Posts Tagged ‘Trusteer Rapport’

Trusteer Rapport for Mac

Wednesday, September 1st, 2010

Trusteer Rapport is a piece of security software to help protect your Mac’s internet browser against key logging and phishing attacks. It is being pushed by a number of large banks including NatWest, ING and First Direct. I’ve previously written about using Trusteer Rapport on a PC , and today I’m putting up some screen shots of what it looks like on a Mac.

When installed (you can download it from here you’ll get an extra icon next to your address bar. It will be green if the website is being protected, and grey if it is not. You can choose to protect a website that you log into by right clicking on the grey Trusteer arrow and clicking on ‘Protect this website’.

trusteer rapport for mac 1

If you click on the arrow you’ll get an information box like this which will allow you to access the console.

trusteer rapport for mac 2

The first page of the console should look a bit like this giving you the option to disable the Trusteer Rapport icon.

Trusteer Rapport for Mac has a lot less options than the PC version. On the security policy page all the options are set to the highest level of protection apart from the ‘Warn when login information is used in unknown websites’.

trusteer rapport for mac 4

If you want you can set this option to ‘On my partner & my sensitive websites’, which will give you a warning if one websites’s password is entered into another website.

trusteer rapport for mac 5

I have read one account of someone having problems with Trusteer Rapport on a Mac, but I’ve not experienced any problems with it on my MacBook Pro. If you do find yourself wanting to uninstall it you can get full instructions from Trusteer’s uninstall page.

Setup Trusteer Rapport to protect other websites

Monday, February 22nd, 2010

Trusteer Rapport helps to stop key loggers from stealing your passwords, and stops viruses or spyware from seeing what you are doing in your web browser.

Many banks are now offering it for free download. You can for example download it from NatWest’s website here – even if you aren’t a NatWest customer.

It is preconfigured to protect a small number of partner websites, but you can configure it to protect other sites you use as well.

You can enable it for each website that you enter username / password / credit card details into. When on the website you want to protect click on the grey Rapport arrow, and then press the ‘Protect this Website’ button.

trusteer rapport unprotected website

Then:

trusteer rapport protect this website

When you are on a website it is protected if the arrow is green, and it is not protected if the arrow is grey.

As well as protecting each individual website I’d recommend you increase the level of protection Trusteer Rapport offers.

Increase the security from the default settings

Click on the ‘Rapport’ arrow in the address bar of the web browser and press ‘Open Console’.

trusteer rapport open console

Click on the green circle with the right facing arrow on the bottom right of the screen.

trusteer rapport green button

Click on ‘Edit Policy’.

trusteer rapport edit policy

On this screen go through all the pull down options and make sure the bottom option of each is selected.

trusteer rapport advanced configuration

Click ‘Save’. You will be told that it is a good idea to restart the computer. There’s no need to do this now. The setting will be applied when you next turn the computer on.

After saving you can close the Trusteer window by clicking on the green ‘x’ on the top right hand corner of the screen.

In my case I was able to turn all the settings up to the maximum level apart from the ‘Block Kernel Keylogging’. I found that this setting prevented my wireless keyboard from working. If you have a problem with a wireless keyboard after installing Trusteer Rapport then you should try turning this setting off too.

Using Trusteer Rapport

Trusteer is only configured by default to protect a few websites. You need to manually enable it for the sites that you enter username / password or other sensitive details into. You can enable it to work for up to 50 sites. Do this for each sensitive website when you visit it next.

When you visit a website that needs username password details, and which is not already protected (i.e. it has a grey Rapport arrow), click on the grey arrow and choose ‘Protect this website’ as detailed above.

When you submit your login details you will probably see this box. Select ‘Yes’.

trusteer rapport password monitoring

Trusteer Rapport will then warn you if this password is being sent to a new website – for example to a phishing website.

Trusteer Rapport password leakage problem

Wednesday, February 17th, 2010

If you bank online then there is a good chance you will have been prompted to install a software product called Trusteer Rapport. It is recommended by NatWest, HSBC, First Direct and a whole list of others.

Trusteer Rapport helps increase the security of your Windows operating system by attempting to block keystroke logging attempts, screen capturing, validating the IP address of sites you visit (to protect against phishing/pharming), and more.

On the whole it looks like a good piece of software to have on your computer when combined with an up to date virus scanner, firewall, spyware blocker, and Windows automatic updates turned on. I use it on my computer and intend to continue to use it for now.

However there are a number of worries about the software. RLR UK Secure IT Services has written about some of the worries here and here.

I have a new worry to add to the list.

Password leakage

One of Trusteer Rapports security measures is to warn you if you enter a known password onto a new site. This is a security measure to protect against the password for one site being stolen by another sites phishing attempt.

This is all good stuff. However they have created a new potential problem in the way they have implemented the warning message. If you use the same password on multiple sites (as most people do), and someone discovers your password, then they can use Trusteer Rapport to get a list of other sites that you have asked Rapport which use the same password.

The malicious user will need access to your computer to do this, but if they have this access then all they need to do is enter the password on a new website and they will trigger this Trusteer Rapport warning dialog.

Trusteer Rapport password information leak

You will see that in this example dialog Trusteer Rapport has now leaked that this particular password is also the same password used on 6 other websites.

This means that instead of gaining access to one account, the malicious user could gain access to many of your password protected accounts.

Now you can argue that users should use a different password for each site, but in reality that is never going to happen. People have two choices (unless they have some kind of super brain), they either use a small number of passwords they can remember on all their sites, or they write the passwords down somewhere. Most people will reuse the passwords.

I think Trusteer would be better off changing this message so that it doesn’t print out the names of the websites. Perhaps Rapport could just print out a message saying that this password is in use on other websites, and that this is a new website that has not been given this password before.

Overall

Despite this I’d still recommend using Trusteer Rapport at the moment as it does many things which will increase the security on your computer. You must make sure you use it in combination with up to date anti-virus and anti-spyware.