type a number in , and an encoded version is spit out.The log-in is slightly different : UBS gives you a challenge on the log-in screen , and you must respond with the encoded version of it.Where it gets interesting is , as the device can encode any string , you can also use it to secure wire transfers : instead of directly typing the account number of the merchang you 're paying , you type the account into the device , and give the encoded version to the web-form ( for each new recipient .
Once a recipient account is known as " safe " , you can also do it without encryption ) .Case 2-type injection ca n't work : the torjan ca n't change the recipient on the fly because there 's no merchant 's account number to replace .
In theory , the trojan should replace the encrypted merchant 's account with an encrypted criminal account .
But that 's impossible because the encryption is done on a separate device which is n't accessible to the trojan * .
* : That would require a rather more elaborated ( and therefore more prone to detection ) case.The trojan should initially simulate internally a couple of failed logins , where it requires the user to attempt to log using a challenge which is actually the criminal 's account .
Thus the trojan gains knowledge of the number encoded with the victim 's key.Then it proceed as in case 2 , but instead injects the encrypted criminal account number it obtained during the fake failed log-in step.Could work , but the first step will look highly suspicious to lots of users .
And is easily subverted if the bank starts to ask encrypting random part of the recipient account instead of a fix part - the torjan does n't know in advance which part it must encrypt during the fake-log-in .</tokentext>
<sentencetext>This device uses a time-dependant (be it iterative or time-synchronised) password.
It requires no input from the bank it self.
The device simply gives you a number, you type it into the log-in screen and you're logged in.Once logged in, a hi-jacked browser could pretty much change the account information on-the-fly during a transfer (the browser screen says your transfering money to the merchant you're buying from, but secretly the trojans changes it on the fly, so the bank is actually ordered to transfer money to a criminal.
See case 2 in TFA).In Switzerland, UBS use a slightly different device [ubs.com].That device is closer to the kind of stuff you see in a public-key infrastructure : you just type a number in, and an encoded version is spit out.The log-in is slightly different : UBS gives you a challenge on the log-in screen, and you must respond with the encoded version of it.Where it gets interesting is, as the device can encode any string, you can also use it to secure wire transfers :instead of directly typing the account number of the merchang you're paying, you type the account into the device, and give the encoded version to the web-form (for each new recipient.
Once a recipient account is known as "safe", you can also do it without encryption).Case 2-type injection can't work : the torjan can't change the recipient on the fly because there's no merchant's account number to replace.
In theory, the trojan should replace the encrypted merchant's account with an encrypted criminal account.
But that's impossible because the encryption is done on a separate device which isn't accessible to the trojan*.
*: That would require a rather more elaborated (and therefore more prone to detection) case.The trojan should initially simulate internally a couple of failed logins, where it requires the user to attempt to log using a challenge which is actually the criminal's account.
Thus the trojan gains knowledge of the number encoded with the victim's key.Then it proceed as in case 2, but instead injects the encrypted criminal account number it obtained during the fake failed log-in step.Could work, but the first step will look highly suspicious to lots of users.
And is easily subverted if the bank starts to ask encrypting random part of the recipient account instead of a fix part - the torjan doesn't know in advance which part it must encrypt during the fake-log-in.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240144</id>
	<title>Re:The problem is Bob</title>
	<author>thePowerOfGrayskull</author>
	<datestamp>1266854640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>There are , alas, too many Bobs in the world.  Do you believe that most people using computers *aren't* dumb enough to do this?  And since it only takes one occurrence to be compromised, it doesn't matter how quickly you fire him.</htmltext>
<tokenext>There are , alas , too many Bobs in the world .
Do you believe that most people using computers * are n't * dumb enough to do this ?
And since it only takes one occurrence to be compromised , it does n't matter how quickly you fire him .</tokentext>
<sentencetext>There are , alas, too many Bobs in the world.
Do you believe that most people using computers *aren't* dumb enough to do this?
And since it only takes one occurrence to be compromised, it doesn't matter how quickly you fire him.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243124</id>
	<title>First send a text confirmation, please.</title>
	<author>140Mandak262Jamuna</author>
	<datestamp>1266931620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Last time when I was in India, every time my brother made an ATM withdrawal he got a text message to his phone. Every time he made a big charge in the credit card he got a text message. Alerting people to withdrawals and transfers immediately would be a good first step. The banks get early warning and stop the fraud quickly. Of course you should not be able to change the alert phone number via the internet, and you should be able to set a threshold on the amount that triggers alerts.</htmltext>
<tokenext>Last time when I was in India , every time my brother made an ATM withdrawal he got a text message to his phone .
Every time he made a big charge in the credit card he got a text message .
Alerting people to withdrawals and transfers immediately would be a good first step .
The banks get early warning and stop the fraud quickly .
Of course you should not be able to change the alert phone number via the internet , and you should be able to set a threshold on the amount that triggers alerts .</tokentext>
<sentencetext>Last time when I was in India, every time my brother made an ATM withdrawal he got a text message to his phone.
Every time he made a big charge in the credit card he got a text message.
Alerting people to withdrawals and transfers immediately would be a good first step.
The banks get early warning and stop the fraud quickly.
Of course you should not be able to change the alert phone number via the internet, and you should be able to set a threshold on the amount that triggers alerts.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240258</id>
	<title>Re:Well...</title>
	<author>maxume</author>
	<datestamp>1266855720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Millions of dollars a day is a few billion dollars a year. It's insane, but it is peanuts.</p></htmltext>
<tokenext>Millions of dollars a day is a few billion dollars a year .
It 's insane , but it is peanuts .</tokentext>
<sentencetext>Millions of dollars a day is a few billion dollars a year.
It's insane, but it is peanuts.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240484</id>
	<title>Safest way to bank:</title>
	<author>LoRdTAW</author>
	<datestamp>1266857520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Use a trusted Live Linux CD (Ubuntu, Knoppix etc..) in a VM or boot your PC with it. Browse directly to your banks site and take care of business.</p></htmltext>
<tokenext>Use a trusted Live Linux CD ( Ubuntu , Knoppix etc.. ) in a VM or boot your PC with it .
Browse directly to your banks site and take care of business .</tokentext>
<sentencetext>Use a trusted Live Linux CD (Ubuntu, Knoppix etc..) in a VM or boot your PC with it.
Browse directly to your banks site and take care of business.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241624</id>
	<title>Re:Not that I know anything about this</title>
	<author>Anonymous</author>
	<datestamp>1266956100000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>That how the banks do it in Europe (at least scandinavia), you have a physical key generator (that the bank knows the salt for) and when you log in to your account you get presented with a challenge which you type into your keygenerator and get a response that you type into your browser. Now if your browser is compromised they only know the answer to that particular challenge, which won't happen again.</p><p>Now, the smart part is that when you add a new recipient for transfers you have to input their account number (or last 8 digits if it's longer than 8 digits)  so that only thing the infected browser can do is change your new recipient to another that has the same last 8 digits which is highly unlikely that they will have any use for. Now second smart part is that you also have to put in a hash of your amount for each transfer (even to trusted recipients)  so the browser can't even change the amount sent.</p><p>The bad part of this is of course that your key generator could get stolen, but they'd need your 4 digit PIN (3 tries and the generator locks down) and that it's a bit tedious to check the sum and get the hash from your key generator every time you transfer money. Also a bad part is that it can only handle 8 digit account numbers.</p><p>The pro's as compared to a USB dongle is that you yourself type in the account number and amount into the generator so even if your entire computer is infected no false information can be injected at this stage. Though they could still intercept your invoice unless you can get that delivered to you securely and change teh account number in the actual invoice, but they need to do that before you make your first payment.</p></htmltext>
<tokenext>That how the banks do it in Europe ( at least scandinavia ) , you have a physical key generator ( that the bank knows the salt for ) and when you log in to your account you get presented with a challenge which you type into your keygenerator and get a response that you type into your browser .
Now if your browser is compromised they only know the answer to that particular challenge , which wo n't happen again.Now , the smart part is that when you add a new recipient for transfers you have to input their account number ( or last 8 digits if it 's longer than 8 digits ) so that only thing the infected browser can do is change your new recipient to another that has the same last 8 digits which is highly unlikely that they will have any use for .
Now second smart part is that you also have to put in a hash of your amount for each transfer ( even to trusted recipients ) so the browser ca n't even change the amount sent.The bad part of this is of course that your key generator could get stolen , but they 'd need your 4 digit PIN ( 3 tries and the generator locks down ) and that it 's a bit tedious to check the sum and get the hash from your key generator every time you transfer money .
Also a bad part is that it can only handle 8 digit account numbers.The pro 's as compared to a USB dongle is that you yourself type in the account number and amount into the generator so even if your entire computer is infected no false information can be injected at this stage .
Though they could still intercept your invoice unless you can get that delivered to you securely and change teh account number in the actual invoice , but they need to do that before you make your first payment .</tokentext>
<sentencetext>That how the banks do it in Europe (at least scandinavia), you have a physical key generator (that the bank knows the salt for) and when you log in to your account you get presented with a challenge which you type into your keygenerator and get a response that you type into your browser.
Now if your browser is compromised they only know the answer to that particular challenge, which won't happen again.Now, the smart part is that when you add a new recipient for transfers you have to input their account number (or last 8 digits if it's longer than 8 digits)  so that only thing the infected browser can do is change your new recipient to another that has the same last 8 digits which is highly unlikely that they will have any use for.
Now second smart part is that you also have to put in a hash of your amount for each transfer (even to trusted recipients)  so the browser can't even change the amount sent.The bad part of this is of course that your key generator could get stolen, but they'd need your 4 digit PIN (3 tries and the generator locks down) and that it's a bit tedious to check the sum and get the hash from your key generator every time you transfer money.
Also a bad part is that it can only handle 8 digit account numbers.The pro's as compared to a USB dongle is that you yourself type in the account number and amount into the generator so even if your entire computer is infected no false information can be injected at this stage.
Though they could still intercept your invoice unless you can get that delivered to you securely and change teh account number in the actual invoice, but they need to do that before you make your first payment.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240570</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240784</id>
	<title>Re:fuckfuck</title>
	<author>Anonymous</author>
	<datestamp>1266860700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>AC troll, yes. But to write that number of words on it means you are a seriously sick, twisted individual. Wow. The detail.</p><p>Even for<nobr> <wbr></nobr>/. it amazes me how you got a +4 interesting.</p><p>It takes a lot for me to log in and post but holy hannah you are one sick puppy, even for a troll.</p></htmltext>
<tokenext>AC troll , yes .
But to write that number of words on it means you are a seriously sick , twisted individual .
Wow. The detail.Even for / .
it amazes me how you got a + 4 interesting.It takes a lot for me to log in and post but holy hannah you are one sick puppy , even for a troll .</tokentext>
<sentencetext>AC troll, yes.
But to write that number of words on it means you are a seriously sick, twisted individual.
Wow. The detail.Even for /.
it amazes me how you got a +4 interesting.It takes a lot for me to log in and post but holy hannah you are one sick puppy, even for a troll.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240304</id>
	<title>Re:I have a simple solution</title>
	<author>Viceice</author>
	<datestamp>1266856140000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p><div class="quote"><p>The first property crime happened the day property was invented.</p></div><p>So what you're saying is, the solution to theft is communism?</p></div>
	</htmltext>
<tokenext>The first property crime happened the day property was invented.So what you 're saying is , the solution to theft is communism ?</tokentext>
<sentencetext>The first property crime happened the day property was invented.So what you're saying is, the solution to theft is communism?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244834</id>
	<title>Re:Test</title>
	<author>CharlyFoxtrot</author>
	<datestamp>1266942480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p> <b>iServices.A </b> is a mac only botnet that is distributed with pirated copies of iwork.</p></div><p>Oooh, <a href="http://www.symantec.com/security\_response/writeup.jsp?docid=2009-012216-4245-99" title="symantec.com">scary</a> [symantec.com] ! A botnet with literally DOZENS of hosts :</p><p>"Threat Assessment<br>Wild</p><p>
&nbsp; &nbsp; &nbsp; &nbsp; * Wild Level: Low<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Number of Infections: 0 - 49<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Number of Sites: 0 - 2<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Geographical Distribution: Low<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Threat Containment: Easy<br>
&nbsp; &nbsp; &nbsp; &nbsp; * Removal: Easy"</p></div>
	</htmltext>
<tokenext>iServices.A is a mac only botnet that is distributed with pirated copies of iwork.Oooh , scary [ symantec.com ] !
A botnet with literally DOZENS of hosts : " Threat AssessmentWild         * Wild Level : Low         * Number of Infections : 0 - 49         * Number of Sites : 0 - 2         * Geographical Distribution : Low         * Threat Containment : Easy         * Removal : Easy "</tokentext>
<sentencetext> iServices.A  is a mac only botnet that is distributed with pirated copies of iwork.Oooh, scary [symantec.com] !
A botnet with literally DOZENS of hosts :"Threat AssessmentWild
        * Wild Level: Low
        * Number of Infections: 0 - 49
        * Number of Sites: 0 - 2
        * Geographical Distribution: Low
        * Threat Containment: Easy
        * Removal: Easy"
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242390</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240950</id>
	<title>It like the pennies tray at the cash register...</title>
	<author>barfy</author>
	<datestamp>1266862500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Not the ones for the kids.   The ones for everyone...</p><p>Except we take parts of pennies and do it a million times a day.</p></htmltext>
<tokenext>Not the ones for the kids .
The ones for everyone...Except we take parts of pennies and do it a million times a day .</tokentext>
<sentencetext>Not the ones for the kids.
The ones for everyone...Except we take parts of pennies and do it a million times a day.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240114</id>
	<title>Brought to you by fireeye!</title>
	<author>thePowerOfGrayskull</author>
	<datestamp>1266854460000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>This round of panic brought to you by Fireeye -- but rest assured, they can protect you from this latest 2-year-old+ threat.</htmltext>
<tokenext>This round of panic brought to you by Fireeye -- but rest assured , they can protect you from this latest 2-year-old + threat .</tokentext>
<sentencetext>This round of panic brought to you by Fireeye -- but rest assured, they can protect you from this latest 2-year-old+ threat.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240576</id>
	<title>Re:The problem is Bob</title>
	<author>ScaryMonkey</author>
	<datestamp>1266858540000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Just R'ed the FA, and my first reaction was "Bob's an idiot."</p></div><p>I think you might be overreacting a bit.</p><p><div class="quote"><p>First, either he is using his home PC to make financial transactions for his employer, or he is taking a laptop home that can be used to access his employer's financial institution.</p></div><p>Fair point, but what if Bob is accessing his own, personal bank account from home?</p><p><div class="quote"><p>Second, he's installing shareware/freeware on this machine, and he does it without scanning the downloaded files or researching the reliability of the publisher.</p></div><p>Read the article a little more closely; it specifies an infection via cross-site scripting, not a download.  I don't think he can be considered an "idiot" for not researching every search engine listing for reliability before visiting the site.</p><p><div class="quote"><p>Third, he uses a browser over an unsecured internet connection instead of via VPN to the company network, which should incorporate well maintained filters and firewalls.</p></div><p>See point 2</p><p><div class="quote"><p>Fourth, he continues to use this browser after it exhibits strange behavior.</p></div><p>Again, I don't think it qualifies someone as an "idiot" if they don't do a complete system security review every time their browser crashes.</p><p><div class="quote"><p>Fifth, he ignores red flags like unexplained 'Safety Pass' requests.</p></div><p>That's not necessarily a red flag, maybe his bank rechecks this periodically; I doubt, in that case, that most people would keep the schedule of these checks handy to sniff out any suspicious deviations.</p><p><div class="quote"><p>If I discovered Bob did this when he worked for me, I'd fire Bob, no matter how much the boss on the temp agency radio commercials loves him.</p></div><p>Again see point 2; Companies aren't the only ones with bank accounts.</p></div>
	</htmltext>
<tokenext>Just R'ed the FA , and my first reaction was " Bob 's an idiot .
" I think you might be overreacting a bit.First , either he is using his home PC to make financial transactions for his employer , or he is taking a laptop home that can be used to access his employer 's financial institution.Fair point , but what if Bob is accessing his own , personal bank account from home ? Second , he 's installing shareware/freeware on this machine , and he does it without scanning the downloaded files or researching the reliability of the publisher.Read the article a little more closely ; it specifies an infection via cross-site scripting , not a download .
I do n't think he can be considered an " idiot " for not researching every search engine listing for reliability before visiting the site.Third , he uses a browser over an unsecured internet connection instead of via VPN to the company network , which should incorporate well maintained filters and firewalls.See point 2Fourth , he continues to use this browser after it exhibits strange behavior.Again , I do n't think it qualifies someone as an " idiot " if they do n't do a complete system security review every time their browser crashes.Fifth , he ignores red flags like unexplained 'Safety Pass ' requests.That 's not necessarily a red flag , maybe his bank rechecks this periodically ; I doubt , in that case , that most people would keep the schedule of these checks handy to sniff out any suspicious deviations.If I discovered Bob did this when he worked for me , I 'd fire Bob , no matter how much the boss on the temp agency radio commercials loves him.Again see point 2 ; Companies are n't the only ones with bank accounts .</tokentext>
<sentencetext>Just R'ed the FA, and my first reaction was "Bob's an idiot.
"I think you might be overreacting a bit.First, either he is using his home PC to make financial transactions for his employer, or he is taking a laptop home that can be used to access his employer's financial institution.Fair point, but what if Bob is accessing his own, personal bank account from home?Second, he's installing shareware/freeware on this machine, and he does it without scanning the downloaded files or researching the reliability of the publisher.Read the article a little more closely; it specifies an infection via cross-site scripting, not a download.
I don't think he can be considered an "idiot" for not researching every search engine listing for reliability before visiting the site.Third, he uses a browser over an unsecured internet connection instead of via VPN to the company network, which should incorporate well maintained filters and firewalls.See point 2Fourth, he continues to use this browser after it exhibits strange behavior.Again, I don't think it qualifies someone as an "idiot" if they don't do a complete system security review every time their browser crashes.Fifth, he ignores red flags like unexplained 'Safety Pass' requests.That's not necessarily a red flag, maybe his bank rechecks this periodically; I doubt, in that case, that most people would keep the schedule of these checks handy to sniff out any suspicious deviations.If I discovered Bob did this when he worked for me, I'd fire Bob, no matter how much the boss on the temp agency radio commercials loves him.Again see point 2; Companies aren't the only ones with bank accounts.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944</id>
	<title>Re:Test</title>
	<author>Anonymous</author>
	<datestamp>1266862440000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><blockquote><div><p>What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations (such as which banks to attack), but having all the flexibility and power of the original toolkit. Having such a toolkit in the hands of multiple criminal groups paints a scary picture. It's simply not enough to eliminate a particular botnet and criminal group to solve this problem.</p></div></blockquote><p>
I agree it's not enough.  They should also eliminate the use of any Windows computer by all banks.  Seriously, name just one large botnet that contains no infected Windows machines.  I dare you.</p></div>
	</htmltext>
<tokenext>What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations ( such as which banks to attack ) , but having all the flexibility and power of the original toolkit .
Having such a toolkit in the hands of multiple criminal groups paints a scary picture .
It 's simply not enough to eliminate a particular botnet and criminal group to solve this problem .
I agree it 's not enough .
They should also eliminate the use of any Windows computer by all banks .
Seriously , name just one large botnet that contains no infected Windows machines .
I dare you .</tokentext>
<sentencetext>What this means is that the buyer of this toolkit can then create customized malware or botnets with different command-and-controls and configurations (such as which banks to attack), but having all the flexibility and power of the original toolkit.
Having such a toolkit in the hands of multiple criminal groups paints a scary picture.
It's simply not enough to eliminate a particular botnet and criminal group to solve this problem.
I agree it's not enough.
They should also eliminate the use of any Windows computer by all banks.
Seriously, name just one large botnet that contains no infected Windows machines.
I dare you.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239934</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31246718</id>
	<title>Re:The problem is Bob</title>
	<author>bughunter</author>
	<datestamp>1266950280000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yeah, but that wasn't the scenario described in TFA.</p><p>The scenario described in TFA was that <i>Bob is an idiot</i>.</p></htmltext>
<tokenext>Yeah , but that was n't the scenario described in TFA.The scenario described in TFA was that Bob is an idiot .</tokentext>
<sentencetext>Yeah, but that wasn't the scenario described in TFA.The scenario described in TFA was that Bob is an idiot.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242188</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242724</id>
	<title>That's not stealing!</title>
	<author>dunkelfalke</author>
	<datestamp>1266927540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>That's copyright infringement!</p><p>Oh.<br>Sorry, wrong thread.</p></htmltext>
<tokenext>That 's copyright infringement ! Oh.Sorry , wrong thread .</tokentext>
<sentencetext>That's copyright infringement!Oh.Sorry, wrong thread.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242578</id>
	<title>Re:Well...</title>
	<author>Anonymous</author>
	<datestamp>1266925500000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>promote the use of isolated secure workstations for private banking transactions online</p><p>/quote&gt;</p><p>Three letters: ATM</p></div></div>
	</htmltext>
<tokenext>promote the use of isolated secure workstations for private banking transactions online/quote &gt; Three letters : ATM</tokentext>
<sentencetext>promote the use of isolated secure workstations for private banking transactions online/quote&gt;Three letters: ATM
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240546</id>
	<title>Re:Pissed at Apple</title>
	<author>rockNme2349</author>
	<datestamp>1266858240000</datestamp>
	<modclass>Funny</modclass>
	<modscore>4</modscore>
	<htmltext><p>Dear lullabud,<br>
&nbsp; <br>Thank you for submitting iBotnet to the App Store. We&rsquo;ve reviewed iBotnet and determined that we cannot post this version of your iPhone application to the App Store because it duplicates existing functionality of the iPhone and is in violation of Section  3.1.337 from the iPhone Developer Program License Agreement.<br>
&nbsp; <br>If you believe that you can make the necessary changes so that iBotnet does not violate the iPhone Developer Program License Agreement, we encourage you to do so and resubmit it for review.<br>
&nbsp; <br>Regards,<br>iPhone Developer Program</p></htmltext>
<tokenext>Dear lullabud ,   Thank you for submitting iBotnet to the App Store .
We    ve reviewed iBotnet and determined that we can not post this version of your iPhone application to the App Store because it duplicates existing functionality of the iPhone and is in violation of Section 3.1.337 from the iPhone Developer Program License Agreement .
  If you believe that you can make the necessary changes so that iBotnet does not violate the iPhone Developer Program License Agreement , we encourage you to do so and resubmit it for review .
  Regards,iPhone Developer Program</tokentext>
<sentencetext>Dear lullabud,
  Thank you for submitting iBotnet to the App Store.
We’ve reviewed iBotnet and determined that we cannot post this version of your iPhone application to the App Store because it duplicates existing functionality of the iPhone and is in violation of Section  3.1.337 from the iPhone Developer Program License Agreement.
  If you believe that you can make the necessary changes so that iBotnet does not violate the iPhone Developer Program License Agreement, we encourage you to do so and resubmit it for review.
  Regards,iPhone Developer Program</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240356</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240332</id>
	<title>Surely the good news</title>
	<author>bugs2squash</author>
	<datestamp>1266856320000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>about so many groups using the same toolkit is that if you find a weakness in the toolkit then you can clear up multiple attacks all at once.</htmltext>
<tokenext>about so many groups using the same toolkit is that if you find a weakness in the toolkit then you can clear up multiple attacks all at once .</tokentext>
<sentencetext>about so many groups using the same toolkit is that if you find a weakness in the toolkit then you can clear up multiple attacks all at once.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514</id>
	<title>fuckfuck</title>
	<author>Anonymous</author>
	<datestamp>1266857820000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>1</modscore>
	<htmltext><p>Slashdot, downstairs in my house has a major ant problem. Luckily I reside upstairs. Nevertheless, once every 5 minutes or so an ant comes trotting along my desk. First I place a coin or another object in its path. This confuses the ant, causing it to run off in a different direction, but my finger is waiting. I block its path with my finger. It runs in the opposite direction, but I anticipate this. Soon the ant is encircled by pens and other barriers, and if it attempts to climb them, swift punishment is issued. The ant remains in my arena. Then I take my knife, and nimbly place the tip onto one of its legs, holding it in place, then I press down hard and chop the leg off. The ant does not run, it merely enters a craze moving all around wildly. I allow it to suffer like this for a minute or so, chopping off another leg if it appears not to be in pain. Then comes a decision. Sometimes I will wait for another ant, and place it in the arena to see what it does. Occasionally it will pick up its comrade, and run off, but this is an offense punishable by death. Other times, I will merely watch the ant until it gives up. It will stop moving all but one leg. At this point I give in and slice the ant in two, putting it out of its misery. I save the corpses in a small pile, and once I have a considerable stack, I scatter them in my arena. This is where the real fun begins.</p><p>I venture outside to my back yard and find a red ant. This is my gladiator. I return to my room and place him in among the corpses. He wanders, confused. I do not let him leave. I pound the desk near him with my fingers, scaring him. I toughen my gladiator up until another ant comes along. I place the intruder into the arena. The red ant will go after the black ant, and they engage in mortal combat. If the red ant wins, another corpse decorates my arena. If the black ant vanquishes his foe, he wins the prize of life. I carry him in my hands and bring him downstairs and place him among his comrades. If he put up a good fight, I give him a warriors welcome and feed his colony with bread. If he barely defeated the red ant, he receives no food, only the gift of life. This is how i spent my afternoons.</p></htmltext>
<tokenext>Slashdot , downstairs in my house has a major ant problem .
Luckily I reside upstairs .
Nevertheless , once every 5 minutes or so an ant comes trotting along my desk .
First I place a coin or another object in its path .
This confuses the ant , causing it to run off in a different direction , but my finger is waiting .
I block its path with my finger .
It runs in the opposite direction , but I anticipate this .
Soon the ant is encircled by pens and other barriers , and if it attempts to climb them , swift punishment is issued .
The ant remains in my arena .
Then I take my knife , and nimbly place the tip onto one of its legs , holding it in place , then I press down hard and chop the leg off .
The ant does not run , it merely enters a craze moving all around wildly .
I allow it to suffer like this for a minute or so , chopping off another leg if it appears not to be in pain .
Then comes a decision .
Sometimes I will wait for another ant , and place it in the arena to see what it does .
Occasionally it will pick up its comrade , and run off , but this is an offense punishable by death .
Other times , I will merely watch the ant until it gives up .
It will stop moving all but one leg .
At this point I give in and slice the ant in two , putting it out of its misery .
I save the corpses in a small pile , and once I have a considerable stack , I scatter them in my arena .
This is where the real fun begins.I venture outside to my back yard and find a red ant .
This is my gladiator .
I return to my room and place him in among the corpses .
He wanders , confused .
I do not let him leave .
I pound the desk near him with my fingers , scaring him .
I toughen my gladiator up until another ant comes along .
I place the intruder into the arena .
The red ant will go after the black ant , and they engage in mortal combat .
If the red ant wins , another corpse decorates my arena .
If the black ant vanquishes his foe , he wins the prize of life .
I carry him in my hands and bring him downstairs and place him among his comrades .
If he put up a good fight , I give him a warriors welcome and feed his colony with bread .
If he barely defeated the red ant , he receives no food , only the gift of life .
This is how i spent my afternoons .</tokentext>
<sentencetext>Slashdot, downstairs in my house has a major ant problem.
Luckily I reside upstairs.
Nevertheless, once every 5 minutes or so an ant comes trotting along my desk.
First I place a coin or another object in its path.
This confuses the ant, causing it to run off in a different direction, but my finger is waiting.
I block its path with my finger.
It runs in the opposite direction, but I anticipate this.
Soon the ant is encircled by pens and other barriers, and if it attempts to climb them, swift punishment is issued.
The ant remains in my arena.
Then I take my knife, and nimbly place the tip onto one of its legs, holding it in place, then I press down hard and chop the leg off.
The ant does not run, it merely enters a craze moving all around wildly.
I allow it to suffer like this for a minute or so, chopping off another leg if it appears not to be in pain.
Then comes a decision.
Sometimes I will wait for another ant, and place it in the arena to see what it does.
Occasionally it will pick up its comrade, and run off, but this is an offense punishable by death.
Other times, I will merely watch the ant until it gives up.
It will stop moving all but one leg.
At this point I give in and slice the ant in two, putting it out of its misery.
I save the corpses in a small pile, and once I have a considerable stack, I scatter them in my arena.
This is where the real fun begins.I venture outside to my back yard and find a red ant.
This is my gladiator.
I return to my room and place him in among the corpses.
He wanders, confused.
I do not let him leave.
I pound the desk near him with my fingers, scaring him.
I toughen my gladiator up until another ant comes along.
I place the intruder into the arena.
The red ant will go after the black ant, and they engage in mortal combat.
If the red ant wins, another corpse decorates my arena.
If the black ant vanquishes his foe, he wins the prize of life.
I carry him in my hands and bring him downstairs and place him among his comrades.
If he put up a good fight, I give him a warriors welcome and feed his colony with bread.
If he barely defeated the red ant, he receives no food, only the gift of life.
This is how i spent my afternoons.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240296</id>
	<title>Re:News?</title>
	<author>plover</author>
	<datestamp>1266856020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>This article was not worth the five minutes I spent reading it.</p></div><p>Tell me about it.  I clicked on the link hoping it would have pictures of "the little man in the browser."  Was I disappointed.</p></div>
	</htmltext>
<tokenext>This article was not worth the five minutes I spent reading it.Tell me about it .
I clicked on the link hoping it would have pictures of " the little man in the browser .
" Was I disappointed .</tokentext>
<sentencetext>This article was not worth the five minutes I spent reading it.Tell me about it.
I clicked on the link hoping it would have pictures of "the little man in the browser.
"  Was I disappointed.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242366</id>
	<title>pirated Windows</title>
	<author>Max\_W</author>
	<datestamp>1266922560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Windows Security Essentials anti-virus are not available in all countries. I am on the duty trip in the FSU and Windows Security Essentials Page informs me: "Not available in your country".</p><p>Windows update checks for the authenticity of Windows.</p><p>As a result on millions of computers the OS is un-updated and anti-virus is absent.</p><p>In western countries the PCs have the authentic Windows, which is regularly updates itself, and an anti-virus. However, the majority of PCs in the world have a pirated Windows, no anti-virus, no-OS update.</p><p>These PCs are infested with viruses and trojans. I saw several bot-nets on one PC.</p><p>For people in western countries it may look like everything is more or less OK. But it is not OK. It is well manage chaos, part of the monopoly's strategy to suffocate its main threat: the free safe Internet (web applications), as its monopoly is in silos (PCs' applications).</p></htmltext>
<tokenext>Windows Security Essentials anti-virus are not available in all countries .
I am on the duty trip in the FSU and Windows Security Essentials Page informs me : " Not available in your country " .Windows update checks for the authenticity of Windows.As a result on millions of computers the OS is un-updated and anti-virus is absent.In western countries the PCs have the authentic Windows , which is regularly updates itself , and an anti-virus .
However , the majority of PCs in the world have a pirated Windows , no anti-virus , no-OS update.These PCs are infested with viruses and trojans .
I saw several bot-nets on one PC.For people in western countries it may look like everything is more or less OK. But it is not OK. It is well manage chaos , part of the monopoly 's strategy to suffocate its main threat : the free safe Internet ( web applications ) , as its monopoly is in silos ( PCs ' applications ) .</tokentext>
<sentencetext>Windows Security Essentials anti-virus are not available in all countries.
I am on the duty trip in the FSU and Windows Security Essentials Page informs me: "Not available in your country".Windows update checks for the authenticity of Windows.As a result on millions of computers the OS is un-updated and anti-virus is absent.In western countries the PCs have the authentic Windows, which is regularly updates itself, and an anti-virus.
However, the majority of PCs in the world have a pirated Windows, no anti-virus, no-OS update.These PCs are infested with viruses and trojans.
I saw several bot-nets on one PC.For people in western countries it may look like everything is more or less OK. But it is not OK. It is well manage chaos, part of the monopoly's strategy to suffocate its main threat: the free safe Internet (web applications), as its monopoly is in silos (PCs' applications).</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31255624</id>
	<title>Re:Well...</title>
	<author>st0nes</author>
	<datestamp>1266947700000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><blockquote><div><p>Seriously, how about a physical random token generator where someone has to enter what the token currently displays each time...</p></div></blockquote><p>

We had that at <a href="http://www.fnb.co.za/" title="fnb.co.za">my bank</a> [fnb.co.za]--it was called a digitag and you had to use it to log in.  I think they deprecated it because people were pressing the button twice and getting it out of synch which was causing a lot of support calls.<br> <br>

Now they send you a one time PIN by SMS to your cellphone which you need if you want to perform certain transactions, e.g. adding a new payment beneficiary. The SMS is free.</p></div>
	</htmltext>
<tokenext>Seriously , how about a physical random token generator where someone has to enter what the token currently displays each time.. . We had that at my bank [ fnb.co.za ] --it was called a digitag and you had to use it to log in .
I think they deprecated it because people were pressing the button twice and getting it out of synch which was causing a lot of support calls .
Now they send you a one time PIN by SMS to your cellphone which you need if you want to perform certain transactions , e.g .
adding a new payment beneficiary .
The SMS is free .</tokentext>
<sentencetext>Seriously, how about a physical random token generator where someone has to enter what the token currently displays each time...

We had that at my bank [fnb.co.za]--it was called a digitag and you had to use it to log in.
I think they deprecated it because people were pressing the button twice and getting it out of synch which was causing a lot of support calls.
Now they send you a one time PIN by SMS to your cellphone which you need if you want to perform certain transactions, e.g.
adding a new payment beneficiary.
The SMS is free.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240570</id>
	<title>Not that I know anything about this</title>
	<author>T Murphy</author>
	<datestamp>1266858540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>There are already physical random password generators- can they be directly plugged into the computer? If it either sends a password every few seconds or every time you are transmitting any financial information, it would require the attacker to stay in the middle to do anything. If the password generator uses the user input to help seed the password, shouldn't a MitM attack be foiled, as they cannot change the information and still have the password check out? The issue here is that the password generator has to be immune to input from the attacker.<br> <br>

Everything I know about security in these situations is from my misinterpretations of posts here on slashdot, so I must be missing something. Anyone care to elaborate on why this works/doesn't, or perhaps a better solution?</htmltext>
<tokenext>There are already physical random password generators- can they be directly plugged into the computer ?
If it either sends a password every few seconds or every time you are transmitting any financial information , it would require the attacker to stay in the middle to do anything .
If the password generator uses the user input to help seed the password , should n't a MitM attack be foiled , as they can not change the information and still have the password check out ?
The issue here is that the password generator has to be immune to input from the attacker .
Everything I know about security in these situations is from my misinterpretations of posts here on slashdot , so I must be missing something .
Anyone care to elaborate on why this works/does n't , or perhaps a better solution ?</tokentext>
<sentencetext>There are already physical random password generators- can they be directly plugged into the computer?
If it either sends a password every few seconds or every time you are transmitting any financial information, it would require the attacker to stay in the middle to do anything.
If the password generator uses the user input to help seed the password, shouldn't a MitM attack be foiled, as they cannot change the information and still have the password check out?
The issue here is that the password generator has to be immune to input from the attacker.
Everything I know about security in these situations is from my misinterpretations of posts here on slashdot, so I must be missing something.
Anyone care to elaborate on why this works/doesn't, or perhaps a better solution?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944</id>
	<title>Well duh!</title>
	<author>Anonymous</author>
	<datestamp>1266853020000</datestamp>
	<modclass>Funny</modclass>
	<modscore>5</modscore>
	<htmltext><p><div class="quote"><p>Banker trojans have become a serious problem</p></div><p>Look at how much they stole from the American taxpayer!  Oh wait, you're talking about computers.</p><p>Speaking of Trojans, they didn't even lube it up before they put it in our ass!</p></div>
	</htmltext>
<tokenext>Banker trojans have become a serious problemLook at how much they stole from the American taxpayer !
Oh wait , you 're talking about computers.Speaking of Trojans , they did n't even lube it up before they put it in our ass !</tokentext>
<sentencetext>Banker trojans have become a serious problemLook at how much they stole from the American taxpayer!
Oh wait, you're talking about computers.Speaking of Trojans, they didn't even lube it up before they put it in our ass!
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240356</id>
	<title>Pissed at Apple</title>
	<author>lullabud</author>
	<datestamp>1266856440000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext><p>I'm so pissed at Apple.  I bought the toolkit and made a mobile botnet iPhone app with controller but they won't approve it.  *sigh*  Such bullshit, they don't approve anything!</p></htmltext>
<tokenext>I 'm so pissed at Apple .
I bought the toolkit and made a mobile botnet iPhone app with controller but they wo n't approve it .
* sigh * Such bullshit , they do n't approve anything !</tokentext>
<sentencetext>I'm so pissed at Apple.
I bought the toolkit and made a mobile botnet iPhone app with controller but they won't approve it.
*sigh*  Such bullshit, they don't approve anything!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244534</id>
	<title>Re:Well...</title>
	<author>hesaigo999ca</author>
	<datestamp>1266940800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I agree there is a serious lack of security for the bank system, I go to mine, and they do all their transactions through web based online banking using their credentials which give them elevated privileges, through the website.<br>When I ask them to pay one of my bills, they log on, and access my account so they see all I see from my online banking, which tells me, if I can get a rootkit or keylogger, so can they, and theirs is more dangerous then ours.</p><p>I also asked the cashier if she could access the web (google and such) she said yes......then I asked her for her email in case i needed to send her some information about web security, she started to give it to me, and I told her to stop, and that she should never associate the 2, seriously misinformed by their network admins there!!</p></htmltext>
<tokenext>I agree there is a serious lack of security for the bank system , I go to mine , and they do all their transactions through web based online banking using their credentials which give them elevated privileges , through the website.When I ask them to pay one of my bills , they log on , and access my account so they see all I see from my online banking , which tells me , if I can get a rootkit or keylogger , so can they , and theirs is more dangerous then ours.I also asked the cashier if she could access the web ( google and such ) she said yes......then I asked her for her email in case i needed to send her some information about web security , she started to give it to me , and I told her to stop , and that she should never associate the 2 , seriously misinformed by their network admins there !
!</tokentext>
<sentencetext>I agree there is a serious lack of security for the bank system, I go to mine, and they do all their transactions through web based online banking using their credentials which give them elevated privileges, through the website.When I ask them to pay one of my bills, they log on, and access my account so they see all I see from my online banking, which tells me, if I can get a rootkit or keylogger, so can they, and theirs is more dangerous then ours.I also asked the cashier if she could access the web (google and such) she said yes......then I asked her for her email in case i needed to send her some information about web security, she started to give it to me, and I told her to stop, and that she should never associate the 2, seriously misinformed by their network admins there!
!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243176</id>
	<title>Re:pirated Windows</title>
	<author>cbreak</author>
	<datestamp>1266932040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I don't really feel sorry for them. If they are dumb enough to disable updating, then they should bear the responsibility. If they install botnets, then it's their fault. If they don't install any Anti-Virus software themselves, they will have to live without. No one forces people to use Windows.</p></htmltext>
<tokenext>I do n't really feel sorry for them .
If they are dumb enough to disable updating , then they should bear the responsibility .
If they install botnets , then it 's their fault .
If they do n't install any Anti-Virus software themselves , they will have to live without .
No one forces people to use Windows .</tokentext>
<sentencetext>I don't really feel sorry for them.
If they are dumb enough to disable updating, then they should bear the responsibility.
If they install botnets, then it's their fault.
If they don't install any Anti-Virus software themselves, they will have to live without.
No one forces people to use Windows.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242366</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31245448</id>
	<title>Re:Well...</title>
	<author>PerfectionLost</author>
	<datestamp>1266945720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Now if only I could find my cell phone...</p></htmltext>
<tokenext>Now if only I could find my cell phone.. .</tokentext>
<sentencetext>Now if only I could find my cell phone...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239934</id>
	<title>Test</title>
	<author>Anonymous</author>
	<datestamp>1266852960000</datestamp>
	<modclass>Funny</modclass>
	<modscore>1</modscore>
	<htmltext><p>Test</p></htmltext>
<tokenext>Test</tokentext>
<sentencetext>Test</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240658</id>
	<title>Re:fuckfuck</title>
	<author>Therilith</author>
	<datestamp>1266859320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Is that the best you can do? I'm barely offended and not at all shocked. This is <i>Slashdot</i> for Thor's sake. We pride ourselves on our trolls.</htmltext>
<tokenext>Is that the best you can do ?
I 'm barely offended and not at all shocked .
This is Slashdot for Thor 's sake .
We pride ourselves on our trolls .</tokentext>
<sentencetext>Is that the best you can do?
I'm barely offended and not at all shocked.
This is Slashdot for Thor's sake.
We pride ourselves on our trolls.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241108</id>
	<title>Re:The problem is Bob</title>
	<author>ls671</author>
	<datestamp>1266864120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>&gt; he does it without scanning the downloaded files or researching the reliability of the publisher</p><p>Is this what my nephew meant last week ?</p><p>He talked to me about mj55 verifying sums and computerized signature to assure that all the nice free programs I download aren't viruses but I did not quite get everything...</p></htmltext>
<tokenext>&gt; he does it without scanning the downloaded files or researching the reliability of the publisherIs this what my nephew meant last week ? He talked to me about mj55 verifying sums and computerized signature to assure that all the nice free programs I download are n't viruses but I did not quite get everything.. .</tokentext>
<sentencetext>&gt; he does it without scanning the downloaded files or researching the reliability of the publisherIs this what my nephew meant last week ?He talked to me about mj55 verifying sums and computerized signature to assure that all the nice free programs I download aren't viruses but I did not quite get everything...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240834</id>
	<title>Piracy</title>
	<author>P1aGu3ed</author>
	<datestamp>1266861060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>How are these underground communities preventing the toolkits from flooding usenet and bittorrent?

Perhaps software vendors could take a lesson from them?</htmltext>
<tokenext>How are these underground communities preventing the toolkits from flooding usenet and bittorrent ?
Perhaps software vendors could take a lesson from them ?</tokentext>
<sentencetext>How are these underground communities preventing the toolkits from flooding usenet and bittorrent?
Perhaps software vendors could take a lesson from them?</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241624
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240570
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244796
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240466
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242350
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240400
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241108
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244834
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242390
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239934
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243016
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240658
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242578
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240546
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240356
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31249936
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242390
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239934
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243076
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240236
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243644
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240346
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240336
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31246718
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242188
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241484
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240184
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240918
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240436
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240668
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242718
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240144
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31245506
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31255624
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241602
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243176
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242366
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240784
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240830
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240244
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240866
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243538
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31245448
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243532
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239934
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241982
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240244
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241238
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240160
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240576
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240304
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242218
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240296
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244534
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_02_22_2353257_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240338
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239944
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240918
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240514
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243538
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240784
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242718
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240668
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240658
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243016
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240212
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242350
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240304
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240346
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240466
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244796
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239934
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240944
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243532
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242390
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244834
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31249936
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31239998
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240254
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240282
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243644
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31245506
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31245448
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241602
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241238
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31255624
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242578
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240400
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31244534
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240258
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241484
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240570
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241624
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240010
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240296
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240336
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240160
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240356
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240546
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241234
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240484
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242366
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243176
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_02_22_2353257.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240056
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240126
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240244
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241982
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240830
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31243076
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242218
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240236
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240144
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240338
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240436
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240866
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240184
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31241108
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31240576
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31242188
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_02_22_2353257.31246718
</commentlist>
</conversation>
