Helping people with computers... one answer at a time.
Websites open in different browsers, windows, or tabs should be unable to interact or see each other. Emphasis on "should".
While using my bank's secure site, I realized that an unsecured site (Hotmail) was still running in the background. Would this compromise the data on the secure bank site?
OK, there are no absolutes when it comes to computing, so a more accurate answer is actually it shouldn't: It should be perfectly safe to have your bank open in one window or tab, and an unsecured site, such as Hotmail, open in another.
Let me explain why I have to say "should".
Two sites that are being viewed in separate windows aren't supposed to be able to interact or even know that the other exists.
However, there's no such thing as bug-free software, and it's conceivable that a vulnerability exists that might allow a malicious website in one window to somehow affect or interact with the other. It's not likely, but certainly possible.
That's one of the reasons why keeping your browser and operating system as up to date as possible is so important. Vulnerabilities such as this are fixed when found, but the only way that you'd get the fix is to keep your software up to date.
This is also another case where keeping Windows itself up to date is key as well. Regardless of which web browser, you use it's Windows that provides the underlying system services. An unpatched vulnerability in those services could indeed manifest through your browser.
You don't visit malicious sites, do you? Sites where perhaps questionable or even illegal content is made available?
I'm sure you don't.
But for a moment, let's pretend that you do.
Those are sites that I would recommend against having open in other windows or tabs while you do your online banking.
The issue isn't so much about cross-window access as it is about malware. If your machine gets some sort of infection from visiting a malicious website, then it's possible that your anti-malware tools might not be able to stop it before it does something to compromise your system; this could exploit the fact that you happen to have your banking window open at the same time. The anti-malware tools may clean up after, but by then, it may be too late.
Naturally, I recommend avoiding potentially malicious sites to begin with, but if your habits include the questionable, then don't try and bank online at the same time.
And for the record, while I seriously question its use as an email service, I don't consider Hotmail a questionable site.
The real threat to online banking isn't from other sites being open in your browser; it's from malware, such as viruses or spyware, already on your machine.
Naturally, all of the standard advice applies: keeping your system up to date, using your anti-virus, anti-spyware and firewall, and, of course, following good online behavior should all be used.
There are individuals who actually recommend keeping a separate computer, perhaps even running a non-Windows operating system, for online banking. I can't really fault the thinking, but in my own case, I simply follow the advice above and feel plenty secure.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.