"The Net's Real Security Problem" this a real thre

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
User avatar
DaveTheAve
Forum Contributor
Posts: 385
Joined: Tue Oct 03, 2006 2:25 pm
Location: 127.0.0.1
Contact:

"The Net's Real Security Problem" this a real thre

Post by DaveTheAve »

The Net's Real Security Problem

I actually found this article a month ago and was going to post it here but I forgot; typical me. Please enlighten me on your thoughts on this "real security problem".
User avatar
Chris Corbyn
Breakbeat Nuttzer
Posts: 13098
Joined: Wed Mar 24, 2004 7:57 am
Location: Melbourne, Australia

Post by Chris Corbyn »

Banks could require customers to use a USB dongle when they access the web site. I'm not sure where I've heard this done before but that idea didn't just come out of the thin air currently floating around my head ;)
alvinphp
Forum Contributor
Posts: 380
Joined: Wed Sep 21, 2005 11:47 am

Post by alvinphp »

Banks are all moving to multi-factor authentication so it is not enough to just copy a banks generic login page as the login will have a unique image specific to you (similar to what yahoo does with web mail). So a hacker is not going to have any idea what your unique image.
User avatar
DaveTheAve
Forum Contributor
Posts: 385
Joined: Tue Oct 03, 2006 2:25 pm
Location: 127.0.0.1
Contact:

Post by DaveTheAve »

You guys seem to be taking this on a single topic, having fooled around with hacking quite a bit myself - having worked for my local courthouse - I was talking more about the overall security for the web. For example: google, devnet, MicroSh*t, /., digg, (enter one of your many pornsites here), or if you really need to get money from the hack, paypal. See what I'm getting at? This ranges much further then your banks; though banks is the best one too do.
User avatar
shiznatix
DevNet Master
Posts: 2745
Joined: Tue Dec 28, 2004 5:57 pm
Location: Tallinn, Estonia
Contact:

Post by shiznatix »

i read the article and found it to be awesome. except, if these things are so easily done as the article seams to imply, then why has it not been a big problem yet? its not from lack of hackers i am sure.
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

I'm pretty sure the belgian root dns server was once a victim of such an attack four a couple of hours (almost 10 years ago now)... I'm not sure that they've found a good way to prevent such attacks now (but i don't know the technical details...)
Post Reply