| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: tobias at weisserth.de (Tobias Weisserth) Subject: Anti-MS drivel Hi Greg, Am Do, den 22.01.2004 schrieb Gregh um 07:21: > ... > That has nothing to do with ANYTHING. If I install a keylogger on YOUR > computer and you DONT know about it and let's say your bank was at > www.bank.com and your account name was BOB and password was 123ghqofc0 > right? Now you have just gone to the bank's web site and have typed, in > plain text on your keyboard, that username and password. Where does > CRYPTOGRAPHY stop that being recorded as you TYPE it and later sent > elsewhere? Surely you know what a keylogger IS dont you? You couldn't do a thing with the account information of a European online bankin account. You need a new TAN number for every transaction you make. Even changing personal data of the account settings requires a TAN. No keylogger in the world can make you use this account if you haven't the TANs. Delivering TANs may be a "low tech" measure but it works. There hasn't been a single reported incident of online banking fraud I know of. For the rest, you have read my views in most other mails, cheers, Tobias
Powered by blists - more mailing lists