SecurityRatty: Security x.0

The most insecure banking/sales terminal

2008-07-14 13:27:20 by Editor in Security x.0

...security features to resist counterfeiting Cheques require the account holder's signature ATMs require both your card and your PIN, run secure software, and are physically tamper-resistant Point of Sale terminals in your favourite supermarket are protected from tampering and use dedicated secure connections to the payment processing network...

Phishing emails and training users

2008-07-07 09:24:45 by Editor in Security x.0

...security staff think it's a phish And it's not just banks which are slipping up. I received an email from Paypal , asking users to click here and enter your password despite the warning on the same page: PayPal will never ask you to enter your password in an email. What can customers be reasonably expected to do, given this type of training?...

Tags: emails, customers, customers regularly, train customers, emails quickly adapt, alternative approach, email, bank fraud, fraud

2FA is dead

2008-04-29 09:19:31 by Editor in Security x.0

...security assurances, while being acceptable to customers. Unlike CAP, as transaction details are encoded in a visual cryptogram, the user does not have to re-enter them into the trusted device, increasing speed, reducing errors and mitigating security problems. Costs to the service provider are also reduced, and reliability improved, since...

Tags: real bank site, bank site, browser, browser attacks, bank, bank details, browser attack, 2fa, transaction

Feeling secure?

2008-04-04 21:18:18 by Editor in Security x.0

...security questions such as what was the exact amount of your last transfer in April and how many direct debits do you have on your account? How am I expected to remember Of course, with increasing online banking adoption, security is becoming a serious concern and rightly so; and it certainly IS as important to make the user feel secure as it...

Tags: secure, transfer, urgently transfer, month regular transfer, valuable personal information, security, security questions, funds, local branch

How do you present your security proposition?

2008-04-04 21:18:18 by Editor in Security x.0

Security is a tough sell, both from the inside ( Security Officer ) and outside ( Security Vendor ) points of view. The "failure to communicate" is often cited as one of the reasons I wonder how much of the inability to secure sufficient funding and management buy-in is due to the approach of the security professionals themselves asks Andrew...

Tags: security, web application security, security professionals, effectively security, presentation, presentation slides, visual, visual delivery style, security vendor

Phishing reloaded

2008-04-04 21:18:18 by Editor in Security x.0

...security model that was invented in 1995 ", get better at " following the money " and focus on verifying transactions, not just the user

Tags: fraudulent, fraudulent server replies, paper describes mechanisms, paper, dns lookups, specific dns lookups, fraudulent dns server, traffic redirectors, user authentication method

Trusted path

2008-04-04 21:18:17 by Editor in Security x.0

...security research. It is the basis of many security protocol and application designs, and a security breach of it is one of the most common attack vectors This week, the Security Group published their findings on the vulnerability of PIN entry devices (PEDs) currently deployed in the UK (details available in their technical report ). The...

Tags: path, security, security protocol, strong security protocols, protocols, user, user terminals, common, attack vectors

Do you listen to your users?

2008-04-04 21:18:17 by Editor in Security x.0

...information and practical advice to Internet users, but its impact is undermined by the multiplication of other overlapping websites. We recommend that the Government provide more explicit high-level political support to the Get Safe Online initiative and make every effort to recruit additional private sector sponsors. If necessary, the site...

Tags: internet, personal internet security, software, content control software, software vendors, users, software liability, club, ilkley computer club

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo