Tags: , , , , , , , , , , , , ,

1. Normal consumers -- in the home or in business -- choose their computers and software on the basis of advertising, not what infosec cognoscenti write in blogs. TV and magazine ads depicting happy families protected from the pedophile-riddled Internet trump concerned technical articles about privacy every time.

But we have cracked hardwear before......

 You can fight back against this trend by only using software that respects your  boundaries.

If you *have* to trust someone, don't.

This assumes that the message sent from the phone can't be spoofed - I'm not sure if an attacker changing his caller ID would be able to get around that.

Well done! Tell us all something we don't know. :-p

It seems that two factor authentication with a two-way SMS message would work. A number sent to the phone must be typed into the computer, and a number shown on the computer must be typed into the phone and sent as a reply to the SMS.

This essay will appear in the April issue of Communications of the ACM.

As long as this is part of the key, the key will have its faults.

Social engineering will always enable an attacker to lure people into fake websites or make them install trojans. I it is worthwhile making passwords useless to an attacker without the authentication token.

"Technically you might have bought the hardware and software, ..."

That rather depends how reliable my computer is at the moment. For many readers of this blog (and Wired), sure, we don't want people messing with our silicon unless we know about it and approve. But most users already lack control of "what it does, and how the various software components interact" - they quite rightly choose not to spend months learning how to do that.

(Accounts are really "bankgiro" or "postgiro" numbers)

> This sounds complicated but needn't
> be. To log in, the user would need not > only the PIN but also a one time TAN. > For each individual transaction, the
> user would need one additional TAN as
> usual. This will prevent phishing and
> Trojan attacks beacause the attacker
> can never capture two valid TANs: The
> first TAN will be expired as soon as
> the user is logged in. If the attacker
> prevents the user from logging in, he
> won't be able to capture a second TAN.
> Can anybody beat this?
Easily. If you have a Trojan installed in your computer, I think I can agree with rcme that it's "game over".

Yet there is almost zero indication of responsibility on the part of the vendor.

I agree, but why are we still paying for cable television???

I do agree that it is very difficult to implement a two factor authentication system using digital certificates. But how are the people going to save their hard earned money without putting some effort of getting educated about the technology we professionals build.

"We just sell it...you have to secure it." seems to be the unspoken motto.

Checkout the below article detailing Microsoft's new "sea change".

I'm also not convinced that an attacker only has to fool the most stupid internet users. In Germany, the last wave of phishing and keylogging attacks wasn't successful because the fraudulent transactions were detected early. At least this is what the banks are saying, which you may chose to believe or not.

It's time that changes. Thanks for this post, Bruce, great discussion.

What do people think about this?

Yeah, the biggest mistake with IE was made by coding IE to be a "shell browser" which ofcoarse is the main reason for security risks. Mozilla on the other hand didn't. But, i can see why MS wanted IE to work like a shell. yeah: to please consumers to be able to use IE for local browsing and run progs. But it was a very wrong decision.