Hall of Shame of Unprotected Login Sites, and Phishing/Spoofing FAQ
Many important, sensitive login sites are not protected, making it easier to steal passwords from naive (and even experienced) users. See `Hall of Shame` listing such sites at http://www.cs.biu.ac.il/~herzbea/Shame.html Examples: Banks and FIs: PayPal, Chase, SmithBarney (CitiGroup), Bank of America, TD Waterhouse, Amex, FirstCommand Bank, MidFirst Bank Security services: MicroSoft Passport, EquiFax, InstantSSL All sites were warned before being added to the Hall of Shame (few actually fixed their sites and are therefore not on the page, e.g. eBay). A related resource - a FAQ on phishing and spoofing, at http://www.cs.biu.ac.il/~herzbea/shame/FAQ.htm -- Best regards, Amir Herzberg Associate Professor Department of Computer Science Bar Ilan University http://AmirHerzberg.com New: see my Hall Of Shame of Unprotected Login pages: http://AmirHerzberg.com/shame.html
Re: RSA Conference, and BA Cypherpunks
Cool, and dinner much better for this sort of thing imho; but Wedn. is also taken. So I vote for Tuesday evening dinner/pub thing. Best, Amir Herzberg Trei, Peter wrote: Once again, the RSA Conference is upon us, and many of the corrospondents on these lists will be in San Francisco. I'd like to see if anyone is interested in getting together. We've done this before. At past conferences, we've had various levels of participation, from 50 down to 3. Since the BAC Physical Meetings seem to have pretty well died out, I'd like to propose that those of us who are interested get together for lunch or dinner at some point. I'll be arriving on site Monday afternoon, and leaving Friday morning. Thursday night, at least, is already spoken for. At the moment, it looks like Monday or Tuesday night may be the best, though a lunch is also possible. Any takers? Peter Trei [EMAIL PROTECTED] RSA Data Security Conference Dates: Feb 14-18 2005 Place: Moscone Center, San Francisco http://www.rsaconference.com While the full conference is rather expensive, note that you can get a free Expo pass if you register online by 5pm Feb 14th. - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] .
Re: Internetmoney.com
Privacy isn't the only concern... notice this from their Q&A: Where and with whom do I dispute suspicious or fraudulent charges? If you need to dispute any purchase made with your iMC Card, you will need to make those disputes with your credit card company or your bank or investment broker. Does iMC offer any kind of fraud protection guarantee? Yes. iMC guarantees that you will not be held liable for any fraud committed with your card by someone other than yourself. My biggest problem with these schemes is that there are so many of them - yet they are non-interoperable. Which means a buyer with account with internetcash can't but from a merchant of internetmoney, etc... What we try to provide is a technology that will allow multiple providers of payment services to offer convinient and secure solutions - which interoperate. Best Regards, Amir Herzberg IBM Research Lab in Haifa (Tel Aviv Office) http://www.hrl.il.ibm.com