> Why make it easy for even relatively unskilled hackers to
> raid e-gold a/cs?
Why waste all the time, effort, & money needed to effect such a change for
relatively unskilled users who will just find another way to lose control
of their account and demand yet more & more ineffective security means
because it wasn't their fault?
What you are talking about will not deter *any* thieves; hackers is the
*wrong* term - don't make me go off on that rant. If for some reason, i.e.
doug gets possessed by a weak-willed demon, e-gold ltd. does decide to
implement login#s, it won't be long (think days) before the script kiddies
have the following tool easily availble to them.
Same trojan insertion techinques, same keyboard sniffing, however now the
program watches outbound net traffic for
'https://www.e-gold.com/acct/login.html' or 'use.e-gold.com', because it
is possible to bookmark those pages and access them without typing them
in.
The login# is a completely ineffective method of security. The only
security it provides is a false sense of said security.
> What becomes even clearer from your post is that it's
> dangerous if [thieves] find out you have an e-gold a/c,
> you use Windows, and your system is insecure.
er... yeah... They won't find know if your system is insecure until they
already have your acct# & passphrase though. It's best not to give the
chance.
Viking Coder
________________
Worth Two Cents?
http://www.2cw.org/VikingCoder
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
