Re: Anti-Phishing with digital watermarking

[Ansgar Wiechers <bugtraq () planetcobalt net>]

On 2008-09-30 Razi Shaban wrote:
> > I'd say it's closer to 100% unreliable than to 100% reliable.
>
> Prove it.

Let's see you prove your "close to 100% reliable" claim first, shall we?

> > But even if it isn't, how do you calculate the chances? You just have
> > too many variables.
>
> You don't need chances,

Is that so? You don't care at all about how many phishig attempts remain
undetected?

> you just need to know that the majority of people on the internet have
> no clue what they're doing. This is true. Thus, it is likely that the
> script will be run.

Phishers, however, don't tend to be among the (admittedly large) group
of people without a clue, so the script most likely won't be run in
exactly those situations it was made to detect.

> > You noticed the word "security" in this mailinglist's name? What
> > makes you think a measure of questionable reliability could possibly
> > count as a security measure?
>
> If you read the original post, you would notice that the goal here is
> to "be alerted" when a phishing attack occurs.

If you read my posts, you would notice that I strongly doubt that this
"alerting" is going to happen. For the reasons I outlined.

Regards
Ansgar Wiechers
-- 
"The Mac OS X kernel should never panic because, when it does, it
seriously inconveniences the user."
--http://developer.apple.com/technotes/tn2004/tn2118.html