> until my bank got more 'security paranoid' I don't blame them. Yet while doing that they should also give options to travelers, and proxy/vpn users (corp, school, at friends, on wifi) as well. I'd gladly visit a branch to check that box. Then again, bank policies reflect who they work for, which is not their depositors.
> The chance of an evil Tor node doing damage to my online banking is > impossible... This is false. An exit node could easily MITM / phish you, and before you realize, have siphoned off your account. At minimum, whether via clearnet or Tor, you need to validate the cert chain (useful for convenience, not security), verify and pin down the cert fingerprint, and ((secure your DNS and routing) || (hope the real cert wasn't stolen from the bank)). _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
