Security Basics mailing list archives
Re: Anti-Phishing with digital watermarking
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Tue, 30 Sep 2008 01:06:23 +0200
On 2008-09-30 Razi Shaban wrote:
Which, of course, is totally unreliable (and thus utterly pointless as a security measure), because you make way too much assumptions (client has JavaScript enabled, phisher doesn't check the used website for phone- home code, phisher uses the original website in the first place, ...).So because it is not 100% reliable, we shouldn't use it?
I'd say it's closer to 100% unreliable than to 100% reliable. But even if it isn't, how do you calculate the chances? You just have too many variables. You noticed the word "security" in this mailinglist's name? What makes you think a measure of questionable reliability could possibly count as a security measure? Regards Ansgar Wiechers -- "The Mac OS X kernel should never panic because, when it does, it seriously inconveniences the user." --http://developer.apple.com/technotes/tn2004/tn2118.html
Current thread:
- RE: Anti-Phishing with digital watermarking, (continued)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- Re: Anti-Phishing with digital watermarking Ron (Sep 26)
- Re: Anti-Phishing with digital watermarking Umil (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 26)
- RE: Anti-Phishing with digital watermarking Matt Flynn (Sep 26)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 29)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 29)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Ryan Greenier (Sep 30)
- Re: Anti-Phishing with digital watermarking Ansgar Wiechers (Sep 30)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)
- Re: Anti-Phishing with digital watermarking Razi Shaban (Sep 30)