Skip to Content.
Sympa Menu

assurance - Re: [Assurance] can two-factor be hacked ?

Subject: Assurance

List archive

Re: [Assurance] can two-factor be hacked ?


Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: "" <>
  • Subject: Re: [Assurance] can two-factor be hacked ?
  • Date: Fri, 7 Mar 2014 22:25:11 +0000
  • Accept-language: en-US
On 3/7/14, 5:21 PM, "Farmer, Jacob"
<>
wrote:

>Ah, that is not the direction I thought you were going to go with it.
>Good suggestion, though.
>
>I was thinking using some kind of app to interact with the enterprise SSO
>to help defend against this kind of behavior.

Sure, I guess if you solve the "how do I trust the extension?" problem, I
imagine you can go this route. It was historically much more onerous to
get people to install add-ons, and of course the dominant browser 10 years
back used native code as extensions. Now that's all webified, and it's
much easier, but also less secure intrinsically. I was going to make a
crack about how Chrome meets most of my defintions of malware...

Ultimately if you can get people to use an add-on, you're presupposing
some influence over their behavior that could be used to help with
phishing to start with.

-- Scott



Archive powered by MHonArc 2.6.16.

Top of Page