WebApp Sec mailing list archives
Re: Proposal to anti-phishing
From: Florian Weimer <fw () deneb enyo de>
Date: Fri, 14 Jan 2005 23:58:21 +0100
* Rafael San Miguel:
The solution is based in a hardware token that is delivered to every customer. This token includes the true certificate that should be presented by the bank when a customer access his/her account, and a program that checks if the certificate presented by the webpage is consistent with the first one. The program is in read-only memory so that it can't be modified by anything external to it.
It's acceptable neither to customers nor to banks. These days, zero-setup online banking is an absolute must.
Current thread:
- RE: Proposal to anti-phishing, (continued)
- RE: Proposal to anti-phishing Lyal Collins (Jan 16)
- Re: Proposal to anti-phishing Moksha Faced (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 19)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 16)
- Re: Proposal to anti-phishing Rob Skedgell (Jan 19)
- Re: Proposal to anti-phishing Cory Foy (Jan 23)
- Re: Data sanitization approaches in Java Jeff Williams (Jan 16)
- Re: Data sanitization approaches in Java Stephen de Vries (Jan 19)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 23)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 24)
- RE: Proposal to anti-phishing Lyal Collins (Jan 24)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 24)
- Re: Proposal to anti-phishing Griffiths, Ian (Jan 24)
- RE: Proposal to anti-phishing Lyal Collins (Jan 24)
- RE: Proposal to anti-phishing Lyal Collins (Jan 24)
- RE: Proposal to anti-phishing lists (Jan 24)
- Re: Proposal to anti-phishing Kurt Seifried (Jan 24)