Monthly Archives: February 2016

60 percent of Swedbank’s customers use password card for online banking

Swedbank_password_card

Nearly 60 percent of Swedbank’s private customers use password cards for online banking. This is in 2016, when already for several years there are much more comfortable and safer identification tools available, which do not involve the EUR 200 transaction limit.

By studying the reasons, it appears that people are not willing to change their habits. Password cards are familiar to them, they are used to them for a long time, they know exactly where the password card is located and know how to use it. They do not need to use it to learn something new.

One of the barrier also highlights the lack of trust in relation to the new authentication. People do not trust the things that they actually do not get to keep. They are not willing to go along with the changes quickly. Many assert that the EUR 200 payment limit does not hinder them.

Links:
http://kasulik.delfi.ee/news/uudised/e-riigi-hammastavad-numbrid-eesti-pangakliendid-kasutavad-ammu-iganenud-lahendust?id=73795383

Hacking systems protected by a simple password might not be an offense

Oskar_Gross

Oskar Gross, the manager of recently opened Cyber Crime Unit of Central Criminal Police writes in an opinion piece that Estonian legislation is at times more primitive than the actual cybercrime. Therefore, there may be a weird situation where hacking an account that is protected with a simple password such as “1234” is not an offense.

In the last commented edition of the Penal Code, the lawmaker rather boldly attempted to define the legal handling of computer systems’ passwords and security issues related to recovering password, and the end result is problematic in several aspects.

Penal Code has an important section §217 “Illegal obtaining of access to computer systems” which aims to penalize unauthorized access to computer systems. The commented edition of Penal Code clarifies that unauthorized access is not in case of amazingly simple passwords, such as “admin”, “123456” and “qwerty”, because such passwords can be guessed by an attacker or found from “the top worst passwords” on the Internet.

In short, this section comment says: “If you have a weak password, the access to your data is allowed.”

Links:
http://geenius.ee/uudis/arvamuslugu-kas-konto-parooliga-1234-avalik

Rain Ottis Decorated with the Order of the White Star

president_decorations

Estonian President Toomas Hendrik Ilves Wednesday signed the decision to decorate 99 persons for services to Estonia on the eve of the country’s 98th Independence Day celebration.

«The decorations are a testimony to Estonian people and our supporters outside Estonia for their determination in their actions and loyalty to the principles on which modern Estonia stands — openness, democracy, knowledge, innovation,» Ilves wrote in the decision to award the decorations.

Rain_Ottis

Our country is grateful to scientists whose research has helped to make Estonia greater. Decorations of the White Star are given to […] the founder of NATO CCDCOE and later the TUT Centre of Digital Forensics and Cyber Security, information technology scientist Rain Ottis.

Congratulations!

The White Star decoration was awarded also to the information security expert Toomas Nurmoja, but the Internet does not have much information about his merits.

Rain_Ottis

Toomas_Nurmoja

Links:
https://ccdcoe.org/centre-ambassador-rain-ottis-decorated-order-white-star.html
https://president.ee/et/meediakajastus/pressiteated/11983-2016-02-04-08-22-36/index.html

ID card or Mobile-ID required to post comments on ERR

err_comment_auth

In the Estonian and Russian language versions of Estonian public broadcasting portal Err.ee comments will be allowed only after identification with ID card or Mobile-ID.

Err.ee reported that for a wider audience commentators still remain anonymous and can use nicknames. However, their identification data – name and personal identity number – if necessary, will be available only to the chief editor, but not other media staff or readers. As explained ERR, user identification will allow if necessary to contact the commentators, for example, to find out further information.

Changes do not affect the English version of ERR.ee, because its users are mainly foreigners.

Links:
http://uudised.err.ee/v/eesti/d631cdc9-8393-4fc1-8fd7-96f5260c7d41/