Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Web Banking Undergoing Security Upgrade

From: InfoSec News <isn () c4i org>
Date: Tue, 1 Nov 2005 00:07:51 -0600 (CST)
Forwarded from: *Hobbit* <hobbit () avian org> 

If the consumer's machine is already compromised by successful
phishing, how does checking a source IP address or requiring a token
help in the slightest?  The transaction is still at risk and the
details are still leaking out.  A transaction relayed through the
compromised machine is still going to originate from the same network
space.

This is nuts.  The only way to deal with this, aside from the human
problem, is to begin with a platform that doesn't provide such a rich
environment for worms and spyware to reside.

_H*




_________________________________________
InfoSec News v2.0 - Coming Soon! 
http://www.infosecnews.org
Previous By Date Next
Previous By Thread Next

Current thread: