[FoRK] Poisoned DNS and informal certificates
silky
<michaelslists at gmail.com> on
Tue Feb 19 15:53:02 PST 2008
On Feb 20, 2008 10:46 AM, Tom Higgins <tomhiggins at gmail.com> wrote:
> In a more perfect world bank access would be done via one time use pads.
Accessing a bank is trivially solved with a "offline" contact model
that you use. I once suggested that the bank would email you your "one
time" password when you requested to log in. Then you just use that
within a time period to get in; there is no chance of you being
phished for information under that model, because you can't get any
useful information out. The banks email would not display to you,
even, the password, it would just generate a link which you click.
Maybe you could, if prompted, copy that link into the MITM site; but
it does sufficiently, I think, lower the minimum stupidity level
required to be successfully phished .
> And yea, even then...and yea hte overhead of machinations..
>
> -tom(we need to go to a GP standard...whats the conversion to platnium
> again?:)-)higgins
>
> _______________________________________________
> FoRK mailing list
> http://xent.com/mailman/listinfo/fork
--
http://lets.coozi.com.au/
A: Because it messes up the order in which people normally read text.
Q: Why is it such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?
More information about the FoRK
mailing list