[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <242a0a8f0606130624y19b040acpcd50fda9840f3bab@mail.gmail.com>
Date: Tue Jun 13 14:24:38 2006
From: eaton.lists at gmail.com (Brian Eaton)
Subject: FW: PassMark?
On 6/13/06, Josh L. Perrymon <joshuaperrymon@...il.com> wrote:
> I'm mean-- the more hoops you have to jump through will make it harder to
> attack or replicate from a phishing view.. but also making it much more
> cumbersome on users.
Ironic, considering one of the main goals of these systems is to make
web site verification less cumbersome. SSL certificates are great
from a cryptographic point of view, but are useless for most end
users.
Here's an article from May describing some of the issues with BofA and SiteKey:
http://www.baselinemag.com/print_article2/0,1217,a=178262,00.asp
"...after the bank made SiteKey mandatory, customers who had trouble
using it?for example, by failing to follow directions when they
registered?boosted calls to the bank's customer service centers by
25%..."
"...Even though SiteKey is not fully installed, it has already cut the
number of successful phishing attacks against the bank, according to
Claypool, although she won't say by how many. Attempted phishing
attacks have not decreased..."
Regards,
Brian
Powered by blists - more mailing lists