« Call for papers
Seam Carving for Content-Aware Image Resizing »
Sep 06 2007

Greater Than 1. Defeating “Strong” Authentication in Web Applications (for Online Banking)

Posted by: Sergey Chernyshev in Uncategorized

Thanks to Alex Moskalyuk who posted a link to DEFCON 15 videos - first presentation video (with attack demo and presentation slides) is about attacking web applications that are used in US banking systems. Presented by Brendan O’Connor.

It’s ridiculous how bank’s security specialists are not familiar with web technologies. Brendan makes a good point - let consumer share the cost of hardware tockens, if it means better security, people will use them. Stop marginalizing the business that is about people’s money.

See it on TechPresentations.org: Greater Than 1. Defeating “Strong” Authentication in Web Applications (for Online Banking)

Update: Actual videos were posted by Carsten Cumbrowski AKA Roy/SAC. Here’s his blog entry.

This entry was posted on Thursday, September 6th, 2007 at 10:33 am and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

4 Responses to “Greater Than 1. Defeating “Strong” Authentication in Web Applications (for Online Banking)”
  1. Carsten Cumbrowski says:

    September 6th, 2007 at 2:19 pm

    Hi,

    FYI. I put up the video and PDF two days ago, together with 46 other session videos (and more to come).

    See my post about the DefCon Session Videos at my personal blog.

    Cheers!
    Carsten

  2. Sergey Chernyshev says:

    September 8th, 2007 at 11:12 pm

    Thanks, Carsten, I’ll probably post more videos here http://www.techpresentations.org/DEFCON_15 if I’ll have time to watch them.

  3. Carsten aka Roy/SAC says:
  4. Carsten aka Roy/SAC says:
Leave a Reply