RE: Bank Of Montreal Online Security

["Scott Herbert" <scott.a.herbert () googlemail com>]

> The US has only now (March 2012) started insentives to adopt Pin and Chip
> credit cards (to avoid the failed PCI-DSS.)

Chip and Pin can be broken by a MiM attack[1], but it's still a lot better the 
single factor auth being rolled out by UK banks in the form of NFC cards 
[2][3]

[1] 
http://www.cl.cam.ac.uk/research/security/banking/nopin/oakland10chipbroken.pdf
[2] 
http://www.barclays.co.uk/Helpsupport/Barclayscontactlessdebitcards/P1242561764200
[3] 
http://www.gizmodo.co.uk/2012/03/barclays-debit-cards-details-can-be-nicked-with-an-nfc-mobile-bump/




begin 666 smime.p7s
M,( &"2J&2(;W#0$'`J" ,( "`0$Q#S -!@E@AD@!90,$`@,%`#" !@DJADB&
M]PT!!P$``*""$SHP@@0V,((#'J #`@$"`@$!, T&"2J&2(;W#0$!!04`,&\Q
M"S )!@-5! 83`E-%,10P$@8#500*$PM!9&14<G5S="!!0C$F,"0&`U4$"Q,=
M061D5')U<W0@17AT97)N86P@5%10($YE='=O<FLQ(C @!@-5! ,3&4%D9%1R
M=7-T($5X=&5R;F%L($-!(%)O;W0P'A<-,# P-3,P,3 T.#,X6A<-,C P-3,P
M,3 T.#,X6C!O,0LP"08#500&$P)313$4,!(&`U4$"A,+061D5')U<W0@04(Q
M)C D!@-5! L3'4%D9%1R=7-T($5X=&5R;F%L(%144"!.971W;W)K,2(P( 8#
M500#$QE!9&14<G5S="!%>'1E<FYA;"!#02!2;V]T,((!(C -!@DJADB&]PT!
M`0$%``."`0\`,((!"@*"`0$`M_<:,^;R``0M.>!.6^T?O&P/S;7Z([;.WIL1
M,Y>D*4Q]DY^]2KR3[0,:XX_/Y6U06M:7*91:@+!)>MLNE?VXRK\W."T>/I%!
MK7!6Q_!//^@RGG3*R)!4Z<9?#WB=FD \#JQAJEX4CYZ'H6I0W->:3J\%LZ9Q
ME)QQLU!@"L<3G3@'A@*HZ:AI)AB0JTRP3R.K.D^$V-_.G^%I;[O70M=K1.3'
MK>YM05]R6G$(-[-Y9:19H)0W]P`O#<*2<MK0.'+;%*A%Q%TJ?;>TUL3NK,T3
M1+?)*]U#`"7Z8;EI:E@C$;>G,X]6=5GUS2G71K<**V6VTT)O%;*X>_OOZ5U3
MU31:)P(#`0`!HX'<,('9,!T&`U4=#@06!!2MO9AZ-+0F]_K$)E3O`[W@),M4
M&C +!@-5'0\$! ,"`08P#P8#51T3`0'_! 4P`P$!_S"!F08#51TC!(&1,(&.
M@!2MO9AZ-+0F]_K$)E3O`[W@),M4&J%SI'$P;S$+, D&`U4$!A,"4T4Q%# 2
M!@-5! H3"T%D9%1R=7-T($%",28P) 8#500+$QU!9&14<G5S="!%>'1E<FYA
M;"!45% @3F5T=V]R:S$B," &`U4$`Q,9061D5')U<W0@17AT97)N86P@0T$@
M4F]O=((!`3 -!@DJADB&]PT!`04%``."`0$`L)O@A27"UB/B#Y8&DIU!F)S9
MA'F!V1Y;% <C-F6/L-AWNZQ!;$=@@U&P^3(]Y_SV)A/'@!:EOUK\A\]X>8DA
MFN),!PJ&-;SRWE'$TI:WW'Y.[G#]'#GK# )1%"V.O1;@P=]&=><DK>ST0K2%
MDW 09[J=!C5*&-,K>LQ10J%Z8]'FNZ'%*\(VOA,-YKUC?GE[IPD-0*MJW8^*
MP_;VC!I"!5'41?6?IV(A:!4@0SR9YWR])-BID1=SB#]6&S$X&+1Q#YK-R Z>
MCBX;X8R8@\L?,?%$3,8$<TEV8 _'^+T7@&LNZ<Q,#EJ:>0\@"B[5GF,F'E62
ME-B"%UI[T+S'CTZ&!#""!)TP@@.%H ,"`0("$#0]Z2NL)S3_C\LTE/O,<%0P
M#08)*H9(AO<-`0$%!0`P;S$+, D&`U4$!A,"4T4Q%# 2!@-5! H3"T%D9%1R
M=7-T($%",28P) 8#500+$QU!9&14<G5S="!%>'1E<FYA;"!45% @3F5T=V]R
M:S$B," &`U4$`Q,9061D5')U<W0@17AT97)N86P@0T$@4F]O=# >%PTP-3 V
M,#<P.# Y,3!:%PTR,# U,S Q,#0X,SA:,(&N,0LP"08#500&$P)54S$+, D&
M`U4$"!,"550Q%S 5!@-5! <3#E-A;'0@3&%K92!#:71Y,1XP' 8#500*$Q54
M:&4@55-%4E1255-4($YE='=O<FLQ(3 ?!@-5! L3&&AT=' Z+R]W=W<N=7-E
M<G1R=7-T+F-O;3$V,#0&`U4$`Q,M551.+55315)&:7)S="U#;&EE;G0@075T
M:&5N=&EC871I;VX@86YD($5M86EL,((!(C -!@DJADB&]PT!`0$%``."`0\`
M,((!"@*"`0$`LCF%I/)]JT$[8D8WKLW!8'6\.67Y2AI'HKG,2,QJF-5--1FY
MI$+ESDGBBB\>?-(Q!\=.M(-DG2XIU:)DQ(6]A5$U>:1.:)![''JDDJ@7\I@5
M\I/,R:0RE;L,3S"]F* +B^5N&Z)&^GB\HF^K65ZE+\_*VFVJ+^NLH;-JJK<N
M9S6+>>$>:8CBYD;-H*7JO@O.=CIZ#IOJ_-HG6SUS'R+F2&'&3/-IL:@N&[;4
M,2 LO(**CJ0.I=>)0_P66J\=<=<16=JZAPVO^O/APO"DQ6>,UM94.MX*I+H#
M=[-ER/T>TW1BJAC*:),>H85^]4=ER_A-5RATTC3_,+;N]F(P%(PLZP(#`0`!
MHX'T,('Q,!\&`U4=(P08,!: %*V]F'HTM";W^L0F5.\#O> DRU0:,!T&`U4=
M#@06!!2)@F=]Q)TF< !+M%!(?-X]K@1N?3 .!@-5'0\!`?\$! ,"`08P#P8#
M51T3`0'_! 4P`P$!_S 1!@-5'2 $"C (, 8&!%4=( `P1 8#51T?!#TP.S Y
MH#>@-88S:'1T<#HO+V-R;"YU<V5R=')U<W0N8V]M+T%D9%1R=7-T17AT97)N
M86Q#05)O;W0N8W)L,#4&""L&`04%!P$!!"DP)S E!@@K!@$%!0<P`889:'1T
M<#HO+V]C<W N=7-E<G1R=7-T+F-O;3 -!@DJADB&]PT!`04%``."`0$``;R<
MXV,HL/,Q`<+?>]UBH &=(S$/G))S4U'J'TSZUI_$RB]G?G@S#W06N9&'D?6*
M)OID< #8'OD+!&)0AY.!U-KU(]LTNX56M' T;GB#-QZ%',41%9)?AQ>]K&K]
M\<+1S(E?L7SP/E'R-?-\[&"8:SHKX._?LWV&Z[4;]5OLHGR8$]<`4+G1+7/>
M`WATX06%,5[+FKF=E,:YE#=U<MQ$^V?H\/HE'E*GVB7I1^"@QSR@3K$*-OMW
M2)_OEXK[M/[CE!2H@[Q<+3_28'%@[L)Q@@SIB#;CVB"THZ!LJI9+N(".=<I)
M!_8[%+K?W 79G]O@LN9-H'@FY^<M;G]?QAZ(%3""!1HP@@0"H ,"`0("$&T9
MZJ<93VHS(N8B,GJJ<=XP#08)*H9(AO<-`0$%!0`P@:XQ"S )!@-5! 83`E53
M,0LP"08#500($P)55#$7,!4&`U4$!Q,.4V%L="!,86ME($-I='DQ'C <!@-5
M! H3%51H92!54T525%)54U0@3F5T=V]R:S$A,!\&`U4$"Q,8:'1T<#HO+W=W
M=RYU<V5R=')U<W0N8V]M,38P- 8#500#$RU55$XM55-%4D9I<G-T+4-L:65N
M="!!=71H96YT:6-A=&EO;B!A;F0@16UA:6PP'A<-,3$P-#(X,# P,# P6A<-
M,C P-3,P,3 T.#,X6C"!DS$+, D&`U4$!A,"1T(Q&S 9!@-5! @3$D=R96%T
M97(@36%N8VAE<W1E<C$0, X&`U4$!Q,'4V%L9F]R9#$:,!@&`U4$"A,10T]-
M3T1/($-!($QI;6ET960Q.3 W!@-5! ,3,$-/34]$3R!#;&EE;G0@075T:&5N
M=&EC871I;VX@86YD(%-E8W5R92!%;6%I;"!#03""`2(P#08)*H9(AO<-`0$!
M!0`#@@$/`#""`0H"@@$!`)*$A%M+5YC47B^+I.% R*-36%]F9?$R3O>?,GU5
MT'A,5;="E.#Y)W$'Q<9II+DRQ/% &I#,)U9B?Q>U<6FNY2 ;Y,MC7F#*HD'V
M:N&C_[C?'TAM94.,*BXK8SAWW[$7K,+:@@+6U#)JU&=O(!./7#7ZY52 K]AQ
M"ATW"@)04VR5':D0%+29E5D2,?\)HM),W%+;WN) `5M(:-W%2K3@[20?.J]Q
M7P?CK+\4.[ E<6@]] _6%UA&%8$\:(N+@P]M>B%7YC2PVS)^XTKAI5)R9":1
M3J62#__@L6#]&F]H49ECC1J+I<Q"FYM](F/3J:#\SIZ0WT09]%Q;-;H6\Z>;
M_\$"`P$``:."`4LP@@%',!\&`U4=(P08,!: %(F"9WW$G29P`$NT4$A\WCVN
M!&Y],!T&`U4=#@06!!1Z$TX`=%O&>&-D)\$OXJ!;O'G%>S .!@-5'0\!`?\$
M! ,"`08P$@8#51T3`0'_! @P!@$!_P(!`# 1!@-5'2 $"C (, 8&!%4=( `P
M6 8#51T?!%$P3S!-H$N@289':'1T<#HO+V-R;"YU<V5R=')U<W0N8V]M+U54
M3BU54T521FER<W0M0VQI96YT075T:&5N=&EC871I;VYA;F1%;6%I;"YC<FPP
M= 8(*P8!!04'`0$$:#!F,#T&""L&`04%!S "AC%H='1P.B\O8W)T+G5S97)T
M<G5S="YC;VTO551.061D5')U<W1#;&EE;G1?0T$N8W)T,"4&""L&`04%!S !
MAAEH='1P.B\O;V-S<"YU<V5R=')U<W0N8V]M, T&"2J&2(;W#0$!!04``X(!
M`0"%UKYX5U5M,W]$4OY"U0:H`0. BOL-LOU*O_:O04GU&UK%TJT;<VX^Z29\
MYDR8P3 HW\O[0CRA)3X*==;0/3F&9M&AF[5-FV^O*&P=K^7J=%JHVK' \75Z
M+YZZDWG*_N*1'E9TLOB-T^!#<AOMC_U@.2!'^XNO.F5(/)@]I26_O>]@X$GE
M%LCK/T.#\.#N#<'3S3-?F]"]8&JS._[ZU,DZ/!_MF_^;23.^0BDY@^XS:2Z"
MG45-J&G:@!L>/=(:77Q'F:6;"&T2F8;675<'&Z<PODM)1+B0?LK1>3CKM#/Z
MH#I=)EB>8548M"'5F=7@0T!",+[JI>>4TK#^\W7Y?V[G,((%/3""!"6@`P(!
M`@(03834%(.4H6';7#:ZQFQ!_# -!@DJADB&]PT!`04%`#"!DS$+, D&`U4$
M!A,"1T(Q&S 9!@-5! @3$D=R96%T97(@36%N8VAE<W1E<C$0, X&`U4$!Q,'
M4V%L9F]R9#$:,!@&`U4$"A,10T]-3T1/($-!($QI;6ET960Q.3 W!@-5! ,3
M,$-/34]$3R!#;&EE;G0@075T:&5N=&EC871I;VX@86YD(%-E8W5R92!%;6%I
M;"!#03 >%PTQ,C$P,38P,# P,#!:%PTQ,S$P,38R,S4Y-3E:,"\Q+3 K!@DJ
MADB&]PT!"0$6'G-C;W1T+F$N:&5R8F5R=$!G;V]G;&5M86EL+F-O;3""`2(P
M#08)*H9(AO<-`0$!!0`#@@$/`#""`0H"@@$!`+A8[KX;4"/^L%#FT50G3-@\
MDMLQ3%KI+1],X]A=F!7JTV\6`@R$[+V;[7/_6"V+?Y^_YD"B. !)0O$3K-<4
MCZK:9XCQ$T,E5BDSA$?(\"'1`&=.\/SRG<] D[!OY\:,X1*0:,8RMD%*N[97
M%Q2<$UP0B)3/E]A:>[D:5VI&@=<:T?5NH#41?B#%:XA /8(T<EC6N^".FUP/
M8?'Z@V=L3A(%K]63/768LK?Y-A:)RAK 0R?A_85Y3ZI@W""_3<CS+&,1N^7U
MDW-<>ZM8&S81E$J(.7-_5O?#(@#0B-G0'O@*G@Y24NFGPJO+9*%P7B-8BU*O
MC+B:CO:'X0E:DU*+594"`P$``:."`>XP@@'J,!\&`U4=(P08,!: %'H33@!T
M6\9X8V0GP2_BH%N\><5[,!T&`U4=#@06!!1Z(.'7M5-?^[A[MW->N8KC/))(
MPC .!@-5'0\!`?\$! ,"!: P# 8#51T3`0'_! (P`# @!@-5'24$&3 7!@@K
M!@$%!0<#! 8+*P8!! &R,0$#!0(P$08)8(9(`8;X0@$!! 0#`@4@,$8&`U4=
M( 0_,#TP.P8,*P8!! &R,0$"`0$!,"LP*08(*P8!!04'`@$6'6AT='!S.B\O
M<V5C=7)E+F-O;6]D;RYN970O0U!3,%<&`U4='P10,$XP3*!*H$B&1FAT=' Z
M+R]C<FPN8V]M;V1O8V$N8V]M+T-/34]$3T-L:65N=$%U=&AE;G1I8V%T:6]N
M86YD4V5C=7)E16UA:6Q#02YC<FPP@8@&""L&`04%!P$!!'PP>C!2!@@K!@$%
M!0<P`H9&:'1T<#HO+V-R="YC;VUO9&]C82YC;VTO0T]-3T1/0VQI96YT075T
M:&5N=&EC871I;VYA;F1396-U<F5%;6%I;$-!+F-R=# D!@@K!@$%!0<P`888
M:'1T<#HO+V]C<W N8V]M;V1O8V$N8V]M,"D&`U4=$00B,""!'G-C;W1T+F$N
M:&5R8F5R=$!G;V]G;&5M86EL+F-O;3 -!@DJADB&]PT!`04%``."`0$`A3-8
M'_]0^B8M=4S87?%!%#1P9B2NNKJI?ES\CK:[S*92K6N%_S[49QMR.S**KI"(
MKQBJY-H>]9_@##BA8OZ2J=]H02M\G'=S8S=A;>#:MOV,;";+($<Z* WCIMM-
M8N>,_N^[JFW,;NV2[/AP1:R:%I+0)B+>+N;N8JE-59W61$U4'D<'Z<<6CSR7
M\C*V`*"W[W,R-/O(`TNA"6I'(/(MG],"SD*E:N%AL^O?AJX</94K?/ B8E_=
M5:A'#IFW\_:T(Q:KQ2!]$$=->SGI)/9')@&U?\Z#OP=O^.Y *S+C:1_#L+ J
M-F#/>91 *_Z()?ZB!=O@E=+ D/#%Z'PO#T>J;C&"!(DP@@2%`@$!,(&H,(&3
M,0LP"08#500&$P)'0C$;,!D&`U4$"!,21W)E871E<B!-86YC:&5S=&5R,1 P
M#@8#500'$P=386QF;W)D,1HP& 8#500*$Q%#3TU/1$\@0T$@3&EM:71E9#$Y
M,#<&`U4$`Q,P0T]-3T1/($-L:65N="!!=71H96YT:6-A=&EO;B!A;F0@4V5C
M=7)E($5M86EL($-!`A!-A-04@Y2A8=M<-KK&;$'\, T&"6"&2 %E`P0"`P4`
MH(("L3 8!@DJADB&]PT!"0,Q"P8)*H9(AO<-`0<!,!P&"2J&2(;W#0$)!3$/
M%PTQ,C$P,S$Q.#$U,C%:,$\&"2J&2(;W#0$)!#%"!$#H@JZUAK"!XG&'+.#B
M7O?,+'$*#N6KR#7RKV-W<6GT5U=6\BZP$MI2G 3P4GK2\>H:2PS\]7'EKQW7
MUR.;7]<A,(&K!@DJADB&]PT!"0\Q@9TP@9HP"P8)8(9(`64#! $J, L&"6"&
M2 %E`P0!%C *!@@JADB&]PT#!S +!@E@AD@!90,$`0(P#@8(*H9(AO<-`P("
M`@" , <&!2L.`P(', T&""J&2(;W#0,"`@% , T&""J&2(;W#0,"`@$H, L&
M"6"&2 %E`P0"`S +!@E@AD@!90,$`@(P"P8)8(9(`64#! (!, <&!2L.`P(:
M,(&Y!@DK!@$$`8(W$ 0Q@:LP@:@P@9,Q"S )!@-5! 83`D=",1LP&08#500(
M$Q)'<F5A=&5R($UA;F-H97-T97(Q$# .!@-5! <3!U-A;&9O<F0Q&C 8!@-5
M! H3$4-/34]$3R!#02!,:6UI=&5D,3DP-P8#500#$S!#3TU/1$\@0VQI96YT
M($%U=&AE;G1I8V%T:6]N(&%N9"!396-U<F4@16UA:6P@0T$"$$V$U!2#E*%A
MVUPVNL9L0?PP@;L&"RJ&2(;W#0$)$ (+,8&KH(&H,(&3,0LP"08#500&$P)'
M0C$;,!D&`U4$"!,21W)E871E<B!-86YC:&5S=&5R,1 P#@8#500'$P=386QF
M;W)D,1HP& 8#500*$Q%#3TU/1$\@0T$@3&EM:71E9#$Y,#<&`U4$`Q,P0T]-
M3T1/($-L:65N="!!=71H96YT:6-A=&EO;B!A;F0@4V5C=7)E($5M86EL($-!
M`A!-A-04@Y2A8=M<-KK&;$'\, T&"2J&2(;W#0$!`04`!((!`&H?2C[NL6"Q
MB-\#'_%I5I IF `0,+EZXGV]53<BU.2G76X8W@RUG9X>H,E)P\#%QGQ]U.NW
M$ 32D*V9T!5Y.&^Y*3L#'CMH\^AH=/XY3+S+_"+RQ!H_-^,(Y]'YE:4#*-"(
MO'(H[][P$WST$^50`J[(=*%"5-R L*GVYIP@80QN<4-.BX:[SHWLQ.U^E>,&
MNFJN#=89YZ<]/$4EH=67.ML15S0,F:D.MTLYW#X0)A[]#\KN17I9\6)&/ CJ
MDJ;6TQ)E%_T9F?T3)8Q\7^ABW,?RQI!']R<']@-;!?)S("N#"6H`R),MZN!-
=B.WN407"W\=7!#=XX-#-=J7J,XTYV8(`````````
`
end


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------