blind_html Re: [Fwd: BAH IBM Looks To Secure Banking With USB Stick]

  • From: "The Elf" <inthaneelf@xxxxxxxxxxxxxx>
  • To: <blind_html@xxxxxxxxxxxxx>
  • Date: Fri, 13 Mar 2009 12:51:59 -0700

I donno, why don't you?

it seems viable and as if it will actually make the transactions safer, though not totally safe, nothing is totally safe.

----- Original Message ----- From: "Nimer" <nimerjaber1@xxxxxxxxx>
To: <blind_html@xxxxxxxxxxxxx>
Sent: Wednesday, March 11, 2009 3:18 PM
Subject: blind_html [Fwd: BAH IBM Looks To Secure Banking With USB Stick]

Why don't I trust this?

-------- Original Message --------
Subject: BAH IBM Looks To Secure Banking With USB Stick
Date: Wed, 11 Mar 2009 18:17:48 -0400
From: Lisa <whitedove621@xxxxxxxxxxxxx>
Reply-To: blindAccessHelp@xxxxxxxxxxxxxxx
To: <blindAccessHelp@xxxxxxxxxxxxxxx>

> No word on accessibility at this point.
> IBM Looks To Secure Banking With USB Stick
> IBM's Zurich research laboratory has developed a USB stick that the
> company says
> can ensure safe banking transactions even if a PC is riddled with
> A prototype of the device, called ZTIC (Zone Trusted Information
> is on
> display for the first time at the Cebit trade show this week. IBM
hopes to
> entice
> banks into buying it for online banking, which saves banks money on
> personnel costs
> but is constantly under siege by hackers.
> When plugged into a computer, ZTIC is configured to open a secure SSL
> (Secure Sockets
> Layer) connection with a bank's servers, said Michael Baentsch, product
> manager for
> BlueZ Business Computing at the Zurich lab.
> ZTIC is also a smart-card reader and can accept a person's bank card for
> verification.
> Once a PIN (personal identification number) is verified, a
transaction can
> be initiated
> through a Web browser.
> Web browsers, however, are a point of weakness for online banking
> of so-called
> man-in-the-middle attacks. Hackers have created malicious software
> programs than
> can modify data as it is sent to a bank's Web server but then display
> information
> the consumer intended in the browser. As a result, a person's bank
> could
> be emptied. Man-in-the-middle attacks are also effective even if the
> bank's customer
> is using a one-time password generator.
> The ZTIC, however, bypasses the browser and goes directly to the
bank. It
> ensures
> that the data exchanged is accurate. For example, say a bank customer
> wants to transfer
> money. The customer will input US$100 into a form in the browser. The
> bank's servers
> will then try to confirm the amount. During a man-in-the-middle attack,
> the attacker
> is capable of transferring $1,000 but can modify the confirmation
> to still
> show $100. Since it has a direct secure connection with the bank's
> servers, the ZTIC
> will show the amount that actually has been requested to be sent. So
> if the
> browser shows a confirmation for $100, the ZTIC will show $1,000,
> indicating a man-in-the-middle
> attack in progress, Baentsch said. The user would know to reject the
> transaction
> and press the red "x" button on the ZTIC. "If malware is attacking your
> online banking
> transaction, it will show you something strange has happened," Baentsch
> said.
> IBM expended a lot of effort to figure how to initiate an SSL session
> within a USB
> stick, Baentsch said. It takes some processing muscle, and since the USB
> runs independent
> of the PC, it does not have access to the computer's processor.
> ZTIC uses a chip from microprocessor designer ARM, and the software has
> been designed
> so it can quickly establish a SSL session, Baentsch said. Although it
is a
> memory
> stick, no data can be stored on it, which also prevents malicious
> from infecting
> it.
> Using ZTIC would also prevent phishing attacks, where a fraudulent Web
> site tries
> to elicit sensitive details from a user, and pharming attacks, where DNS
> (Domain
> Name System) settings have been tampered with, Baentsch said. ZTIC
> to ensure
> that the Web site has a valid security certificate.
> IBM has internal figures on how much the ZTIC might cost for banks, but
> Baentsch
> wouldn't reveal them, saying that it would depend on the final design
> specifications
> of the ZTIC and other factors.

Messages in this topic <;_ylc=X3oDMTM3ZG11dW10BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRtc2dJZAMxNzIwNQRzZWMDZnRyBHNsawN2dHBjBHN0aW1lAzEyMzY4MDk4ODkEdHBjSWQDMTcyMDU-> (1) Reply (via web post) <;_ylc=X3oDMTJybmZxZWczBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRtc2dJZAMxNzIwNQRzZWMDZnRyBHNsawNycGx5BHN0aW1lAzEyMzY4MDk4ODk-?act=reply&messageNum=17205> | Start a new topic <;_ylc=X3oDMTJmMzJqcXJqBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNudHBjBHN0aW1lAzEyMzY4MDk4ODk-> Messages <;_ylc=X3oDMTJmNWw4ZGduBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNtc2dzBHN0aW1lAzEyMzY4MDk4ODk-> | Files <;_ylc=X3oDMTJnNGRiZjVzBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNmaWxlcwRzdGltZQMxMjM2ODA5ODg5> | Photos <;_ylc=X3oDMTJma2VvdWswBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNwaG90BHN0aW1lAzEyMzY4MDk4ODk-> | Links <;_ylc=X3oDMTJnODE5YmNvBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNsaW5rcwRzdGltZQMxMjM2ODA5ODg5> | Database <;_ylc=X3oDMTJkYmgzZDRoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNkYgRzdGltZQMxMjM2ODA5ODg5> | Polls <;_ylc=X3oDMTJnamwybG1kBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNwb2xscwRzdGltZQMxMjM2ODA5ODg5> | Members <;_ylc=X3oDMTJmcTBiM3NoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNtYnJzBHN0aW1lAzEyMzY4MDk4ODk-> | Calendar <;_ylc=X3oDMTJlYWRjb2FpBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNjYWwEc3RpbWUDMTIzNjgwOTg4OQ--> This list is owned by Jimmy Podsim. Moderator Frank. If you have any questions or complaints, please send them to blindAccessHelp-owner@xxxxxxxxxxxxxxx . I hope you find this list helpful.

Yahoo! Groups <;_ylc=X3oDMTJlM3BrN3I4BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNnZnAEc3RpbWUDMTIzNjgwOTg4OQ--> Change settings via the Web <;_ylc=X3oDMTJncjNkYjZoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNzdG5ncwRzdGltZQMxMjM2ODA5ODg5> (Yahoo! ID required) Change settings via email: Switch delivery to Daily Digest <mailto:blindAccessHelp-digest@xxxxxxxxxxxxxxx?subject=Email%20Delivery:%20Digest> | Switch format to Traditional <mailto:blindAccessHelp-traditional@xxxxxxxxxxxxxxx?subject=Change%20Delivery%20Format:%20Traditional> Visit Your Group <;_ylc=X3oDMTJlMzg2YzI0BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNocGYEc3RpbWUDMTIzNjgwOTg4OQ--> | Yahoo! Groups Terms of Use <> | Unsubscribe <mailto:blindAccessHelp-unsubscribe@xxxxxxxxxxxxxxx?subject=>
Recent Activity

     New Members


Visit Your Group <;_ylc=X3oDMTJmOGIxZHFyBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDdnRsBHNsawN2Z2hwBHN0aW1lAzEyMzY4MDk4ODk->
Give Back

Yahoo! for Good <;_ylg=1/SIG=11314uv3k/**http%3A//>

Get inspired

by a good cause.

Y! Toolbar

Get it Free! <;_ylg=1/SIG=11c6dvmk9/**http%3A//>

easy 1-click access

to your groups.

Yahoo! Groups

Start a group <;_ylc=X3oDMTJwMnVsMmdwBF9TAzk3MzU5NzE0BF9wAzMEZ3JwSWQDMTkxMTg2NTgEZ3Jwc3BJZAMxNzA1MDA3NzA5BHNlYwNuY21vZARzbGsDZ3JvdXBzMgRzdGltZQMxMjM2ODA5ODg5>

in 3 easy steps.

Connect with others.




Nimer M. Jaber

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender via reply e-mail, and delete the
material from any computer.

(720) (251-4530)

To unsubscribe, please send a blank email to
with unsubscribe in the subject line.
To access the archives, please visit:


To unsubscribe, please send a blank email to
with unsubscribe in the subject line.
To access the archives, please visit:


Other related posts: