> Picture a hacker receiving data streams from a number of > Trojans he's planted in the computers of e-gold a/c holders. ***I suggest doing a little reading about protecting yourself from trojans as as good start. Perhaps start with something simple like ZoneAlarm this will take care of most trojans. It uses digital signature to verify all programs it allows to connect to net so there is no way to trick it changing the name or so. If that's not enough get some sound commercial product although I don't think you'll ever need it for home usage. ***As soon as we go that far as "trojan is planted" I don't want to hear any referrences to security, please. > In one case, he knows the e-gold a/c #. He has a program > which scans the data stream, looking for the a/c #. When > he finds it, it's very likely that what follows is the password. > This makes it very easy for the hacker to find the password. ***Well that's only in case you don't really now how to analyse your data stream. Otherwise it doesn't really matter do you or don't know the username, you can simply scan all data with some simple script to filter usernames, passwords, e-gols, e-mail, etc. ***Bottom line: it's risky to talk about security if you don't understand it - basically the same way like it's tricky to make legal statements without understanding the law or try to give prescription advice based on "things you heard". I definitelly think E-gold (as any other system) appreciates any input regarding present insecurity (should somebody detect it), but: 1) normaly you report that directly to the system operator (why would you like notify hackers?), 2) please at least do a little homework 9what has happened to the net - almost anybody thinks they know so much about security just because they've learned few funcy words by reading some "hacker CD sets". -Soft ----- Original Message ----- From: BigBooster <[EMAIL PROTECTED]> To: e-gold Discussion <[EMAIL PROTECTED]> Cc: Douglas Jackson <[EMAIL PROTECTED]>; James Turk <[EMAIL PROTECTED]> Sent: Tuesday, June 12, 2001 5:03 PM Subject: [e-gold-list] Re: My security measures > At 03:40 PM 06/12/2001 -0400, Paul Richards <[EMAIL PROTECTED]> wrote: > > >Seems to me, that if a keyboard sniffer is present, then typing a login ID > >would be reported, along with the password, so what difference would > >having another ID make?! > > It makes a huge difference. > > Picture a hacker receiving data streams from a number of > Trojans he's planted in the computers of e-gold a/c holders. > > In one case, he knows the e-gold a/c #. He has a program > which scans the data stream, looking for the a/c #. When > he finds it, it's very likely that what follows is the password. > This makes it very easy for the hacker to find the password. > --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED]
