RE: (Yet Another) Lost Ernst & Young Laptop Exposes IBMStaff

["Justin Polazzo" <jpolazzo () thesportsauthority com>]

-----Original Message-----
From: Valdis.Kletnieks () vt edu [mailto:Valdis.Kletnieks () vt edu] 
Sent: Thursday, March 16, 2006 1:13 PM
To: Justin Polazzo
Cc: Blanchard_Michael () emc com; funsec () linuxbox org
Subject: Re: [funsec] (Yet Another) Lost Ernst & Young Laptop Exposes
IBMStaff 

On Thu, 16 Mar 2006 12:28:30 MST, Justin Polazzo said:

> Or better yet, have per transaction CC#'s that you can create when you

> know you are dealing with a disreputable source (eg most everyone). 
> You could gen a CC# with enough credit to handle the current
transaction.

> > Already deployed by several companies for use with Internet purchases.


Those didn't work too well if I remember correctly (german banking
sites?)

A better idea would be a Cyber-Card that would be able to generate the
numbers from the card directly (maybe a thin calculator type card rather
than just plastic) that way you could keep the generation of the certs
off the (most often) compromised pc's

-JP

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.