Sep
06
2007
Greater Than 1. Defeating “Strong” Authentication in Web Applications (for Online Banking)
Posted by: Sergey Chernyshev in UncategorizedThanks to Alex Moskalyuk who posted a link to DEFCON 15 videos – first presentation video (with attack demo and presentation slides) is about attacking web applications that are used in US banking systems. Presented by Brendan O’Connor.
It’s ridiculous how bank’s security specialists are not familiar with web technologies. Brendan makes a good point – let consumer share the cost of hardware tockens, if it means better security, people will use them. Stop marginalizing the business that is about people’s money.
See it on TechPresentations.org: Greater Than 1. Defeating “Strong” Authentication in Web Applications (for Online Banking)
Update: Actual videos were posted by Carsten Cumbrowski AKA Roy/SAC. Here’s his blog entry.
Entries (RSS)