funsec mailing list archives
Re: Bank security
From: "Tomas L. Byrnes" <tomb () byrneit net>
Date: Wed, 22 Jul 2009 11:28:31 -0700
Well, if they used PKI, that would be true (that the e-mail could be authenticated whereas the fax cannot). It is true that you can at least verify the final relay MTA, if you control the delivery MTA, which you can't for sure with a fax (caller ID can be spoofed). So there is some truth that e-Mail is slightly more verifiable than fax.
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Larry Seltzer Sent: Wednesday, July 22, 2009 3:19 AM To: Drsolly; funsec () linuxbox org Subject: Re: [funsec] Bank security OMFG.... Larry Seltzer Contributing Editor, PC Magazine larry_seltzer () ziffdavis com http://blogs.pcmag.com/securitywatch/ -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Drsolly Sent: Wednesday, July 22, 2009 4:44 AM To: funsec () linuxbox org Subject: [funsec] Bank security I sent my bank a fax to tell them about my change of address. They sent a fax back, asking me to phone them. The lady I spoke to, said that they couldn't do it from a fax, they needed an email. I asked why; she said that it was so they could be sure it came from me. Apparently, anyone can send an fax, but if an email has me in the from-line, that proves it came from me. And this is a bank. And we wonder why there's fraud ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Bank security Drsolly (Jul 22)
- Re: Bank security Larry Seltzer (Jul 22)
- Re: Bank security John C. A. Bambenek, GCIH, CISSP (Jul 22)
- Re: Bank security Tomas L. Byrnes (Jul 22)
- Re: Bank security Drsolly (Jul 22)
- Re: Bank security Larry Seltzer (Jul 22)
- Re: Bank security Drsolly (Jul 22)
- Re: Bank security Larry Seltzer (Jul 22)
- Re: Bank security Drsolly (Jul 22)
- Re: Bank security Drsolly (Jul 23)
- Re: Bank security Rob Thompson (Jul 23)
- <Possible follow-ups>
- Re: Bank security Drsolly (Jul 22)