Re: Anti-Phishing with digital watermarking

[Ansgar Wiechers <bugtraq () planetcobalt net>]

On 2008-09-30 Razi Shaban wrote:
> > Which, of course, is totally unreliable (and thus utterly pointless
> > as a security measure), because you make way too much assumptions
> > (client has JavaScript enabled, phisher doesn't check the used
> > website for phone- home code, phisher uses the original website in
> > the first place, ...).
>
> So because it is not 100% reliable, we shouldn't use it?

I'd say it's closer to 100% unreliable than to 100% reliable. But even
if it isn't, how do you calculate the chances? You just have too many
variables.

You noticed the word "security" in this mailinglist's name? What makes
you think a measure of questionable reliability could possibly count as
a security measure?

Regards
Ansgar Wiechers
-- 
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html