[17333] in cryptography@c2.net mail archive
Re: Citibank discloses private information to improve security
daemon@ATHENA.MIT.EDU (Ed Gerck)
Thu Jun 2 22:21:19 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Thu, 02 Jun 2005 17:02:50 -0700
From: Ed Gerck <edgerck@nma.com>
To: Ian G <iang@systemics.com>
Cc: Anne & Lynn Wheeler <lynn@garlic.com>,
"Heyman, Michael" <Michael.Heyman@sparta.com>,
cryptography@metzdowd.com
In-Reply-To: <200506021837.07232.iang@systemics.com>
Ian G wrote:
> This will change,. I predict that the banks will end up
> with the liability for phishing, for good or for bad, and
> they will then find it in their hearts to finance the add-ons,
> which will battle it out, thus leading to the 'best practices'
> which will be incorporated into the browsers.
I think that the odds are better, historically, for the following
bet:
Banks will shift to the users the cost and liability for phishing,
for good or for bad, and they will not finance any add-ons
otherwise they would have the liability for those add-ons failing.
The solution for phishing will have to come from developers and
will be adopted by banks as long as (in this order): (1) the bank's
liability is zero, and (2) it works.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
