Firewall Wizards mailing list archives
Re: Transitive Trust: 40 million credit cards hack'd
From: Kevin <kkadow () gmail com>
Date: Tue, 21 Jun 2005 14:00:24 -0500
On 6/21/05, Brian Loe <knobdy () stjoelive com> wrote:
I had no idea anyone was doing this, what an excellent example for future employers!
I'm not sure if this is a sarcastic dig at me, at E*Trade/AOL, or if it is meant to as a serious comment? I am not privy to the details, but a close a look at the history of SecurID token deployment inside AOL could be an educational example of an employer's deployment of hardware tokens to address social engineering attacks against support staff accounts...
Take for example the SecurID tokens issued by E*Trade and AOL. Does anybody really believe that E*Trade is giving their customers "free" tokens to help protect the user from hackers, rather than to protect E*Trade from users who say "I didn't make that losing trade, my account must have been hacked, refund my losses!"?
The "I didn't make that losing trade" scenario is a big deal for online trading firms, second only to complaints about how long it took to execute the customer's odd lot :) Kevin Kadow Disclaimer: While I have in the past worked for a trading firm which was later acquired by E*Trade, I have never been an E*Trade employee or contractor, and I bear them no ill will. I am a moderator of the unofficial SecurID users group, http://groups.yahoo.com/group/securid-users/ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: Transitive Trust: 40 million credit cards hack'd Behm, Jeffrey L. (Jun 20)
- Message not available
- RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 20)
- Re: Transitive Trust: 40 million credit cards hack'd Adam Shostack (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Bill Sharrock (Jun 29)
- RE: Transitive Trust: 40 million credit cards hack'd Marcus J. Ranum (Jun 20)
- Message not available
- RE: Transitive Trust: 40 million credit cards hack'd Paul D. Robertson (Jun 20)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Brian Loe (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin (Jun 20)
- <Possible follow-ups>
- RE: Transitive Trust: 40 million credit cards hack'd Richards, Jim (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Eugene Kuznetsov (Jun 20)
- RE: Broken Analogies (was: Transitive Trust) Ben Nagy (Jun 21)
- RE: Broken Analogies (was: Transitive Trust) Brian Loe (Jun 21)
- RE: Transitive Trust: 40 million credit cards hack'd Eugene Kuznetsov (Jun 20)
- RE: Transitive Trust: 40 million credit cards hack'd Paul Melson (Jun 21)
- Re: Transitive Trust: 40 million credit cards hack'd Kevin Sheldrake (Jun 30)