[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Anti-MS drivel
- To: Gregh <chows@ozemail.com.au>
- Subject: Re: [Full-Disclosure] Anti-MS drivel
- From: Tobias Weisserth <tobias@weisserth.de>
- Date: Thu, 22 Jan 2004 09:43:03 +0100
Hi Greg,
Am Do, den 22.01.2004 schrieb Gregh um 07:21:
> ...
> That has nothing to do with ANYTHING. If I install a keylogger on YOUR
> computer and you DONT know about it and let's say your bank was at
> www.bank.com and your account name was BOB and password was 123ghqofc0
> right? Now you have just gone to the bank's web site and have typed, in
> plain text on your keyboard, that username and password. Where does
> CRYPTOGRAPHY stop that being recorded as you TYPE it and later sent
> elsewhere? Surely you know what a keylogger IS dont you?
You couldn't do a thing with the account information of a European
online bankin account. You need a new TAN number for every transaction
you make. Even changing personal data of the account settings requires a
TAN.
No keylogger in the world can make you use this account if you haven't
the TANs.
Delivering TANs may be a "low tech" measure but it works. There hasn't
been a single reported incident of online banking fraud I know of.
For the rest, you have read my views in most other mails,
cheers,
Tobias
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html