[17724] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

the limits of crypto and authentication

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sat Jul 9 11:07:13 2005

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: cryptography@metzdowd.com
Date: Fri, 08 Jul 2005 15:06:47 -0400

There's been a lot of discussion about how to strengthen cryptography 
and authentication, to get away from problems of phishing, pharming, 
etc.  But such approaches can take you only so far, as this link 
indicates:

http://www.lurhq.com/grams.html

Briefly, it's a Trojan that waits for you to log int o E-Gold, checks 
your balance, and drains your account except for .004 grams of gold.

		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[17724] in cryptography@c2.net mail archive

the limits of crypto and authentication

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)Sat Jul 9 11:07:13 2005

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Sat Jul 9 11:07:13 2005