gufus said:
Hello, All!
I've been using Trusteer for another layer of security for awhile now. It
work's pretty good. Any comments on this desktop security utility.
http://www.trusteer.com/
Trusteer is a company name, not a product name. So what PRODUCT of
theirs are you using?
None of their products (Rapport, Flashlight, and PinPoint) are end-user
security solutions.
Rapport requires a secure channel established at both ends of the
connection (like SSL or VPN do) and so requires their product be
installed on BOTH the client *and* the server. If it isn't used on the
server to establish a secure connection with a client using the product
then there is no secure connection. For example, your bank might deploy
Rapport on their servers and offer you a client-side download which then
permits you to have secure channel between your client and their server;
however, just installing Rapport on your host gives you absolutely
nothing in way of security unless the site to which you connect is also
using Rapport. Go read
http://www.trusteer.com/webform/download-rapport
and notice that the *server-side* is using Rapport and offering you a
means of securing connecting to them.
Flashlight is an end-to-end interrogation tool used by financial
institutions to analyze malware used against them. It isn't an end-user
solution.
PinPoint is a logon transaction monitoring system which obviously needs
to be installed on the server where you are logging in. Obviously this
is a server-side solution and not a client or customer solution.
None of their products are single-sided or one-ended solutions employed
by only the client (user). They are enterprise solutions. If you
installed something of theirs on your host and don't connect to matching
sites that also implement their software then you have nothing on your
end doing any protection. These aren't standalone security solutions.
They are enterprise-level products used to protect THEIR servers. The
client software is free to you because the owner of the server had to
buy the product to use with their service(s). They are protecting THEIR
butt, not yours, but putting spin on marketing a product to make
customers feel happy is very common practice.
"Trusteer works with more than 70 leading banks around the world to keep
your online bank account safe from online fraudsters." Yeah, and that
works if the bank you use has deployed Trusteer's products on THEIR
servers and then offered you the free client-side plug-in to use that
added security on their server. Well, did you get the plug-in from your
bank? If they don't offer it then nothing of Rapport is going to secure
your communication beyond what the site already provides without
Rapport. And how is this going to protect you when visiting sites OTHER
than your bank? You know, all those other sites that don't have Rapport
enterprise services on their servers.
Installing the Rapport plug-in for your web browser is only HALF of that
product solution. You also must connect to a site that uses Rapport.
Well, if your bank is using Rapport then it might be worth installing
its client plug-in. As for anywhere else, Rapport isn't going to do
anything to further secure your communications. Other than your bank
(and *if* they offered the plug-in to show they provide Rapport
support), just how many other sites have you visited where the address
bar icon for Rapport is colored green (showing it is active)?
There are currently only 90 sites that are Rapport-supported servers.
Yes, you can add other sites but all that does is try to prevent malware
(e.g., keyloggers) from obtaining your login credentials. Alas, if you
can see your login progress as you enter it from your keyboard then a
keylogger can still get it. This is very specific security software for
very specific uses by a limited number of sites.
Of very limited usefulness.
