Risks of the Passport Single Signon Protocol
-
Risks of the Passport Single Signon Protocol: http://avirubin.com/passport.html Steven J. Ackerman, Consultant ACS, Sarasota, FL http://www.acscontrol.com steve@acscontrol.com sja@gte.net
-
Risks of the Passport Single Signon Protocol: http://avirubin.com/passport.html Steven J. Ackerman, Consultant ACS, Sarasota, FL http://www.acscontrol.com steve@acscontrol.com sja@gte.net
-
Lots in that article are specific to Passport. Lots are flaws with the internet in general. Both should be fixed. Easier said than done. Tim Smith Descartes Systems Sciences, Inc.
The AT&T report is quite old (in Internet terms). However recently there was a *real* passport security breach. More details here: http://alive.znep.com/~marcs/passport/ That's scary stuff if you have your credit card info in the Passport wallet. It has been fixed partially though. -Chris
-
The AT&T report is quite old (in Internet terms). However recently there was a *real* passport security breach. More details here: http://alive.znep.com/~marcs/passport/ That's scary stuff if you have your credit card info in the Passport wallet. It has been fixed partially though. -Chris
Yup, it has been hacked and it will be hacked again. People tend to use really bad passwords and use them all over the place. Once you hack one non-passport site, you can probably use the password on many other sites the user goes to. But in general, if you don't want it stolen, don't put it on the net. Tim Smith Descartes Systems Sciences, Inc.
-
Yup, it has been hacked and it will be hacked again. People tend to use really bad passwords and use them all over the place. Once you hack one non-passport site, you can probably use the password on many other sites the user goes to. But in general, if you don't want it stolen, don't put it on the net. Tim Smith Descartes Systems Sciences, Inc.
But in general, if you don't want it stolen, don't put it on the net. I mean I assume that you are talking about credit card numbers here? But I don't think there really is any protect net or not. I mean most places print out the number on the receipt when you buy anything in any store (some places hash out a few of the digits, but not everyone). So some underpaid shop employee might be tempted to buy things with that number... (and more likely that someone who hacks into somewhere which is possibly an intellectual persuit?? Well for some hackers anyway; But there are those people who get called hackers who are really just social engineers and talk people into giving them the numbers...) There is no safety anywhere, lets just go back to trading chickens... Have fun, Paul Westcott.
-
But in general, if you don't want it stolen, don't put it on the net. I mean I assume that you are talking about credit card numbers here? But I don't think there really is any protect net or not. I mean most places print out the number on the receipt when you buy anything in any store (some places hash out a few of the digits, but not everyone). So some underpaid shop employee might be tempted to buy things with that number... (and more likely that someone who hacks into somewhere which is possibly an intellectual persuit?? Well for some hackers anyway; But there are those people who get called hackers who are really just social engineers and talk people into giving them the numbers...) There is no safety anywhere, lets just go back to trading chickens... Have fun, Paul Westcott.