I'm more worried about the current hackers that can steel identities and empty bank accounts, *shrug*
inthane----- Original Message ----- From: "Nimer" <nimerjaber1@xxxxxxxxx>
To: <blind_html@xxxxxxxxxxxxx> Sent: Friday, March 13, 2009 2:18 PMSubject: blind_html Re: [Fwd: BAH IBM Looks To Secure Banking With USB Stick]
Because, I don't know about you, but I am paranoid. What happens if instead of putting security on a device, IBM put backdoors or keyloggers or whatever on them? Not saying that IBm would, but I get suspicious with this type of thing.Nimer J The Elf wrote:I donno, why don't you?it seems viable and as if it will actually make the transactions safer, though not totally safe, nothing is totally safe.inthane ----- Original Message ----- From: "Nimer" <nimerjaber1@xxxxxxxxx> To: <blind_html@xxxxxxxxxxxxx> Sent: Wednesday, March 11, 2009 3:18 PM Subject: blind_html [Fwd: BAH IBM Looks To Secure Banking With USB Stick]Why don't I trust this? -------- Original Message -------- Subject: BAH IBM Looks To Secure Banking With USB Stick Date: Wed, 11 Mar 2009 18:17:48 -0400 From: Lisa <whitedove621@xxxxxxxxxxxxx> Reply-To: blindAccessHelp@xxxxxxxxxxxxxxx To: <blindAccessHelp@xxxxxxxxxxxxxxx> > No word on accessibility at this point. > IBM Looks To Secure Banking With USB Stick > IBM's Zurich research laboratory has developed a USB stick that the > company says > can ensure safe banking transactions even if a PC is riddled with malware. > A prototype of the device, called ZTIC (Zone Trusted Information Channel), > is on > display for the first time at the Cebit trade show this week. IBM hopes to > entice > banks into buying it for online banking, which saves banks money on > personnel costs > but is constantly under siege by hackers. > When plugged into a computer, ZTIC is configured to open a secure SSL > (Secure Sockets > Layer) connection with a bank's servers, said Michael Baentsch, product > manager for > BlueZ Business Computing at the Zurich lab. > ZTIC is also a smart-card reader and can accept a person's bank card for > verification. > Once a PIN (personal identification number) is verified, a transaction can > be initiated > through a Web browser. > Web browsers, however, are a point of weakness for online banking because > of so-called > man-in-the-middle attacks. Hackers have created malicious software > programs than > can modify data as it is sent to a bank's Web server but then display the > information > the consumer intended in the browser. As a result, a person's bank account > could > be emptied. Man-in-the-middle attacks are also effective even if the > bank's customer > is using a one-time password generator. > The ZTIC, however, bypasses the browser and goes directly to the bank. It > ensures > that the data exchanged is accurate. For example, say a bank customer > wants to transfer > money. The customer will input US$100 into a form in the browser. The > bank's servers > will then try to confirm the amount. During a man-in-the-middle attack, > the attacker > is capable of transferring $1,000 but can modify the confirmation message > to still > show $100. Since it has a direct secure connection with the bank's > servers, the ZTIC > will show the amount that actually has been requested to be sent. So even > if the > browser shows a confirmation for $100, the ZTIC will show $1,000, > indicating a man-in-the-middle > attack in progress, Baentsch said. The user would know to reject the > transaction > and press the red "x" button on the ZTIC. "If malware is attacking your > online banking > transaction, it will show you something strange has happened," Baentsch > said. > IBM expended a lot of effort to figure how to initiate an SSL session > within a USB > stick, Baentsch said. It takes some processing muscle, and since the USB > runs independent > of the PC, it does not have access to the computer's processor. > ZTIC uses a chip from microprocessor designer ARM, and the software has > been designed > so it can quickly establish a SSL session, Baentsch said. Although it is a > memory > stick, no data can be stored on it, which also prevents malicious software > from infecting > it. > Using ZTIC would also prevent phishing attacks, where a fraudulent Web > site tries > to elicit sensitive details from a user, and pharming attacks, where DNS > (Domain > Name System) settings have been tampered with, Baentsch said. ZTIC checks > to ensure > that the Web site has a valid security certificate. > IBM has internal figures on how much the ZTIC might cost for banks, but > Baentsch > wouldn't reveal them, saying that it would depend on the final design > specifications > of the ZTIC and other factors. > __._,_.___Messages in this topic <http://groups.yahoo.com/group/blindAccessHelp/message/17205;_ylc=X3oDMTM3ZG11dW10BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRtc2dJZAMxNzIwNQRzZWMDZnRyBHNsawN2dHBjBHN0aW1lAzEyMzY4MDk4ODkEdHBjSWQDMTcyMDU-> (1) Reply (via web post) <http://groups.yahoo.com/group/blindAccessHelp/post;_ylc=X3oDMTJybmZxZWczBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRtc2dJZAMxNzIwNQRzZWMDZnRyBHNsawNycGx5BHN0aW1lAzEyMzY4MDk4ODk-?act=reply&messageNum=17205> | Start a new topic <http://groups.yahoo.com/group/blindAccessHelp/post;_ylc=X3oDMTJmMzJqcXJqBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNudHBjBHN0aW1lAzEyMzY4MDk4ODk-> Messages <http://groups.yahoo.com/group/blindAccessHelp/messages;_ylc=X3oDMTJmNWw4ZGduBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNtc2dzBHN0aW1lAzEyMzY4MDk4ODk-> | Files <http://groups.yahoo.com/group/blindAccessHelp/files;_ylc=X3oDMTJnNGRiZjVzBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNmaWxlcwRzdGltZQMxMjM2ODA5ODg5> | Photos <http://groups.yahoo.com/group/blindAccessHelp/photos;_ylc=X3oDMTJma2VvdWswBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNwaG90BHN0aW1lAzEyMzY4MDk4ODk-> | Links <http://groups.yahoo.com/group/blindAccessHelp/links;_ylc=X3oDMTJnODE5YmNvBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNsaW5rcwRzdGltZQMxMjM2ODA5ODg5> | Database <http://groups.yahoo.com/group/blindAccessHelp/database;_ylc=X3oDMTJkYmgzZDRoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNkYgRzdGltZQMxMjM2ODA5ODg5> | Polls <http://groups.yahoo.com/group/blindAccessHelp/polls;_ylc=X3oDMTJnamwybG1kBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNwb2xscwRzdGltZQMxMjM2ODA5ODg5> | Members <http://groups.yahoo.com/group/blindAccessHelp/members;_ylc=X3oDMTJmcTBiM3NoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNtYnJzBHN0aW1lAzEyMzY4MDk4ODk-> | Calendar <http://groups.yahoo.com/group/blindAccessHelp/calendar;_ylc=X3oDMTJlYWRjb2FpBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNjYWwEc3RpbWUDMTIzNjgwOTg4OQ--> This list is owned by Jimmy Podsim. Moderator Frank. If you have any questions or complaints, please send them to blindAccessHelp-owner@xxxxxxxxxxxxxxx . I hope you find this list helpful.Yahoo! Groups <http://groups.yahoo.com/;_ylc=X3oDMTJlM3BrN3I4BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNnZnAEc3RpbWUDMTIzNjgwOTg4OQ--> Change settings via the Web <http://groups.yahoo.com/group/blindAccessHelp/join;_ylc=X3oDMTJncjNkYjZoBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNzdG5ncwRzdGltZQMxMjM2ODA5ODg5> (Yahoo! ID required) Change settings via email: Switch delivery to Daily Digest <mailto:blindAccessHelp-digest@xxxxxxxxxxxxxxx?subject=Email%20Delivery:%20Digest> | Switch format to Traditional <mailto:blindAccessHelp-traditional@xxxxxxxxxxxxxxx?subject=Change%20Delivery%20Format:%20Traditional> Visit Your Group <http://groups.yahoo.com/group/blindAccessHelp;_ylc=X3oDMTJlMzg2YzI0BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDZnRyBHNsawNocGYEc3RpbWUDMTIzNjgwOTg4OQ--> | Yahoo! Groups Terms of Use <http://docs.yahoo.com/info/terms/> | Unsubscribe <mailto:blindAccessHelp-unsubscribe@xxxxxxxxxxxxxxx?subject=>Recent Activity * 1 New Members <http://groups.yahoo.com/group/blindAccessHelp/members;_ylc=X3oDMTJnaGpya3A5BF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDdnRsBHNsawN2bWJycwRzdGltZQMxMjM2ODA5ODg5>Visit Your Group <http://groups.yahoo.com/group/blindAccessHelp;_ylc=X3oDMTJmOGIxZHFyBF9TAzk3MzU5NzE0BGdycElkAzE5MTE4NjU4BGdycHNwSWQDMTcwNTAwNzcwOQRzZWMDdnRsBHNsawN2Z2hwBHN0aW1lAzEyMzY4MDk4ODk->Give BackYahoo! for Good <http://us.lrd.yahoo.com/_ylc=X3oDMTJuYTlvOG41BF9TAzk3MzU5NzE0BF9wAzEEZ3JwSWQDMTkxMTg2NTgEZ3Jwc3BJZAMxNzA1MDA3NzA5BHNlYwNuY21vZARzbGsDYnJhbmQEc3RpbWUDMTIzNjgwOTg4OQ--;_ylg=1/SIG=11314uv3k/**http%3A//brand.yahoo.com/forgood>Get inspired by a good cause. Y! ToolbarGet it Free! <http://us.lrd.yahoo.com/_ylc=X3oDMTJwMjFuanBqBF9TAzk3MzU5NzE0BF9wAzIEZ3JwSWQDMTkxMTg2NTgEZ3Jwc3BJZAMxNzA1MDA3NzA5BHNlYwNuY21vZARzbGsDdG9vbGJhcgRzdGltZQMxMjM2ODA5ODg5;_ylg=1/SIG=11c6dvmk9/**http%3A//toolbar.yahoo.com/%3F.cpdl=ygrps>easy 1-click access to your groups. Yahoo! GroupsStart a group <http://groups.yahoo.com/start;_ylc=X3oDMTJwMnVsMmdwBF9TAzk3MzU5NzE0BF9wAzMEZ3JwSWQDMTkxMTg2NTgEZ3Jwc3BJZAMxNzA1MDA3NzA5BHNlYwNuY21vZARzbGsDZ3JvdXBzMgRzdGltZQMxMjM2ODA5ODg5>in 3 easy steps. Connect with others. . __,_._,___ -- Nimer M. JaberThe information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender via reply e-mail, and delete thematerial from any computer. Website: http://www.empowertheblind.org Phone: (720) (251-4530) blind_html To unsubscribe, please send a blank email to blind_html-request@xxxxxxxxxxxxx with unsubscribe in the subject line. To access the archives, please visit: //www.freelists.org/archive/blind_html Thanksblind_html To unsubscribe, please send a blank email to blind_html-request@xxxxxxxxxxxxx with unsubscribe in the subject line. To access the archives, please visit: //www.freelists.org/archive/blind_html Thanks-- Nimer M. JaberThe information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender via reply e-mail, and delete thematerial from any computer. Website: http://www.empowertheblind.org Phone: (720) (251-4530) blind_html To unsubscribe, please send a blank email to blind_html-request@xxxxxxxxxxxxx with unsubscribe in the subject line. To access the archives, please visit: //www.freelists.org/archive/blind_html Thanks
blind_html To unsubscribe, please send a blank email to blind_html-request@xxxxxxxxxxxxx with unsubscribe in the subject line. To access the archives, please visit: //www.freelists.org/archive/blind_html Thanks
