[4282] in WWW Security List Archive
Re: Sceptic about (Funds Transfer w/o PIN)
daemon@ATHENA.MIT.EDU (James E. Hoburg)
Fri Feb 7 12:59:02 1997
Date: Fri, 7 Feb 1997 10:07:08 -0500
From: "James E. Hoburg" <james.e.hoburg@att.com>
To: www-security@ns2.rutgers.edu
In-Reply-To: <Pine.BSF.3.91.970206222900.13624D-100000@ns1.flask.com>
Reply-To: james.e.hoburg@att.com
Errors-To: owner-www-security@ns2.rutgers.edu
Shin Katsumata writes:
> Why bother with certificates and Active-X, write a virus that insert the
> transaction into Quicken, better return on investment. I like blaming MS
> for the problems, but may be Intuit needs to fix this problem.
Interestingly, introducing ActiveX (in the sense of injecting) seems to create
a hostile computing environment which the developers of Quicken likely neither
anticipated nor intended for their product. The fact that there are many
variables interacting in very nonlinear ways is what makes security a bit of a
challenge, isnt't it?
Regards,
jeh
