[4275] in WWW Security List Archive
Re: Sceptic about (Funds Transfer w/o PIN)
daemon@ATHENA.MIT.EDU (Shin Katsumata)
Fri Feb 7 01:33:22 1997
Date: Thu, 6 Feb 1997 22:35:57 +0000 ()
From: Shin Katsumata <skat@flask.com>
To: WWW-SECURITY@ns2.rutgers.edu
In-Reply-To: <32F9F482.5307@HomeCom.com>
Errors-To: owner-www-security@ns2.rutgers.edu
>
> Brian Toole wrote:
> >
>
> > The only "trick" here is to lure the user into
> > downloading the application, and in this case, having
> > a certificate actually helps the process, rather
> > than hindering it. "Oooh. It's signed, so it
> > is safe to use."
> >
>
Why bother with certificates and Active-X, write a virus that insert the
transaction into Quicken, better return on investment. I like blaming MS
for the problems, but may be Intuit needs to fix this problem.
Shin
