>At 12:38 AM 05/24/2001 +0200, <[EMAIL PROTECTED]> wrote:
>
>>I don't see any problem with people knowing my account number per se, but I
>>agree the e-gold system only offers very basic level security. To get into
>>my main online bank account and send money, I need:
>>
>>1) A customer login number - not the same as my account number
>>2) A permanent password
>>3) A password requested at random from a list of 25 on a card.
>>
>>I would fully support a multi-password system like the above for e-gold.
>>It's pretty simple to use when you get used to it.
>
>Rather than a Payment #, e-gold could enhance the system so you
>use a log-in # which is different from your a/c #. This way, you never
>reveal your log-in # to anyone. This would make e-gold much more
>secure.
>
>Frederick Mann
Fredrick, keyboard sniffers DEFEAT ALL SECURITY that is keyboard
based. Including PGP.
Completely, utterly, you're fucked.
There is no way around it, unfortunately.
Saying "log in number!" is no different from saying "password!".
It's just A LONGER PASSWORD.
It means absolutely nothing.
There is (unfortunately) no "way around" leyboard sniffing attacks.
People have suggested "rhythm" methods where you have to type in your
password at a certain speed (say, for six letters, slow slow slow
fast fast fast .. or whatever)
A natty little idea, but also easily "sniffed" by a simply-modified
keyboard sniffer.
If one is un-savvy enough to allow funny files to be run on your
computer, one is screwed no matter what.
Yelling the word "TROJAN" over and over and over and over and over
and over and over and over and over does not negate the reality that
"I WAS HIT BY A TROJAN VIRUS"
is equivalent to saying
"I UNFORTUNATELY KNOW NEXT-TO-NOTHING ABOUT COMPUTERS"
Here is the reality:
EGOLD, AND NO-ONE ELSE, CARES IF YOU ARE THAT RECKLESS.
Saying "I was hit by a trojan virus I was hit by a trojan virus I was
hit by a trojan virus I was hit by a trojan virus I was hit by a
trojan virus I was hit by a trojan virus I was hit by a trojan virus
I was hit by a trojan virus I was hit by a trojan virus I was hit by
a trojan virus I was hit by a trojan virus" is EQUIVALENT TO SAYING
"I am incompetent".
Unfortunately it does NOT EVOKE SYMPATHY OR SPECIAL TREATMENT.
Buy a mac. Actually, even macs have commonly available keyboard
sniffers, but you are less susceptible to TROJAN TROJAN TROJAN
applications.
Here, http://store.apple.com, buy an iBook.
A $1000 solution to 99% of this fucking "I WAS HIT BY A TROJAN VIRUS" stuff.
Seriously, e-gold should just hand out iMacs to CUT DOWN ON THE NUISANCE!
DONT
RUN
PORNO
ATTACHMENTS
IF
YOU
HAVE
A
PC
Again, unfortunately your "more passwords / more log ins" suggestion
does not logically achieve anything.
Like I say, e-gold could move to a "smart card" model like metal
savings has as a test system. Other than that, a password is a
password is a password is a password.
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
