The attempts on my PBX are increasing and increasing and from the mailing lists I get a similar picture. The big issue is that many, if not most, ISPs don't react to complaints. For that reason I will, starting now, publish the top 20 of attacking IPs here on my website, including whois links, so people can see, how big the problem is and what providers do. I'll additionally start compiling a blacklist of the "worst" networks, so admins can put those addresses in their firewall rulesets.

I hold a Finnish identity card with strong authentication certificate (FINeID). The FINeID website states, this card could also be used for online banking, so I contacted my bank Nordea and asked how to do that. The first answer was a mile long copy-paste text about the FINeID card which was no clear answer to my question, so I asked again and received the information that Nordea Finland offers any kind of card authentication only for business customers. After I pointed out that the current code system is obsolete and insecure and that I used HBCI cards for online banking in Germany already 10 years before I moved to Finland, the customer service replied that Nordea's netbank code system was oldfashioned but quite secure.

Well, let's have a look at how secure the system really is...

Page 2 of 5