blind_html [Fwd: BAH IBM Looks To Secure Banking With USB Stick]

  • From: Nimer <nimerjaber1@xxxxxxxxx>
  • To: blind_html@xxxxxxxxxxxxx
  • Date: Wed, 11 Mar 2009 16:18:51 -0600

Why don't I trust this?

-------- Original Message --------
Subject:        BAH IBM Looks To Secure Banking With USB Stick
Date:   Wed, 11 Mar 2009 18:17:48 -0400
From:   Lisa <whitedove621@xxxxxxxxxxxxx>
Reply-To:       blindAccessHelp@xxxxxxxxxxxxxxx
To:     <blindAccessHelp@xxxxxxxxxxxxxxx>

> No word on accessibility at this point.
> IBM Looks To Secure Banking With USB Stick
> IBM's Zurich research laboratory has developed a USB stick that the
> company says
> can ensure safe banking transactions even if a PC is riddled with malware. > A prototype of the device, called ZTIC (Zone Trusted Information Channel),
> is on
> display for the first time at the Cebit trade show this week. IBM hopes to
> entice
> banks into buying it for online banking, which saves banks money on
> personnel costs
> but is constantly under siege by hackers.
> When plugged into a computer, ZTIC is configured to open a secure SSL
> (Secure Sockets
> Layer) connection with a bank's servers, said Michael Baentsch, product
> manager for
> BlueZ Business Computing at the Zurich lab.
> ZTIC is also a smart-card reader and can accept a person's bank card for
> verification.
> Once a PIN (personal identification number) is verified, a transaction can
> be initiated
> through a Web browser.
> Web browsers, however, are a point of weakness for online banking because
> of so-called
> man-in-the-middle attacks. Hackers have created malicious software
> programs than
> can modify data as it is sent to a bank's Web server but then display the
> information
> the consumer intended in the browser. As a result, a person's bank account
> could
> be emptied. Man-in-the-middle attacks are also effective even if the
> bank's customer
> is using a one-time password generator.
> The ZTIC, however, bypasses the browser and goes directly to the bank. It
> ensures
> that the data exchanged is accurate. For example, say a bank customer
> wants to transfer
> money. The customer will input US$100 into a form in the browser. The
> bank's servers
> will then try to confirm the amount. During a man-in-the-middle attack,
> the attacker
> is capable of transferring $1,000 but can modify the confirmation message
> to still
> show $100. Since it has a direct secure connection with the bank's
> servers, the ZTIC
> will show the amount that actually has been requested to be sent. So even
> if the
> browser shows a confirmation for $100, the ZTIC will show $1,000,
> indicating a man-in-the-middle
> attack in progress, Baentsch said. The user would know to reject the
> transaction
> and press the red "x" button on the ZTIC. "If malware is attacking your
> online banking
> transaction, it will show you something strange has happened," Baentsch
> said.
> IBM expended a lot of effort to figure how to initiate an SSL session
> within a USB
> stick, Baentsch said. It takes some processing muscle, and since the USB
> runs independent
> of the PC, it does not have access to the computer's processor.
> ZTIC uses a chip from microprocessor designer ARM, and the software has
> been designed
> so it can quickly establish a SSL session, Baentsch said. Although it is a
> memory
> stick, no data can be stored on it, which also prevents malicious software
> from infecting
> it.
> Using ZTIC would also prevent phishing attacks, where a fraudulent Web
> site tries
> to elicit sensitive details from a user, and pharming attacks, where DNS
> (Domain
> Name System) settings have been tampered with, Baentsch said. ZTIC checks
> to ensure
> that the Web site has a valid security certificate.
> IBM has internal figures on how much the ZTIC might cost for banks, but
> Baentsch
> wouldn't reveal them, saying that it would depend on the final design
> specifications
> of the ZTIC and other factors.

Messages in this topic <;_ylc=X3oDMTM3ZG11dW10BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRtc2dJZAMxNzIwNQRzZWMDZnRyBHNsawN2dHBjBHN0aW1lAzEyMzY4MDk4ODkEdHBjSWQDMTcyMDU-> (1) Reply (via web post) <;_ylc=X3oDMTJybmZxZWczBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRtc2dJZAMxNzIwNQRzZWMDZnRyBHNsawNycGx5BHN0aW1lAzEyMzY4MDk4ODk-?act=reply&messageNum=17205> | Start a new topic <;_ylc=X3oDMTJmMzJqcXJqBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNudHBjBHN0aW1lAzEyMzY4MDk4ODk-> Messages <;_ylc=X3oDMTJmNWw4ZGduBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNtc2dzBHN0aW1lAzEyMzY4MDk4ODk-> | Files <;_ylc=X3oDMTJnNGRiZjVzBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNmaWxlcwRzdGltZQMxMjM2ODA5ODg5> | Photos <;_ylc=X3oDMTJma2VvdWswBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNwaG90BHN0aW1lAzEyMzY4MDk4ODk-> | Links <;_ylc=X3oDMTJnODE5YmNvBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNsaW5rcwRzdGltZQMxMjM2ODA5ODg5> | Database <;_ylc=X3oDMTJkYmgzZDRoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNkYgRzdGltZQMxMjM2ODA5ODg5> | Polls <;_ylc=X3oDMTJnamwybG1kBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNwb2xscwRzdGltZQMxMjM2ODA5ODg5> | Members <;_ylc=X3oDMTJmcTBiM3NoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNtYnJzBHN0aW1lAzEyMzY4MDk4ODk-> | Calendar <;_ylc=X3oDMTJlYWRjb2FpBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNjYWwEc3RpbWUDMTIzNjgwOTg4OQ--> This list is owned by Jimmy Podsim. Moderator Frank. If you have any questions or complaints, please send them to
blindAccessHelp-owner@xxxxxxxxxxxxxxx .  I hope you find this list helpful.

Yahoo! Groups <;_ylc=X3oDMTJlM3BrN3I4BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNnZnAEc3RpbWUDMTIzNjgwOTg4OQ--> Change settings via the Web <;_ylc=X3oDMTJncjNkYjZoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNzdG5ncwRzdGltZQMxMjM2ODA5ODg5> (Yahoo! ID required) Change settings via email: Switch delivery to Daily Digest <mailto:blindAccessHelp-digest@xxxxxxxxxxxxxxx?subject=Email%20Delivery:%20Digest> | Switch format to Traditional <mailto:blindAccessHelp-traditional@xxxxxxxxxxxxxxx?subject=Change%20Delivery%20Format:%20Traditional> Visit Your Group <;_ylc=X3oDMTJlMzg2YzI0BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNocGYEc3RpbWUDMTIzNjgwOTg4OQ--> | Yahoo! Groups Terms of Use <> | Unsubscribe <mailto:blindAccessHelp-unsubscribe@xxxxxxxxxxxxxxx?subject=>
Recent Activity

     New Members

Visit Your Group <;_ylc=X3oDMTJmOGIxZHFyBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDdnRsBHNsawN2Z2hwBHN0aW1lAzEyMzY4MDk4ODk->
Give Back

Yahoo! for Good <;_ylg=1/SIG=11314uv3k/**http%3A//>

Get inspired

by a good cause.

Y! Toolbar

Get it Free! <;_ylg=1/SIG=11c6dvmk9/**http%3A//>

easy 1-click access

to your groups.

Yahoo! Groups

Start a group <;_ylc=X3oDMTJwMnVsMmdwBF9TAzk3MzU5NzE0BF9wAzMEZ3JwSWQDMTkxMTg2NTgEZ3Jwc3BJZAMxNzA1MDA3NzA5BHNlYwNuY21vZARzbGsDZ3JvdXBzMgRzdGltZQMxMjM2ODA5ODg5>

in 3 easy steps.

Connect with others.




Nimer M. Jaber

The information transmitted is intended only for the person or entity to which 
is addressed and may contain confidential and/or privileged material. Any 
retransmission, dissemination or other use of, or taking of any action in 
upon this information by persons or entities other than the intended recipient 
prohibited. If you received this in error, please contact the sender via reply 
e-mail, and delete the
material from any computer.

(720) (251-4530)

To unsubscribe, please send a blank email to
with unsubscribe in the subject line.
To access the archives, please visit:


Other related posts:

  • » blind_html [Fwd: BAH IBM Looks To Secure Banking With USB Stick] - Nimer