assurance - Re: [Assurance] can two-factor be hacked ?
Subject: Assurance
List archive
- From: "Cantor, Scott" <>
- To: "" <>
- Subject: Re: [Assurance] can two-factor be hacked ?
- Date: Fri, 7 Mar 2014 21:31:50 +0000
- Accept-language: en-US
On 3/7/14, 4:27 PM, "Steven Carmody"
<>
wrote:
>
>The javascript runs completely within the server platform. That's
>something that's new....
Or old, as the case may be. Proxies are really only defeatable in the
usual ways. If they're screen scraping, then you can have an arms race
implementing anti-scraping tricks, but that goes away as soon as you
support something like, say, ECP or Moonshot, that's implementing a
non-browser UI for authentication.
So that leaves chasing addresses, and blacklisting proxies when you find
them.
>As you say, *should*. However, if its identical to the application's
>login page, then the user would have to look at the url bar... does
>anyone know of anything that could be embedded in the real page, but not
>duplicated in the fake page ?
Nothing I can imagine.
-- Scott
- RE: [Assurance] can two-factor be hacked ?, (continued)
- RE: [Assurance] can two-factor be hacked ?, Brian Arkills, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Brian Arkills, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Etan Weintraub, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Dana Watanabe, 03/11/2014
- RE: [Assurance] can two-factor be hacked ?, Jones, Mark B, 03/11/2014
- Re: [Assurance] can two-factor be hacked ?, Joe St Sauver, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Farmer, Jacob, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Walker, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, David Langenberg, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Cantor, Scott, 03/07/2014
- Re: [Assurance] can two-factor be hacked ?, Steven Carmody, 03/07/2014
- RE: [Assurance] can two-factor be hacked ?, Brian Arkills, 03/11/2014
Archive powered by MHonArc 2.6.16.