EvilZone
Hacking and Security => Hacking and Security => : m0l0ko October 05, 2012, 04:23:01 PM
-
I don't do online banking but sometimes I buy stuff with a credit card. I usually use a prepaid credit card so if the credit card number falls into the wrong hands, they won't be able to use the number (since you get a new number every time you top up) but sometimes I order stuff for other people who give me their credit card to do it.
The fact that using a VPN, means all data you send is encrypted would be a plus but is there a risk of people on the VPN intercepting credit card numbers or other confidential data? I haven't yet got my head around how VPNs work but I have a good understanding of how Tor works. I can see that all data is encrypted until it reaches the end node, then its decrypted and sent to the target site. Since the end node can be anyone on the tor network, someone with a sniffer can intercept data. In fact, I read an article about a Swedish hacker who got hundreds of usernames and passwords of US government workers who thought that by using Tor, their data would be completely safe. I don't really know how VPNs work, does the same problem exist where someone on the VPN can sniff data?
-
As easy as credit card dumps are to get online, Id be surprised if someone really looked to try and do it the hard way for 1 on a VPN.
There are stories all the time of 'X Bank' getting hacked and comprimising thousands of CC numbers, PIN/DOB/Mothers Maiden Name, etc etc etc at one time. Why would anyone fight through a VPN to get access to 1 number when you can go for the Gusto and potentially get tens of thousands?
-
As easy as credit card dumps are to get online, Id be surprised if someone really looked to try and do it the hard way for 1 on a VPN.
There are stories all the time of 'X Bank' getting hacked and comprimising thousands of CC numbers, PIN/DOB/Mothers Maiden Name, etc etc etc at one time. Why would anyone fight through a VPN to get access to 1 number when you can go for the Gusto and potentially get tens of thousands?
But he is talking about the vpn provider getting his info..... and you are making it sound like hacking into a large online banking website is a walk in the park and hacking into a vpn's network is the hardest thing in the world to do.
@OP Why do you need a vpn? Are you buying something illegal? If so, I would be more worried about the people I was buying from stealing my CC than the vpn I was using.
-
But he is talking about the vpn provider getting his info..... and you are making it sound like hacking into a large online banking website is a walk in the park and hacking into a vpn's network is the hardest thing in the world to do.
My point stands - why would your VPN providor wants to expend the effort to steal ONE credit card number? I try and keep an eye on my accounts, so even if by some chance someone got a hold of something, they wouldnt have it very long before I noticed, and most companies dont hold card holder's responsible for fraudulant charges.
I didnt mean to imply that a VPN network is difficult to get into, or an online banking site is easy, just that you have to look at the risk vs reward. Why would your VPN provider steal the credit card number of a customer? Even though its really difficult to hack a bank, its very easy to buy CC numbers at numerous places that arent directly traced back to your business....
@OP Why do you need a vpn? Are you buying something illegal? If so, I would be more worried about the people I was buying from stealing my CC than the vpn I was using.
Now THAT I agree with.
-
Well considering the use of SSL/TLS , as long as the handshake is establised with the server directly and nothing is intercepted (VPN provider would need hes own root cert which is unlikely) its safe to assume that you are as safe as you would be on a public hotspot or alike.
The question was "if" not "why" for all you know the VPN provider is an asshole.
-
@op.. All i would say is you like posting "hypothetical"questions and"hypothetically" if someone is upto no good than the said person would all the very same "hypothetical"questions.
Said person is
#1 suffering from hysteria
#2 buying something frowned upon
#3 has way too much black money
#4 is trying to launder money
#5 gets a thrill out of it..
#6 is under surveillance
#7 planning a scam
Your questions bore a " small" resemblance to such situation.