TurboTax - Linux?

Aleksandar Milivojevic amilivojevic at pbl.ca
Mon Feb 14 15:24:09 UTC 2005 

STYMA, ROBERT E (ROBERT) wrote:
> Actaully no.  No more than using ssh is sending your
> password over the net.  Electronic filing uses a secure
> tcp/ip protocol.

If you do your tax filing over the web, it is done using secure network 
protocol.  Actually, for HTTPS, I can check what encryption scheme is 
used (just click on the lock icon).  If I don't like it, I can simply 
disconnect and do my taxes elswhere or using some other method.  For net 
filing, I have no idea what they are using and how secure it is.  I can 
only hope that they are using same encryption algorithm (for example 
3DES or AES) as the ones used for HTTPS protocol.  That would mean net 
filing has exactly the same security as HTTPS.  If they are using some 
propriatory protocol (instead of the standard ones), I'd stay clear from 
net filing and use good old paper and pen.  All propriatory protocols in 
history of mankind have proven to be trivial to brake.

Even if you do it all on your PC, your information is going to be stored 
on two networked computers.  Your desktop PC running Windows will be one 
of them.  And we all know how secure is desktop PC.  Once you transfer 
it over, it is going to exist for some amount of time on another 
networked computer.  Your government's tax agency computer.

The only good reason against doing taxes over the web is that you trust 
third party (privatly owned entity) with your private data.  But on the 
other hand, as soon as you hire some agency and/or accountant to do your 
taxes, you are doing basically the same thing.  As long as you live in 
country with sufficient legal regulations that requires anybody doing 
taxes (including over the web) to protect your privacy, you should be fine.

Have in mind that braking into your desktop PC is almost zero-risk 
thing.  There'll probably be no consequences for attacker even in 
unlikely case that he is detected.  You do not have sufficient funds to 
do much about it.  Your funds are barely enough to set up basic defenses 
for that matter.  On the other hand breaking into accounting company's 
computers or government computers is completely different story.  They 
have funds to hunt down the attacker.  Unlike you, they have funds to 
create secure environment.  If I have to keep my confidential data 
anywhere, the last place I'd like to see them stored is desktop Windows 
machine.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the fedora-list mailing list