[18272] in cryptography@c2.net mail archive
Re: [Clips] RSA Security Sees Hope in Online Fraud
daemon@ATHENA.MIT.EDU (Florian Weimer)
Thu Aug 25 16:13:17 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Florian Weimer <fw@deneb.enyo.de>
To: "R.A. Hettinga" <rah@shipwright.com>
Cc: cryptography@metzdowd.com
Date: Thu, 25 Aug 2005 18:59:04 +0200
In-Reply-To: <p062309b8bf30cec68a7a@[68.167.57.91]> (R. A. Hettinga's message
of "Tue, 23 Aug 2005 09:02:00 -0400")
* R. A. Hettinga quotes:
> Today RSA is perhaps best known for staging a prestigious annual security
> conference and for selling 20 million little devices that display a
> six-digit code computer users must type to gain access to computer
> networks. The code, which changes every minute as determined by an
> RSA-created algorithm, is unique to each "SecureID" token, making it
> useless to a snoop.
Of course, SecureID tokens do not prevent man-in-the-middle attacks
carried out in real-time. For example, it's probably not too hard to
write a Browser Helper Object which automatically rewrites financial
transactions submitted using Internet Explorer.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
