Collected Postings

2009- Collected Postings, 2007-2008 Collected Postings, 2005-2006 Collected Postings, 2003-2004 Collected Postings, 2001-2002 Collected Postings, 1993-2000 Collected Postings, Internet History Postings, Old EMAIL Index

three factor authentcation
Assurance
some mention of EU FINREAD
Risk, Fraud, Exploits, Threats, Vulnerabilities
Account Number Harvesting
postings mentioning MITM attacks
Buffer overflows, overruns, exploits
Secrets and Account numbers
Counterfeit YES CARDS
Naked Transaction Metaphor

Risk, Fraud, Exploits, Threats, Vulnerabilities

aadsmail.htm#variations variations on your account-authority model (small clarification)
aadsmail.htm#complex AADS/CADS complexity issue
aadsmail.htm#parsim parsimonious
aadsmail.htm#fraud Human Nature ... a little cross-posting
aadsmail.htm#mfraud AADS, X9.59, security, flaws, privacy
aadsmail.htm#liability AADS & X9.59 performance and algorithm key sizes
aadsmail.htm#vbank Statistical Attack Against Virtual Banks (fwd)
aadsm2.htm#risk another characteristic of online validation
aadsm2.htm#integrity Scale (and the SRV record)
aadsm2.htm#account A different architecture? (was Re: certificate path
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#straw AADS Strawman
aadsm2.htm#strawm3 AADS Strawman
aadsm2.htm#keylength On leaving the 56-bit key length limitation
aadsm3.htm#cstech3 cardtech/securetech & CA PKI
aadsm3.htm#cstech4 cardtech/securetech & CA PKI
aadsm3.htm#cstech5 cardtech/securetech & CA PKI
aadsm3.htm#cstech6 cardtech/securetech & CA PKI
aadsm3.htm#cstech7 cardtech/securetech & CA PKI
aadsm3.htm#cstech8 cardtech/securetech & CA PKI
aadsm3.htm#cstech9 cardtech/securetech & CA PKI
aadsm3.htm#cstech10 cardtech/securetech & CA PKI
aadsm3.htm#cstech12 cardtech/securetech & CA PKI
aadsm3.htm#cstech13 cardtech/securetech & CA PKI
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss8 KISS for PKIX
aadsm3.htm#kiss9 KISS for PKIX .... password/digital signature
aadsm4.htm#2 Public Key Infrastructure: An Artifact
aadsm4.htm#4 Public Key Infrastructure: An Artifact
aadsm4.htm#9 Thin PKI won - You lost
aadsm5.htm#epaym "e-payments" email discussion list is now "Internet-payments"
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm5.htm#encryp Encryption article
aadsm5.htm#liex509 Lie in X.BlaBla
aadsm5.htm#pkimort PKI: Evolve or Die
aadsm5.htm#pkimort2 problem with the death of X.509 PKI
ansiepay.htm#privacy more on privacy
ansiepay.htm#x959pkni Ellison/Schneier article on Risks of PKI ... fyi
ansiepay.htm#cardsteal Stealing cards easy as Web browsing
ansiepay.htm#breach Security breach raises questions about Internet shopping
ansiepay.htm#theory Security breach raises questions about Internet shopping
ansiepay.htm#scaads X9.59 related press release at smartcard forum
ansiepay.htm#ifraud Internet Fraud
aepay2.htm#fed Federal CP model and financial transactions
aepay2.htm#cadis disaster recovery cross-posting
aepay2.htm#aadsx959 Account Authority Digital Signatures ... in support of x9.59
aepay2.htm#aadspriv Account Authority Digital Signatures ... in support of x9.59
aepay3.htm#riskm The Thread Between Risk Management and Information Security
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#x959risk1 Risk Management in AA / draft X9.59
aepay3.htm#x959risk2 Risk Management in AA / draft X9.59
aepay3.htm#x959risk3 Risk Management in AA / draft X9.59
aepay3.htm#x959risk4 Risk Management in AA / draft X9.59
aepay3.htm#smrtcrd Smart Cards with Chips encouraged ... fyi
aepay4.htm#privis privacy issues
aepay4.htm#dnsinteg1 Domain Name integrity problem
aepay4.htm#visaset2 Visa Delicately Gives Hook to SET Standard
aepay5.htm#pkiillfit Some PKI references from yesterday's SlashDot
aepay5.htm#crackegg hackers crack egghead.com
aepay6.htm#fraud Online Card Fraud Thirty Times That Offline
aepay6.htm#x959b X9.59 Electronic Payment standard issue
aepay6.htm#docstore ANSI X9 Electronic Standards "store"
aepay6.htm#vouc implementations of "XML Voucher: Generic Voucher Language"?
aepay6.htm#harvest harvesting of credit card numbers
aepay6.htm#erictalk Announce: Eric Hughes giving Stanford EE380 talk this
aepay6.htm#ccfraud latest credit scam puts plastic in peril ... is your credit card being cloned?
98.html#41 AADS, X9.59, & privacy
99.html#85 Perfect Code
99.html#136 checks (was S/390 on PowerPC?)
99.html#156 checks (was S/390 on PowerPC?)
99.html#163 IBM Assembler 101
99.html#167 checks (was S/390 on PowerPC?)
99.html#168 checks (was S/390 on PowerPC?)
99.html#170 checks (was S/390 on PowerPC?)
99.html#171 checks (was S/390 on PowerPC?)
99.html#172 checks (was S/390 on PowerPC?)
99.html#189 Internet Credit Card Security
99.html#228 Attacks on a PKI
99.html#235 Attacks on a PKI
99.html#238 Attacks on a PKI
99.html#240 Attacks on a PKI
2000.html#25 Computer of the century
2000.html#28 Homework: Negative side of MVS?
2000.html#32 Homework: Negative side of MVS?
2000.html#36 "Trusted" CA - Oxymoron?
2000.html#42 "Trusted" CA - Oxymoron?
2000.html#46 question about PKI
2000.html#57 RealNames hacked. Firewall issues
2000.html#60 RealNames hacked. Firewall issues
2000b.html#17 ooh, a real flamewar :)
2000b.html#22 ooh, a real flamewar :)
2000c.html#40 Domainatrix - the final word
2000e.html#44 Why trust root CAs?
2000e.html#45 IBM's Workplace OS (Was: .. Pink)
2000f.html#1 Why trust root CAs?
2000f.html#4 Why trust root CAs?
2000f.html#14 Why trust root CAs?
2000f.html#22 Why trust root CAs?
2000f.html#50 Al Gore and the Internet (Part 2 of 2)
2000f.html#64 Cryptogram Newsletter is off the wall?
2000f.html#69 TSS ancient history, was X86 ultimate CISC? designs)
2000f.html#72 SET; was Re: Why trust root CAs?
2000g.html#33 does CA need the proof of acceptance of key binding?
2000g.html#35 does CA need the proof of acceptance of key binding?
2000g.html#41 Egghead cracked, MS IIS again
2001b.html#58 Checkpoint better than PIX or vice versa???
2001c.html#15 OS/360 (was LINUS for S/390)
2001c.html#30 PKI and Non-repudiation practicalities
2001c.html#32 How Commercial-Off-The-Shelf Systems make society vulnerable
2001c.html#38 How Commercial-Off-The-Shelf Systems make society vulnerable
2001c.html#41 PKI and Non-repudiation practicalities
2001c.html#42 PKI and Non-repudiation practicalities
2001c.html#44 PKI and Non-repudiation practicalities
2001c.html#45 PKI and Non-repudiation practicalities
2001c.html#46 PKI and Non-repudiation practicalities
2001c.html#47 PKI and Non-repudiation practicalities
2001c.html#50 PKI and Non-repudiation practicalities
2001c.html#51 PKI and Non-repudiation practicalities
2001c.html#54 PKI and Non-repudiation practicalities
2001c.html#58 PKI and Non-repudiation practicalities
2001c.html#59 PKI and Non-repudiation practicalities
2001c.html#61 Risk management vs security policy
2001c.html#73 PKI and Non-repudiation practicalities
2001d.html#1 SSL question
2001d.html#19 [Newbie] Authentication vs. Authorisation?
2001d.html#41 solicit advice on purchase of digital certificate
2001d.html#56 Pentium 4 Prefetch engine?
2001d.html#58 Very CISC Instuctions (Was: why the machine word size ...)
2001d.html#62 OT Re: A beautiful morning in AFM
2001e.html#37 Can I create my own SSL key?
2001e.html#39 Can I create my own SSL key?
2001e.html#48 Where are IBM z390 SPECint2000 results?
2001e.html#77 Apology to Cloakware (open letter)
2001e.html#82 The Mind of War: John Boyd and American Security
2001f.html#15 Medical data confidentiality on network comms
2001f.html#24 Question about credit card number
2001f.html#25 Question about credit card number
2001f.html#31 Remove the name from credit cards!
2001f.html#33 IBM's "VM for the PC" c.1984??
2001f.html#35 Security Concerns in the Financial Services Industry
2001f.html#40 Remove the name from credit cards!
aepay6.htm#ccfraud2 "out of control credit card fraud"
aepay6.htm#ccfraud3 "out of control credit card fraud"
2001g.html#38 distributed authentication
aepay7.htm#fakeid Fake IDs swamp police
2001g.html#62 PKI/Digital signature doesn't work
2001g.html#63 PKI/Digital signature doesn't work
2001h.html#7 PKI/Digital signature doesn't work
aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
aadsm6.htm#websecure merchant web server security
2001h.html#64 Net banking, is it safe???
2001h.html#67 Would this type of credit card help online shopper to feel more secure?
2001h.html#68 Net banking, is it safe???
2001h.html#70 Net banking, is it safe???
2001i.html#16 Net banking, is it safe???
2001i.html#25 Net banking, is it safe???
2001i.html#26 No Trusted Viewer possible?
2001i.html#55 Computer security: The Future
2001i.html#56 E-commerce security????
2001i.html#57 E-commerce security????
2001j.html#0 E-commerce security????
2001j.html#2 E-commerce security????
2001j.html#5 E-commerce security????
2001j.html#9 E-commerce security????
aepay7.htm#netsecure some recent threads on netbanking & e-commerce security
2001j.html#43 Disaster Stories Needed
2001j.html#44 Does "Strong Security" Mean Anything?
2001j.html#52 Are client certificates really secure?
2001j.html#54 Does "Strong Security" Mean Anything?
2001k.html#0 Are client certificates really secure?
2001k.html#1 Are client certificates really secure?
aadsm6.htm#terror Did Encryption Empower These Terrorists?
aadsm6.htm#terror3 Did Encryption Empower These Terrorists?
aadsm6.htm#terror4 Did Encryption Empower These Terrorists?
aadsm6.htm#terror5 Did Encryption Empower These Terrorists?
aadsm6.htm#terror6 Did Encryption Empower These Terrorists?
aadsm6.htm#terror7 Did Encryption Empower These Terrorists?
aadsm6.htm#terror8 Did Encryption Empower These Terrorists?
aadsm6.htm#terror9 Did Encryption Empower These Terrorists?
aadsm6.htm#terror10 Did Encryption Empower These Terrorists?
aadsm6.htm#terror13 Did Encryption Empower These Terrorists?
aadsm6.htm#terror14 Did Encryption Empower These Terrorists?
2001k.html#43 Why is UNIX semi-immune to viral infection?
aepay7.htm#idtheft Another Thing to Feer: ID Theft
2001k.html#53 Why is UNIX semi-immune to viral infection?
2001k.html#55 I-net banking security
2001k.html#58 I-net banking security
aadsm7.htm#auth Who or what to authenticate?
2001l.html#10 E-commerce security????
aepay7.htm#idtheft2 Reports of Identity Theft Still Rising Fast
2001l.html#49 Virus propagation risks
aepay7.htm#3dsecure 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aepay7.htm#3dsecure2 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aepay7.htm#edsecure4 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aadsm7.htm#rubberhose Rubber hose attack
aadsm7.htm#rhose3 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#3dsecure 3D Secure Vulnerabilities?
aadsm8.htm#rhose17 when a fraud is a sale, Re: Rubber hose attack]
aadsm8.htm#3dvulner 3D Secure Vulnerabilities?
aadsm8.htm#3dvulner2 3D Secure Vulnerabilities?
aadsm8.htm#3dvulner3 3D Secure Vulnerabilities?
2001m.html#27 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aepay8.htm#ccfraud Almost Half UK E-Shopper's Fear Card Fraud (CC fraud increased by 50% in 2k)
aepay8.htm#ccfraud2 Statistics for General and Online Card Fraud
aepay8.htm#visapass VISA: All Your Password Are Belong to Us
aepay8.htm#x959paper Credit Card Fraud and E-Commerce: A Case Study
aepay8.htm#vulner ccount number & shared-secret vulnerabilities
2001n.html#30 FreeBSD more secure than Linux
2001n.html#90 Buffer overflow
2001n.html#91 Buffer overflow
2001n.html#93 Buffer overflow
aadsm10.htm#cfppki13 CFP: PKI research workshop
aadsm10.htm#cfppki14 CFP: PKI research workshop
aadsm10.htm#cfppki15 CFP: PKI research workshop
aadsm10.htm#smallpay2 Small/Secure Payment Business Models
aadsm10.htm#cfppki18 CFP: PKI research workshop
2002.html#19 Buffer overflow
2002.html#20 Younger recruits versus experienced veterans ( was Re: The demise of compaq
2002.html#23 Buffer overflow
2002.html#24 Buffer overflow
2002.html#25 ICMP Time Exceeded
2002.html#32 Buffer overflow
aadsm10.htm#hackhome Hackers Targeting Home Computers
2002.html#44 Calculating a Gigalapse
aadsm10.htm#risks credit card & gift card fraud (from today's comp.risks)
aepay9.htm#risks credit card & gift card fraud (from today's comp.risks)
aepay9.htm#skim High-tech Thieves Snatch Data From ATMs (including PINs)
aepay10.htm#4 Credit Card Scam
aadsm10.htm#tamper Limitations of limitations on RE/tampering (was: Re: biometrics)
aadsm10.htm#biometrics biometrics
2002c.html#7 Opinion on smartcard security requested
2002c.html#10 Opinion on smartcard security requested
2002c.html#15 Opinion on smartcard security requested
2002c.html#22 Opinion on smartcard security requested
2002c.html#23 Opinion on smartcard security requested
aepay10.htm#16 Worker Accused of Selling Colleagues' ID's Online (credit card scam)
2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
2002d.html#11 Security Proportional to Risk (was: IBM Mainframe at home)
2002e.html#58 O'Reilly C Book
2002f.html#10 Least folklorish period in computing (was Re: IBM Mainframe at home)
aadsm11.htm#44 Web site exposes credit card fraud
aadsm11.htm#45 Web site exposes credit card fraud
2002i.html#62 subjective Q. - what's the most secure OS?
2002i.html#72 A Lesson In Security
2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
2002j.html#38 MITM solved by AES/CFB - am I missing something?!
aadsm12.htm#11 Some security, fraud, attack, threat, references
aadsm12.htm#12 TOC for world bank e-security paper
2002j.html#60 How to map a user account to a digital cert?
2002j.html#53 SSL integrity guarantees in abscense of client certificates
aepay10.html#41 ATM Scams - Whose Liability Is It, Anyway?
aepay10.html#44 Credit Card Skimming Rising In The US
2002l.html#20 Backdoor in AES ?
aepay10.htm#45 Credit card theft feared in Windows flaw
2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation
aadsm12.htm#31 The Bank-model Was: Employee Certificates - Security Issues
aadsm12.htm#35 Electronic Security: Risk Mitigation in Financial Transactions
aadsm12.htm#36 two other financial electronic security related URLs
aadsm12.htm#40 In Brief: Anti-'Skimming' Guidelines Coming
aadsm12.htm#46 Fraudit helps registrars battle global online fraud
aadsm12.htm#47 Online Fraud Growing in Scale, Sophistication
2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
aepay10.htm#64 eBay Customers Targetted by Credit Card Scam
aadsm12.htm#57 eBay Customers Targetted by Credit Card Scam
aadsm12.htm#58 Time to ID Identity-Theft Solutions
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#91 SSL certs & baby steps
aepay10.htm#91 SSL certs & baby steps (addenda)
aepay10.htm#91 SSL certs & baby steps
aepay11.htm#3 Ministers to Act on Rise in Identity Theft
aepay11.htm#7 FTC says incidence of ID theft jumped in 2002
aepay11.htm#8 Internet Consumer Fraud Continues to Rise
aepay11.htm#9 Bank of America ATMs Disrupted by Virus
aepay11.htm#12 Star study: Identity Theft In The United States: An Update
aepay11.htm#17 Criminals using high-tech methods for old-style crimes
aepay11.htm#18 Hacker accesses 2.2 million credit cards
aepay11.htm#22 FBI Probing Theft of 8 Million Credit Card Numbers
aepay11.htm#32 Don't-Ask-Don't-Tell E-commerce
aepay11.htm#33 Spam's Being Used For Identity Theft And Blackmail, Symantec Says
aadsm14.htm#2 Who's afraid of Mallory Wolf? (addenda)
aadsm14.htm#3 Armoring websites
aadsm14.htm#5 Who's afraid of Mallory Wolf?
aepay11.htm#40 ID theft costs banks $1 billion a year
2003e.html#78 Microsoft strikes again - from comp.risks
aepay11.htm#41 Be Prepared: Gartner Outlines Top Security Risks
2003g.html#16 Can someone clarify, X509 spoofing?
2003g.html#17 Can someone clarify, X509 spoofing?
aepay11.htm#47 Actual Losses To Identity Fraud Top $1 Billion
aadsm14.htm#9 "Marginot Web" (SSL, payments, etc)
aadsm14.htm#12 Tackling security threats from within
2003h.html#24 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#25 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#26 HELP, Vulnerability in Debit PIN Encryption security, possibly
aadsm14.htm#22 Identity Theft Losses Expected to Hit $2 Trillion by 2005
2003i.html#59 grey-haired assembler programmers (Ritchie's C)
2003j.html#4 A Dark Day
aadsm14.htm#32 An attack on paypal
aadsm14.htm#33 An attack on paypal
2003j.html#8 A Dark Day
aepay11.htm#57 US warns banks about virus
aadsm14.htm#34 virus attack on banks (was attack on paypal)
aadsm14.htm#35 The real problem that https has conspicuously failed to fix
2003j.html#15 A Dark Day
aadsm14.htm#39 An attack on paypal
2003j.html#17 pbx security from 20 years ago
aepay11.htm#63 E-merchants Turn Fraud-busters
aepay11.htm#64 EFTA to Adaopt ATM Ant-Fraud Measures
aepay11.htm#65 E-merchants Turn Fraud-busters (somewhat related)
aepay12.htm#6 Know Your Enemy Automated Credit Card Fraud (automated, forwarded)
aadsm14.htm#51 Feds, industry warn of spike in ID theft scams
aadsm14.htm#53 IT Managers Critical Front in War on Identity Theft
aadsm14.htm#57 Kinko's spy case: Risks of renting PC's
aepay12.htm#7 Bugwatch: Know your security onions
aepay12.htm#8 Know your security onions (or security proportional to risk)
aepay12.htm#11 Net Worm Heightens Security Concerns
aepay12.htm#12 Identity theft rockets 80 per cent
2003l.html#2 S/360 Engineering Changes
2003l.html#3 S/360 Engineering Changes
aepay12.htm#13 Hacker's compromise Navy purchase card
aepay12.htm#14 Technology and Crime, Criminal Intelligence Service Canada - 2003
aepay12.htm#19 Tech firms band together on ID theft
aepay12.htm#21 FTC Says ID Theft Greater Problem Than Originally Thought
aadms15.htm#5 Is cryptography where security took the wrong branch?
aepay12.htm#23 Police smash UK's biggest credit card fraud ring
aepay12.htm#24 More on the ID theft saga
aepay12.htm#26 Bank One Calls Attention to ID Theft
aepay12.htm#30 ID Theft Often Goes Unrecognized
2003m.html#51 public key vs passwd authentication?
2003n.html#0 public key vs passwd authentication?
2003n.html#1 public key vs passwd authentication?
2003n.html#2 public key vs passwd authentication?
2003n.html#3 public key vs passwd authentication?
2003n.html#10 Cracking SSL
aadsm15.htm#22 Trusting the Tools - was Re: Open Source
2003n.html#14 Poor people's OS?
aadsm15.htm#23 NCipher Takes Hardware Security To Network Level
aepay12.htm#32 Internet Fraud & Attacks on the rise
2003n.html#17 which CPU for educational purposes?
2003n.html#20 which CPU for educational purposes?
aadsm15.htm#29 SSL, client certs, and MITM (was WYTM?)
aepay12.htm#35 Citibank customers hit with e-mail scam
aadsm16.htm#0 Identity Fraud costs Austrilia AU$1 billion a year
2003o.html#3 Bank security question (newbie question)
2003o.html#4 Bank security question (newbie question)
2003o.html#5 perfomance vs. key size
2003o.html#6 perfomance vs. key size
2003o.html#8 Bank security question (newbie question)
2003o.html#9 Bank security question (newbie question)
aadsm16.htm#2 Electronic Safety and Soundness: Securing Finance in a New Age
2003o.html#19 More -Fake- Earthlink Inquiries
2003o.html#22 securID weakness
2003o.html#29 Biometric cards will not stop identity fraud
2003o.html#35 Humans
2003o.html#37 Security of Oyster Cards
aadsm16.htm#6 ATM Fraud, Banking Your Money
2003o.html#50 Pub/priv key security
aadsm16.htm#7 The Digital Insider: Backdoor Trojans ... fyi
2003p.html#6 Does OTP need authentication?
2004.html#30 Threat of running a web server?
2004b.html#50 The SOB that helped IT jobs move to India is dead!
aadsm17.htm#10 fraud and phishing attacks soar
aadsm17.htm#11 are debit cards safe?
aadsm17.htm#13 A combined EMV and ID card
aadsm17.htm#22 secret hackers to aid war on internet fraud
aadsm17.htm#32 visa cards violated, BofA reissuing after hack attack
aadsm17.htm#35 Online credit card fraud rocks Indonesia
2004f.html#20 Why does Windows allow Worms?
aadsm17.htm#38 Study: ID theft usually an inside job
2004f.html#31 MITM attacks
aadsm17.htm#42 Article on passwords in Wired News
2004g.html#41 [URL] (about) passwords
2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
aadsm17.htm#43 Is finding security holes a good idea?
aadsm17.htm#44 Is finding security holes a good idea?
2004h.html#2 Adventure game (was:PL/? History (was Hercules))
2004h.html#4 Adventure game (was:PL/? History (was Hercules))
aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#49 Use cash machines as little as possible
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#51 authentication and authorization
aadsm17.htm#55 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#56 Question on the state of the security industry
aadsm17.htm#57 dual-use digital signature vulnerability
aadsm17.htm#58 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#59 dual-use digital signature vulnerability
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#8 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#9 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#10 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#11 E-commerce attack imminent; Sudden increase in port scanning for SSL doesn't look good
aadsm18.htm#12 dual-use digital signature vulnerability
aadsm18.htm#17 should you trust CAs? (Re: dual-use digital signature vulnerability)
2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#15 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
aadsm18.htm#18 Any TLS server key compromises?
2004j.html#28 Vintage computers are better than modern crap !
aadsm18.htm#19 RPOW - Reusable Proofs of Work
aadsm18.htm#20 RPOW - Reusable Proofs of Work
2004j.html#29 Vintage computers are better than modern crap !
2004j.html#32 Vintage computers are better than modern crap !
2004j.html#34 Vintage computers are better than modern crap !
2004j.html#35 A quote from Crypto-Gram
2004j.html#37 Vintage computers are better than modern crap !
2004j.html#38 Vintage computers are better than modern crap !
2004j.html#39 Methods of payment
2004j.html#56 RFCs that reference MD5
2004j.html#58 Vintage computers are better than modern crap !
2004k.html#7 A quote from Crypto-Gram
2004k.html#22 Public key authentication defeats passwd age warning
2004l.html#1 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#63 Actuarial facts
aadsm18.htm#35 Credit card leaks continue at a furious pace
aadsm18.htm#36 Phishing losses total $500 million - Nacha
aadsm18.htm#37 Fake Companies, real money; elaborate con wrings cash out of stolen credit cards
2004p.html#21 need a firewall
2004p.html#22 need a firewall
aadsm18.htm#45 Banks Test ID Device for Online Security
aadsm18.htm#46 Banks Test ID Device for Online Security
2005.html#14 Using smart cards for signing and authorization in applets
2005b.html#43 [Lit.] Buffer overruns
2005b.html#66 [Lit.] Buffer overruns
2005c.html#28 [Lit.] Buffer overruns
2005c.html#29 [Lit.] Buffer overruns
2005c.html#30 [Lit.] Buffer overruns
2005c.html#31 [Lit.] Buffer overruns
2005c.html#34 [Lit.] Buffer overruns
aadsm18.htm#49 one more time now, Leading Cause of Data Security breaches Are Due to Insiders, Not Outsiders
2005d.html#0 [Lit.] Buffer overruns
aadsm18.htm#53 ATM machine security
aadsm18.htm#54 MD5 collision in X509 certificates
aadsm18.htm#55 MD5 collision in X509 certificates
aadsm19.htm#5 Do You Need a Digital ID?
2005e.html#31 Public/Private key pair protection on Windows
2005e.html#41 xml-security vs. native security
aadsm19.htm#7 JIE - Contracts in Cyberspace
2005f.html#9 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005g.html#33 Good passwords and security priorities
2005g.html#37 MVS secure configuration standard
2005g.html#41 Maximum RAM and ROM for smartcards
2005g.html#42 TCP channel half closed
2005g.html#46 Maximum RAM and ROM for smartcards
2005i.html#0 More Phishing scams, still no SSL being used
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#10 Revoking the Root
2005i.html#11 Revoking the Root
2005i.html#19 Improving Authentication on the Internet
2005i.html#33 Improving Authentication on the Internet
2005i.html#34 The Worth of Verisign's Brand
2005i.html#36 Improving Authentication on the Internet
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#18 Citibank discloses private information to improve security
aadsm19.htm#19 "SSL stops credit card sniffing" is a correlation/causality myth
aadsm19.htm#22 Citibank discloses private information to improve security
aadsm19.htm#23 Citibank discloses private information to improve security
aadsm19.htm#26 Trojan horse attack involving many major Israeli companies, executives
2005j.html#3 Request for comments - anti-phishing approach
aadsm19.htm#28 "SSL stops credit card sniffing" is a correlation/causality myth
2005j.html#22 Public disclosure of discovered vulnerabilities
2005j.html#23 Public disclosure of discovered vulnerabilities
aadsm19.htm#34 encrypted tapes (was Re: Papers about "Algorithm hiding" ?)
2005j.html#52 Banks
2005j.html#53 Banks
2005k.html#3 Public disclosure of discovered vulnerabilities
2005k.html#56 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
aadsm19.htm#38 massive data theft at MasterCard processor
aadsm19.htm#39 massive data theft at MasterCard processor
aadsm19.htm#41 massive data theft at MasterCard processor
aadsm19.htm#44 massive data theft at MasterCard processor
2005l.html#13 The Worth of Verisign's Brand
2005l.html#17 The Worth of Verisign's Brand
2005l.html#18 The Worth of Verisign's Brand
2005l.html#19 Bank of America - On Line Banking *NOT* Secure?
2005l.html@23 The Worth of Verisign's Brand
2005l.html#24 The Worth of Verisign's Brand
2005l.html#36 More Phishing scams, still no SSL being used
2005m.html#6 Creating certs for others (without their private keys)
aadsm19.htm#45 payment system fraud, etc
aadsm20.htm#1 Keeping an eye on ATM fraud
aadsm20.htm#2 US consumers want companies fined for security breaches
aadsm20.htm#3 City National Bank is the latest major US company to admit it has lost customer data
2005n.html#5 Wildcard SSL Certificates
2005n.html#23 Online ID Thieves Exploit Lax ATM Security
aadm20.htm#24 [Clips] Escaping Password Purgatory
aadsm20.htm#28 solving the wrong problem
aadsm20.htm#29 How much for a DoD X.509 certificate?
aadsm20.htm#30 How much for a DoD X.509 certificate?
2005o.html#1 The Chinese MD5 attack
2005o.html#2 X509 digital certificate for offline solution
2005o.html#3 The Chinese MD5 attack
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005p.html#2 Innovative password security
2005p.html#6 Innovative password security
aadsm21.htm#0 ID theft ring proves difficult to stop
2005p.html#24 Hi-tech no panacea for ID theft woes
2005p.html#25 Hi-tech no panacea for ID theft woes
2005p.html#25 Hi-tech no panacea for ID theft woes
aadsm21.htm#5 Is there any future for smartcards?
2005p.html#43 Security of Secret Algorithm encruption
aadsm21.htm#14 Online fraud 'ahead' of credit-card companies-experts
aadsm21.htm#15 Contactless payments and the security challenges
aadsm21.htm#16 PKI too confusing to prevent phishing, part 28
2005r.html#7 DDJ Article on "Secure" Dongle
2005s.html#15 Data Encryption Standard Today
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#13 AMD to leave x86 behind?
2005u.html#24 AMD to leave x86 behind?
2005u.html#26 RSA SecurID product
2005u.html#31 AMD to leave x86 behind?
2005u.html#33 PGP Lame question
aadsm21.htm#36 browser vendors and CAs agreeing on high-assurance certificates
2005v.html#2 ABN Tape - Found
2005v.html#3 ABN Tape - Found
2005v.html#4 ABN Tape - Found
aadsm21.htm#42 Phishers now targetting SSL
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#5 long-term GPG signing key
aadsm22.htm#6 long-term GPG signing key
aadsm22.htm#7 long-term GPG signing key
2006.html#12a sox, auditing, finding improprieties
2006.html#33 The new High Assurance SSL Certificates
aadsm22.htm#10 thoughts on one time pads
aadsm22.htm#11 thoughts on one time pads
aadsm22.htm#12 thoughts on one time pads
aadsm22.htm#13 Face and fingerprints swiped in Dutch biometric passport crack (another card skim vulnerability)
2006.html#14 thoughts on one time pads
aadsm22.htm#16 serious threat models
2006c.html#13 X.509 and ssh
2006c.html#31 Worried about your online privacy?
2006c.html#35 X.509 and ssh
2006c.html#38 X.509 and ssh
2006d.html#25 Caller ID "spoofing"
2006d.html#26 Caller ID "spoofing"
2006d.html#28 Caller ID "spoofing"
2006d.html#30 Caller ID "spoofing"
2006d.html#31 Caller ID "spoofing"
aadsm22.htm#18 "doing the CA statement shuffle" and other dances
aadsm22.htm#19 "doing the CA statement shuffle" and other dances
aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#2 When *not* to sign an e-mail message?
aadsm22.htm#21 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#10 Caller ID "spoofing"
2006e.html#11 Caller ID "spoofing"
aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#21 Debit Cards HACKED now
2006e.html#22 Debit Cards HACKED now
2006e.html#23 Debit Cards HACKED now
2006e.html#24 Debit Cards HACKED now
2006e.html#26 Debit Cards HACKED now
aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#30 Debit Cards HACKED now
aadsm22.htm#26 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
aadsm22.htm#27 Meccano Trojans coming to a desktop near you
aadsm22.htm#28 Meccano Trojans coming to a desktop near you
aadsm22.htm#29 Meccano Trojans coming to a desktop near you
aadsm22.htm#30 Creativity and security
aadsm22.htm#31 Creativity and security
aadsm22.htm#33 Meccano Trojans coming to a desktop near you
aadsm22.htm#34 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#36 Unforgeable Blinded Credentials
aadsm22.htm#38 Creativity and security
aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
2006f.html#32 X.509 and ssh
2006f.html#33 X.509 and ssh
2006f.html#36 X.509 and ssh
aadsm22.htm#44 Creativity and security
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#46 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#48 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#0 Separation of Roles - an example
2006g.html#12 The Pankian Metaphor
aadsm23.htm#1 RSA Adaptive Authentication
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#13 Security
2006h.html#4 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#15 Security
2006h.html#26 Security
2006h.html#31 Intel vPro Technology
2006h.html#33 The Pankian Metaphor
2006h.html#34 The Pankian Metaphor
2006h.html#40 Mainframe vs. xSeries
aadsm23.htm#9 PGP "master keys"
aadsm23.htm#10 PGP "master keys"
2006i.html#3 Spoofing fingerprint scanners - NEWBIE()
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#16 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm23.htm#17 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm23.htm#18 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#19 Petrol firm suspends chip-and-pin
aadsm23.htm#20 Petrol firm suspends chip-and-pin
aadsm23.htm#21 Reliable Connections Are Not
aadsm23.htm#25 Petrol firm suspends chip-and-pin
aadsm23.htm#26 Petrol firm suspends chip-and-pin
aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#28 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#30 Petrol firm suspends chip-and-pin
aadsm23.htm#31 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#32 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#33 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
2006.html#15 Passwords for bank sites - change or not?
2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#18 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#22 Encryption for Powerpoint?
2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#26 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#33 Password Complexity
aadsm23.htm#44 ThreatWatch - markets in loss, Visa's take, 419 "chairmen"
aadsm23.htm#49 Status of SRP
2006l.html#27 Google Architecture
aadsm23.htm#53 Status of SRP
aadsm23.htm#54 Status of SRP
aadsm23.htm#55 UK Detects Chip-And-PIN Security Flaw
2006l.html#32 Google Architecture
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#0 FraudWatch - Chip&Pin, a new tenner (USD10)
2006l.html#33 Google Architecture
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
aadsm24.htm#3 FraudWatch - Chip&Pin, a new tenner (USD10)
2006l.html#37 Google Architecture
aadsm24.htm#6 Securely handling credit card transactions earns Blackboard kudos
aadsm24.htm#7 Naked Payments IV - let's all go naked
2006l.html#57 DEC's Hudson fab
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm24.htm#9 Naked Payments IV - let's all go naked
2006m.html#15 OpenSSL Hacks
aadsm24.htm#10 Naked Payments IV - let's all go naked
2006m.html#24 OT - J B Hunt
aadsm24.htm#12 Naked Payments IV - let's all go naked
aadsm24.htm#14 Naked Payments IV - let's all go naked
aadsm24.htm#21 Use of TPM chip for RNG?
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm24.htm#26 Naked Payments IV - let's all go naked
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#33 Threatwatch - 2-factor tokens attacked by phishers
aadsm24.htm#34 Phishers Defeat 2-Factor Auth
aadsm24.htm#35 Interesting bit of a quote
aadsm24.htm#36 Interesting bit of a quote
aadsm24.htm#38 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#38 Interesting bit of a quote
aadsm24.htm#39 Interesting bit of a quote
aadsm24.htm#40 Interesting bit of a quote
aadsm24.htm#41 Naked Payments IV - let's all go naked
aadsm24.htm#43 DDA cards may address the UK Chip&Pin woes
2006n.html#32 The System/360 Model 20 Wasn't As Bad As All That
aadsm24.htm#46 More Brittle Security -- Agriculture
aadsm24.htm#47 More Brittle Security -- Agriculture
aadsm24.htm#48 more on FBI plans new Net-tapping push
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#9 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#10 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#11 And another cloning tale
aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
2006o.html#35 the personal data theft pandemic continues
2006o.html#37 the personal data theft pandemic continues
2006o.html#40 the personal data theft pandemic continues
2006o.html#47 the personal data theft pandemic continues
aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#17 Hamiltonian path as protection against DOS
aadsm25.htm#18 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm25.htm#21 Identity v. anonymity -- that is not the question
2006p.html#9 New airline security measures in Europe
2006p.html#18 19,000 Accounts Compromised
2006p.html#32 OT - hand-held security
2006p.html#38 Hackers steal AT&T customer data
2006p.html#41 Device Authentication - The answer to attacks lauched using stolen passwords?
2006q.html#5 Materiel and graft<
2006q.html#7 Linux More Secure on System z?
aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design
2006q.html#48 Smartcard reader with certificate inside the reader
2006r.html#28 Greatest Software Ever Written?
2006r.html#29 Intel abandons USEnet news
2006r.html#34 Mozilla moves on security
2006s.html#4 Why not 2048 or 4096 bit RSA key issuance?
2006s.html#5 Why not 2048 or 4096 bit RSA key issuance?
aadsm25.htm#39 How the Classical Scholars dropped security from the canon of Computer Science
2006s.html#9 Why not 2048 or 4096 bit RSA key issuance?
aadsm25.htm#43 Audit Follies - Atlantic differences, branding UnTrust, thunbs on Sarbanes-Oxley, alternates
2006s.html#28 Storage Philosophy Question
aadsm25.htm#45 hashes on restricted domains: random functions or permutations?
aadsm25.htm#46 Flaw exploited in RFID-enabled passports
2006t.html#25 Are there more stupid people in IT than there used to be?
2006u.html#3 ssh - password control or key control?
aadsm26.htm#0 Flaw in RFID-enabled passports (part 2?)
aadsm26.htm#3 Citibank e-mail looks phishy
2006u.html#36 remote support questions - curiousity
2006u.html#40 New attacks on the financial PIN processing
aadsm26.htm#4 Citibank e-mail looks phishy
aadsm26.htm#5 ATMs hacked using MP3 player
2006u.html#47 New attacks on the financial PIN processing
2006u.html#48 New attacks on the financial PIN processing
aadsm26.htm#6 Citibank e-mail looks phishy
2006u.html#53 What's a mainframe?
aadsm26.htm#7 Citibank e-mail looks phishy
2006v.html#1 New attacks on the financial PIN processing
2006v.html#2 New attacks on the financial PIN processing
aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
aadsm26.htm#12 Who has a Core Competency in Security?
2006v.html#13 Who has a Core Competency in Security?
2006v.html#27 Federal Rules May Not Fully Secure Online Banking Sites
aadsm26.htm#14 Who has a Core Competency in Security?
2006v.html#33 New attacks on the financial PIN processing
2006v.html#39 On sci.crypt: New attacks on the financial PIN processing
2006v.html#42 On sci.crypt: New attacks on the financial PIN processing
2006v.html#44 User Authentication
2006v.html#45 On sci.crypt: New attacks on the financial PIN processing
2006v.html#46 Patent buster for a method that increases password security
2006v.html#49 Patent buster for a method that increases password security
2006v.html#50 DOS C prompt in "Vista"?
2006w.html#5 Patent buster for a method that increases password security
2006x.html#14 IBM ATM machines
2006x.html#22 'Innovation' and other crimes
2006x.html#16 Security Implications of Using the Data Encryption Standard (DES)
2006x.html#36 SSL security with server certificate compromised
2006y.html#8 Securing financial transactions a high priority for 2007
aadsm26.htm#17 Changing the Mantra -- RFC 4732 on rethinking DOS
2006y.html#25 "The Elements of Programming Style"
2007.html#5 Securing financial transactions a high priority for 2007
2007.html#6 Securing financial transactions a high priority for 2007
2007.html#27 Securing financial transactions a high priority for 2007
aadsm26.htm#21 FC07 Preliminary Programme - Leaving Room for the Bad Guys
aadsm26.htm#22 Tamperproof, yet playing Tetris
2007b.html#8 Special characters in passwords was Re: RACF - Password rules
2007b.html#13 special characters in passwords
2007b.html#20 How many 36-bit Unix ports in the old days?
2007b.html#24 Forbidding Special characters in passwords
aadsm26.htm#23 It's a Presidential Mandate, Feds use it. How come you are not using FDE?
2007b.html#59 Peter Gutmann Rips Windows Vista Content Protection
2007b.html#60 Securing financial transactions a high priority for 2007
2007b.html#62 Securing financial transactions a high priority for 2007
2007b.html#63 Is Silicon Valley strangeled by SOX?
2007b.html#64 Securing financial transactions a high priority for 2007
2007c.html#3 "New Universal Man-in-the-Middle Phishing Kit"
2007c.html#6 Securing financial transactions a high priority for 2007
2007c.html#8 Securing financial transactions a high priority for 2007
2007c.html#9 Decoding the encryption puzzle
2007c.html#10 Securing financial transactions a high priority for 2007
2007c.html#11 Decoding the encryption puzzle
2007c.html#17 Securing financial transactions a high priority for 2007
2007c.html#18 Securing financial transactions a high priority for 2007
2007c.html#22 Securing financial transactions a high priority for 2007
2007c.html#26 Securing financial transactions a high priority for 2007
2007c.html#27 Securing financial transactions a high priority for 2007
2007c.html#28 Securing financial transactions a high priority for 2007
2007c.html#30 Securing financial transactions a high priority for 2007
2007c.html#31 Securing financial transactions a high priority for 2007
2007c.html#32 Securing financial transactions a high priority for 2007
2007c.html#33 Securing financial transactions a high priority for 2007
2007c.html#35 Securing financial transactions a high priority for 2007
2007c.html#36 Securing financial transactions a high priority for 2007
2007c.html#37 Securing financial transactions a high priority for 2007
2007c.html#38 Securing financial transactions a high priority for 2007
2007c.html#43 Securing financial transactions a high priority for 2007
2007c.html#46 Securing financial transactions a high priority for 2007
2007c.html#51 Securing financial transactions a high priority for 2007
2007c.html#53 Securing financial transactions a high priority for 2007
2007d.html#5 Securing financial transactions a high priority for 2007
aadsm26.htm#25 EV - what was the reason, again?
aadsm26.htm#27 man in the middle, SSL ... addenda
2007d.html#26 Securing financial transactions a high priority for 2007
aadsm26.htm#30 man in the middle, SSL
aadsm26.htm#31 man in the middle, SSL ... addenda 2
aadsm26.htm#35 Failure of PKI in messaging
2007d.html#68 Securing financial transactions a high priority for 2007
2007d.html#70 Securing financial transactions a high priority for 2007
2007e.html#2 Securing financial transactions a high priority for 2007
2007e.html#12 Securing financial transactions a high priority for 2007
aadsm26.htm#37 Threatwatch: $400 to 'own' your account
aadsm26.htm#38 Usable Security 2007
2007e.html#20 Securing financial transactions a high priority for 2007
2007e.html#24 Securing financial transactions a high priority for 2007
2007e.html#26 Securing financial transactions a high priority for 2007
2007e.html#29 Securing financial transactions a high priority for 2007
2007e.html#58 Securing financial transactions a high priority for 2007
2007e.html#62 Securing financial transactions a high priority for 2007
aadsm26.htm#40 PKI: The terrorists' secret weapon
aadsm26.htm#41 PKI: The terrorists' secret weapon (part II)
2007f.html#58 Securing financial transactions a high priority for 2007
2007f.html#68 Securing financial transactions a high priority for 2007
2007f.html#72 Securing financial transactions a high priority for 2007
2007g.html#8 Securing financial transactions a high priority for 2007
2007g.html#20 T.J. Maxx data theft worse than first reported
aadsm26.htm#45 Cost of an identity
2007g.html#30 T.J. Maxx data theft worse than first reported
aadsm26.htm#47 SSL MITM-attacks make the news
2007g.html#58 Can SSL sessions be compromised?
2007g.html#50 DNSSEC to be strangled at birth
aadsm26.htm#57 Our security sucks. Why can't we change? What's wrong with us?
2007h.html#48 Securing financial transactions a high priority for 2007
2007h.html#51 Securing financial transactions a high priority for 2007
aadsm26.htm#59 On cleaning up the security mess: escaping the self-perpetuating trap of Fraud?
2007h.html#56 T.J. Maxx data theft worse than first reported
aadsm26.htm#60 crypto component services - is there a market?
2007h.html#63 T.J. Maxx data theft worse than first reported
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007i.html#19 John W. Backus, 82, Fortran developer, dies
2007i.html#28 John W. Backus, 82, Fortran developer, dies
2007i.html#73 public key password authentication
aadsm26.htm#66 More Tipping Point evidence - POS vendors sued
2007j.html#0 John W. Backus, 82, Fortran developer, dies
2007j.html#3 John W. Backus, 82, Fortran developer, dies
2007j.html#15 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#68 H6.1: Designing (Security) Without Requirements is like Building a Road Without a Route Map to a Destination You've Never Seen
aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach
aadsm27.htm#2 Threatwatch: Still searching for the economic MITM
2007j.html#60 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
aadsm27.htm#5 Leadership, the very definition of fraud, and the court of security ideas
aadsm27.htm#7 Solution to phishing -- an idea who's time has come?
aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas
aadsm27.htm#11 Is this Risk Management's Waterloo?
aadsm27.htm#12 0wned .gov machines (was Re: Russian cyberwar against Estonia?)
aadsm27.htm#13 Is this Risk Management's Waterloo?
2007k.html#50 John W. Backus, 82, Fortran developer, dies
2007k.html#51 IBM Unionization
2007k.html#52 John W. Backus, 82, Fortran developer, dies
2007k.html#54 John W. Backus, 82, Fortran developer, dies
2007k.html#55 My Dream PC -- Chip-Based
2007k.html#56 My Dream PC -- Chip-Based
2007k.html#63 My Dream PC -- Chip-Based
2007k.html#79 John W. Backus, 82, Fortran developer, dies
2007l.html#0 John W. Backus, 82, Fortran developer, dies
2007l.html#18 Non-Standard Mainframe Language?
2007l.html#35 My Dream PC -- Chip-Based
2007l.html#40 My Dream PC -- Chip-Based
2007m.html#33 nouns and adjectives
2007m.html#65 nouns and adjectives
aadsm27.htm#31 The bank fraud blame game
aadsm27.htm#32 The bank fraud blame game
aadsm27.htm#33 The bank fraud blame game
aadsm27.htm#35 The bank fraud blame game
aadsm27.htm#38 The bank fraud blame game
aadsm27.htm#39 a fraud is a sale, Re: The bank fraud blame game
aadsm27.htm#40 a fraud is a sale, Re: The bank fraud blame game
2007n.html#50 WindowsMonitor or CUSP?
aadsm27.htm#43 a fraud is a sale, Re: The bank fraud blame game
2007n.html#71 Poll: oldest computer thing you still use
2007n.html#72 Poll: oldest computer thing you still use
aadsm27.htm#44 Threatwatch: how much to MITM, how quickly, how much lost
aadsm27.htm#45 Threatwatch: how much to MITM, how quickly, how much lost
2007n.html#80 Poll: oldest computer thing you still use
aadsm27.htm#46 Threatwatch: how much to MITM, how quickly, how much lost
aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center
2007o.html#16 Hypervisors May Replace Operating Systems As King Of The Data Center
2007o.html#27 EZPass: Yes, Big Brother IS Watching You!
2007o.html#29 EZPass: Yes, Big Brother IS Watching You!
2007o.html#30 EZPass: Yes, Big Brother IS Watching You!
aadsm27.htm#59 Threatwatch - more data on cost of your identity
2007p.html#40 what does xp do when system is copying
2007p.html#50 Newsweek article--baby boomers and computers
aadsm27.htm#60 Retailers try to push data responsibilities back to banks
2007q.html#41 Newsweek article--baby boomers and computers
2007r.html#30 Is the media letting banks off the hook on payment card security
2007r.html#32 Is the media letting banks off the hook on payment card security
2007r.html#47 Translation of IBM Basic Assembler to C?
2007r.html#61 The new urgency to fix online privacy
2007r.html#63 Translation of IBM Basic Assembler to C?
2007r.html#72 Translation of IBM Basic Assembler to C?
2007s.html#1 Translation of IBM Basic Assembler to C?
2007s.html#11 Translation of IBM Basic Assembler to C?
2007s.html#12 Translation of IBM Basic Assembler to C?
2007s.html#13 The new urgency to fix online privacy
2007s.html#25 Translation of IBM Basic Assembler to C?
2007s.html#28 Translation of IBM Basic Assembler to C?
2007s.html#34 File sharing may lead to identity theft
aadsm27.htm#64 How to crack RSA
2007s.html#66 The new urgency to fix online privacy
2007t.html#7 Identity Theft Prevention tips
2007t.html#20 UK Retail Giant Breached by Insider
2007t.html#22 'Man in the browser' is new threat to online banking
2007t.html#27 'Man in the browser' is new threat to online banking
2007t.html#47 Translation of IBM Basic Assembler to C?
2007u.html#10 Crypto Related Posts
2007u.html#11 Public Computers
2007u.html#45 Folklore references to CP67 at Lincoln Labs
2007u.html#47 folklore indeed
2007u.html#48 folklore indeed
2007u.html#49 folklore indeed
2007u.html#50 folklore indeed
2007u.html#53 folklore indeed
2007u.html#54 folklore indeed
2007u.html#55 folklore indeed
2007u.html#58 folklore indeed
2007u.html#62 folklore indeed
2007u.html#63 folklore indeed
2007u.html#68 folklore indeed
2007u.html#70 folklore indeed
2007u.html#71 folklore indeed
2007u.html#74 folklore indeed
2007u.html#82 Education ranking
2007v.html#2 folklore indeed
2007v.html#6 Ironke
2007v.html#8 Virtualization still hot, death of antivirus software imminent
2007v.html#25 Newsweek article--baby boomers and computers
2007v.html#35 Inside a Modern Malware Distribution System
2007v.html#66 2007: year in review
2007v.html#74 folklore indeed
aadsm28.htm#2 Death of antivirus software imminent
2007v.html#77 folklore indeed
2007v.html#78 folklore indeed
2007v.html#86 folklore indeed
2007v.html#87 Data Breaches Soar In 2007
2007v.html#88 Data Breaches Soar In 2007
2007v.html#89 2007 Roundup: The march of the botnets
2007v.html#90 folklore indeed
aadsm28.htm#3 Why Security Modelling doesn't work -- the OODA loop of today's battle
2007v.html#95 folklore indeed
2007v.html#97 folklore indeed
2008.html#2 folklore indeed
2008.html#4 folklore indeed
2008.html#5 folklore indeed
aadsm28.htm#5 Why Security Modelling doesn't work -- the OODA loop of today's battle
aadsm28.htm#6 Death of antivirus software imminent
2008.html#11 Information security breaches quadrupled in 2007
2008.html#31 1975 movie "Three Days of the Condor" tech stuff
2008.html#35 U.S. Identity Theft at Record Level in 2007
2008.html#36 1970s credit cards, was: 1975 movie "Three Days of the Condor" tech stuff
2008.html#70 As Expected, Ford Falls From 2nd Place in U.S. Sales
2008.html#71 As Expected, Ford Falls From 2nd Place in U.S. Sales
2008.html#90 Computer Science Education: Where Are the Software Engineers of Tomorrow?
2008b.html#12 Computer Science Education: Where Are the Software Engineers of Tomorrow?
2008b.html#19 Yahoo's CAPTCHA Security Reportedly Broken
2008b.html#26 folklore indeed
2008b.html#67 Govt demands password to personal computer
2008b.html#68 Govt demands password to personal computer
2008b.html#72 Govt demands password to personal computer
2008b.html#74 Too much change opens up financial fault lines
2008b.html#82 Break the rules of governance and lose 4.9 billion
aadsm28.htm#13 Break the rules of governance and lose 4.9 billion
aadsm28.htm#14 Break the rules of governance and lose 4.9 billion
2008c.html#4 folklore indeed
aadsm28.htm#15 Dutch Transport Card Broken
aadsm28.htm#17 Lack of fraud reporting paths considered harmful
aadsm28.htm#18 Lack of fraud reporting paths considered harmful
aadsm28.htm#19 Lack of fraud reporting paths considered harmful
2008c.html#44 Toyota Sales for 2007 May Surpass GM
aadsm28.htm#21 Dutch Transport Card Broken
2008c.html#47 Data Erasure Products
aadsm28.htm#25 middle banking in a english muddle
2008c.html#59 Govt demands password to personal computer
2008c.html#76 Neglected IT Tasks May Have Led to Bank Meltdown
aadsm28.htm#27 Break the rules of governance and lose 4.9 billion
aadsm28.htm#28 middle banking in a english muddle
2008c.html#89 Toyota Sales for 2007 May Surpass GM
2008d.html#2 Spammers' bot cracks Microsoft's CAPTCHA
2008d.html#3 Govt demands password to personal computer
2008d.html#6 How Safe Are Your Personal Records In The Hands Of Government Officials?
aadsm28.htm#29 Chip&PIN cards: 1 in 5 cloned?
2008d.html#10 Toyota Sales for 2007 May Surpass GM
2008d.html#18 New Research Confirms Identity Fraud Is On Decline
2008d.html#26 Toyota Sales for 2007 May Surpass GM
aadsm28.htm#33 on Revocation of Signing Certs and Public Key Signing itself
2008d.html#27 Kerberized authorization service
2008d.html#34 New Research Confirms Identity Fraud Is On Decline
2008d.html#84 The hands-free way to steal a credit card
2008d.html#88 The hands-free way to steal a credit card
2008e.html#3 The hands-free way to steal a credit card
2008e.html#25 Spammers crack Gmail Captcha
2008e.html#34 The hands-free way to steal a credit card
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
2008e.html#35 PIN devices vulnerable to 'tapping' attacks, researchers warn
2008e.html#42 Banks failing to manage IT risk - study
2008e.html#44 insider fraud
2008e.html#65 Banks failing to manage IT risk - study
2008e.html#66 independent appraisers
2008e.html#69 independent appraisers
US aerospace and defense sector braces for potential brain drain as Cold War workers retire
2008e.html#77 independent appraisers
2008f.html#2 EPIC, Ending Piracy of Integrated Circuits
2008f.html#9 EPIC, Ending Piracy of Integrated Circuits
2008f.html#11 independent appraisers
aadsm28.htm#38 The Trouble with Threat Modelling
2008f.html#25 independent appraisers
2008f.html#26 independent appraisers
2008f.html#33 EPIC, Ending Piracy of Integrated Circuits
aadsm28.htm#40 Attack on Brit retail payments -- some takeways
aadsm28.htm#41 Trojan with Everything, To Go!
2008f.html#49 How do OTP tokens work?
2008f.html#51 independent appraisers
2008f.html#54 How do OTP tokens work?
aadsm28.htm#46 The bond that fell to Earth
2008f.html#63 Antivirus Inventor: Security Departments Are Wasting Their Time
2008f.html#73 Bush - place in history
aadsm28.htm#50 Liability for breaches: do we need new laws?
2008f.html#86 Banks failing to manage IT risk - study
2008f.html#88 Has Banking Industry Overlooked Its Biggest Breach Ever?
aadsm28.htm#51 Liability for breaches: do we need new laws?
2008f.html#89 Bush - place in history
2008f.html#94 Bush - place in history
aadsm28.htm#52 Pogo reports: big(gest) bank breach was covered up?
2008f.html#96 Bush - place in history
2008g.html#0 Bush - place in history
2008g.html#2 Bush - place in history
2008g.html#4 CDOs subverting Boyd's OODA-loop
2008g.html#10 Hannaford case exposes holes in law, some say
2008g.html#12 independent appraisers
2008g.html#13 independent appraisers
2008g.html#16 independent appraisers
2008g.html#17 Hannaford breach illustrates dangerous compliance mentality
2008g.html#25 CA ESD files Options
2008g.html#28 Hannaford case exposes holes in law, some say
aadsm28.htm#53 Pogo reports: big(gest) bank breach was covered up?
2008g.html#36 Lehman sees banks, others writing down $400 bln
2008g.html#59 Credit crisis could cost nearly $1 trillion, IMF predicts
2008g.html#64 independent appraisers
2008g.html#66 independent appraisers
2008g.html#67 independent appraisers
2008h.html#4 You won't guess who's the bad guy of ID theft
aadsm28.htm#54 Liability for breaches: do we need new laws?
aadsm28.htm#57 Who do we have to blame for the mortgage crisis in America?
aadsm28.htm#58 Who do we have to blame for the mortgage crisis in America?
aadsm28.htm#60 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#61 Is Basel 2 out...Basel 3 in?
aadsm28.htm#62 Who do we have to blame for the mortgage crisis in America?
aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#66 Would the Basel Committee's announced enhancement of Basel II Framework and other steps have prevented the current global financial crisis had they been implemented years ago?
2008h.html#20 handling the SPAM on this group
aadsm28.htm#71 Paypal -- Practical Approaches to Phishing -- open white paper
2008h.html#32 subprime write-down sweepstakes
aadsm28.htm#74 Visa and MasterCard mandated PCI compliance as of Jan 1, 2008. I would like to get a feel or opinion on this subject
aadsm28.htm#75 Fun with Data Theft/Breach Numbers
aadsm28.htm#77 How safe do you feel when using a debit or credit card?
2008h.html#44 Two views of Microkernels (Re: Kernels
2008h.html#89 Credit Crisis Timeline
2008h.html#90 subprime write-down sweepstakes
2008i.html#1 Do you belive Information Security Risk Assessment has shortcoming like
2008i.html#21 Worst Security Threats?
aadsm28.htm#80not crypto, but fraud detection
aadsm28.htm#81 not crypto, but fraud detection
2008i.html#30 subprime write-down sweepstakes
2008i.html#42 "Security Breaches"
2008i.html#43 IT Security Statistics
2008i.html#55 Is data classification the right approach to pursue a risk based information security program?
2008i.html#64 Is the credit crunch a short term aberation
2008i.html#67 Do you have other examples of how people evade taking resp. for risk
2008i.html#70 Next Generation Security
2008i.html#71 The End of Privacy?
2008i.html#76 Security Awareness
2008i.html#81 Selling Security using Prospect Theory. Or not
2008i.html#88 squirrels
2008i.html#101 We're losing the battle
2008j.html#34 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#35 Data Breach Reports Up 69 Percent in 2008
2008j.html#37 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#38 dollar coins
2008j.html#51 dollar coins
2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#57 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#60 dollar coins
2008j.html#61 German court finds Bank responsible for malwared PC
2008j.html#62 German court finds Bank responsible for malwared PC
2008j.html#63 CLIs and GUIs
2008j.html#64 lack of information accuracy
2008j.html#66 lack of information accuracy
2008j.html#71 lack of information accuracy
2008j.html#84 dollar coins
2008k.html#10 Why do Banks lend poorly in the sub-prime market? Because they are not in Banking!
2008k.html#13 dollar coins
2008k.html#19 dollar coins
2008l.html#21 recent mentions of 40+ yr old technology
2008l.html#28 Verifying Verified By Visa - Registration breaks chain of trust
2008l.html#29 Verifying Verified By Visa - Registration breaks chain of trust
2008l.html#30 Verifying Verified By Visa - Registration breaks chain of trust
2008l.html#35 Quality of IBM school clock systems?
2008l.html#46 z/OS BIND9 DNS Vulnerable to Cache Poisoning Attack Problem?
2008l.html#49 Quality of IBM school clock systems?
2008l.html#50 IBM manual web pages
2008l.html#51 Monetary affairs on free reign, but the horse has Boulton'd
2008l.html#52 Payments Security in RFS
2008l.html#52 Quality of IBM school clock systems?
2008l.html#61 Osama bin Laden gets a cosmetic makevover in his British Vanity Passport
2008l.html#69 Verifying Verified By Visa - Registration breaks chain of trust
2008l.html#71 md5
2008l.html#89 Fraud due to stupid failure to test for negative
2008m.html#5 Fraud due to stupid failure to test for negative
2008m.html#8 Fraud due to stupid failure to test for negative
2008m.html#27 Fraud due to stupid failure to test for negative
2008m.html#55 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#56 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#71 TJ Maxx - why are they still in business?
2008m.html#82 Data sharing among Industry players about frauds
2008m.html#95 Blinkylights
2008n.html#0 Blinkylights
2008n.html#36 Builders V. Breakers
2008n.html#37 Success has many fathers, but failure has the US taxpayer
2008n.html#38 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#40 Success has many fathers, but failure has the US taxpayer
2008n.html#44 VMware Chief Says the OS Is History
2008n.html#52 Technology and the current crisis
2008n.html#54 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#69 Another quiet week in finance
2008n.html#71 Clickjacking -- the new browser wipe-out
2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
2008n.html#82 Fraud in financial institution
2008n.html#94 Blinkylights
2008n.html#95 Blinkylights
2008n.html#100 Wachovia Bank web site
2008n.html#101 Blinkylights
2008o.html#4 Wachovia Bank web site
2008o.html#7 Credit Card Security
2008o.html#8 The end of the baby boomers, US bonds maturing, and then what?
2008o.html#11 Browser Security UI: the horns of the dilemma
2008o.html#12 The human plague
2008o.html#14 Blinkylights
2008o.html#18 Once the dust settles, do you think Milton Friedman’s economic theories will be laid to rest
2008o.html#22 What risk of possible data leakage do you see for your organization?
2008o.html#25 What are the Black Swans for IT Security?
2008o.html#31 The human plague
2008o.html#34 The human plague
2008o.html#35 The human plague
2008o.html#60 Biometric Credit cards
2008o.html#76 Blinkenlights
2008o.html#81 How security audits, vulnerability assessments and penetration tests differ?
2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
2008p.html#10 Strings story
2008p.html#11 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#20 Donald Knuth stops paying for errata
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008p.html#34 How can I tell if a keylogger got added to my PC while I was in Beijing?
2008p.html#44 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#47 In Modeling Risk, the Human Factor Was Left Out
2008p.html#64 Do you feel secure with your bank's online banking service?
2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
2008p.html#74 2008 Data Breaches: 30 Million and Counting
2008q.html#12 Blinkenlights
2008q.html#25 Cybercrime Could Be As Destructive As Credit Crisis
2008q.html#32 I was wondering what types of frauds the audience think will increase?
2008q.html#66 Blinkenlights
2008r.html#0 ATM Skimmers: Watch Out for Electronic Theft Devices
2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
2008r.html#49 Kaspersky calls for a more secure internet
2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
2008r.html#53 21 million German bank account details on black market
2008r.html#59 Stolen credit-card boom
2008r.html#65 Did you think about Virtualization Security?
2008s.html#1 PCI's Bob Russo: Data loss hurts brand more than a fine
2008s.html#9 Blind-sided, again. Why?
2008s.html#36 What is the top security threat prediction of 2009?
2008s.html#58 DNS flaw is 2008's biggest web blunder
2008s.html#63 Garbage in, garbage out trampled by Moore's law
2008s.html#72 CA issues no-questions asked Mozilla cert
2008s.html#76 Boffins bust web authentication with game consoles
2008s.html#78 Boffins bust web authentication with game consoles
2009.html#4 Is SUN going to become x86'ed ??
2009.html#7 Swedish police warn of tampered credit card terminals
2009.html#10 Swedish police warn of tampered credit card terminals
2009.html#20 Data losses set to soar
2009.html#29 Data losses set to soar
2009.html#49 The 25 Most Dangerous Programming Errors
2009.html#52 The Credit Crunch: Why it happened?
2009.html#60The 25 Most Dangerous Programming Errors
2009.html#66 What's missing in security: business
2009b.html#5 Possibility of malicious CPUs
2009b.html#9 New Research Reveals 45% of Card Breach Victims Lose Confidence in Their Financial Accounts
2009b.html#10 Superworm seizes 9m PCs, 'stunned' researchers say
2009b.html#17 Fraud -- how can you stay one step ahead?
2009b.html#21 ICSF and VISA/MasterCard?amex reference list
2009b.html#32 Heartland Says Entire Industry Should Revamp Security
2009b.html#44 Cybercrime cost $1 trillion last year, study
2009b.html#55 Davos 2009 Cybercrime threat rising sharply
2009b.html#62 Study: Data breaches continue to get more costly for businesses
2009b.html#63 Study: Data breaches continue to get more costly for businesses
2009b.html#64 SQL attacks dominated 2008, says IBM
2009b.html#68 Fraud Incidents Tied to Heartland Data Breach
2009c.html#25 Crypto Craft Knowledge
2009c.html#31 H5: Security Begins at the Application and Ends at the Mind
2009c.html#50 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009d.html#6 Heartland Data Breach Update: Now More Than 150 Institutions Impacted
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009d.html#57 Lack of bit field instructions in x86 instruction set because of patents ?
2009d.html#71 Lack of bit field instructions in x86 instruction set because of patents ?
2009d.html#72 Why Are CC Numbers Still So Easy To Find?
2009d.html#73 Should Glass-Steagall be reinstated?
2009d.html#75 Whistleblowing and reporting fraud
2009e.html#6 ATMs At Risk
2009e.html#16 ATMs At Risk
2009e.html#21 ATMs At Risk
2009e.html#64 An interesting take on Verified by Visa Policy
2009f.html#3 Cybersecurity hearing highlights inadequacy of PCI DSS
2009f.html#14 SSL: Broken Even More
2009f.html#16 Cybersecurity hearing highlights inadequacy of PCI DSS
2009f.html#36 PCI security rules may require reinforcements
2009f.html#39 PIN Crackers Nab Holy Grail of Bank Card Security
2009f.html#42 More Data Breached In 2008 Than In Previous Four Years Combined
2009f.html#46 Who moved my payment?
2009f.html#48 Bankers as Partners In Crime Stopping
2009f.html#60 Cobol hits 50 and keeps counting
2009f.html#61 Halifax faces legal challenge on chip-and-pin security
2009f.html#67 Just posted third article about toxic assets in a series on the current financial crisis
2009f.html#10 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
2009f.html#24 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
2009g.html#28 Halifax faces legal challenge on chip-and-pin security
2009g.html#57 LexisNexis says its data was used by fraudsters
2009h.html#4 ATM/Debit Card Fraud On The Rise
2009h.html#13 Opinion: The top 10 operating system stinkers
2009h.html#24 IBM security expert: X86 virtualization not ready for regulated, mission-critical apps
2009h.html#28 Computer virus strikes US Marshals, FBI affected
2009h.html#46 IBM security expert: X86 virtualization not ready for regulated, mission-critical apps
2009i.html#14 Online Banking’s Innate Security Flaws
2009i.html#20 Online Banking’s Innate Security Flaws
2009i.html#22 My Vintage Dream PC
2009i.html#34 Data-sniffing trojans burrow into Eastern European ATMs
2009i.html#38 What is better $2 or $2000, Microsoft publishes a research paper
2009i.html#46 64 Cores -- IBM is showing a prototype already
2009i.html#47 Cyber crime 'more profitable than drugs'
2009i.html#53 Merchant Groups Ask for Broad Changes in Letter to PCI's Overseer
2009i.html#64 Weak security enables credit card hacks
2009i.html#68 Weak security enables credit card hacks
2009j.html#5 Database Servers: Candy For Hackers
2009j.html#11 Is anyone aware of a system that offers three layers of security and ID protection for online purchases or even over the counter POS purchases?
2009j.html#13 PCI SSC Seeks Input on Security Standards
2009j.html#23 Database Servers: Candy For Hackers
2009j.html#26 Price Tag for End-to-End Encryption: $4.8 Billion, Mercator Says
2009j.html#28 Malware steals ATM accounts and PIN codes; Pwns ATMS user Windows XP
2009j.html#48 Replace the current antiquated credit card system
2009j.html#50 How can we stop Credit card FRAUD?
2009j.html#51 Replace the current antiquated credit card system
2009j.html#57 How can we stop Credit card FRAUD?
2009k.html#21 Security certificate warnings don't work, researchers say
2009k.html#25 Don't Take Fraud Out of Context
2009k.html#28 Network Solutions breach exposed 500k card accounts
2009k.html#38 More holes found in Web's SSL security protocol
2009k.html#77 Cyber attackers empty business accounts in minutes
2009l.html#0 Cyber attackers empty business accounts in minutes
2009l.html#2 Cyber attackers empty business accounts in minutes
2009l.html#4 Card PINs traded at two for a dollar
2009l.html#5 Internal fraud isn't new, but it's news
2009l.html#37 Disksize history question
2009l.html#50 Hacker charges also an indictment on PCI, expert says
2009l.html#53 Hacker charges also an indictment on PCI, expert says
2009l.html#54 another item related to ASCII vs. EBCDIC
2009l.html#61 Hacker charges also an indictment on PCI, expert says
2009l.html#63 Does this count as 'computer' folklore?
2009l.html#68 Hacker charges also an indictment on PCI, expert says
2009m.html#0 Lawsuit seeks to pry information from banks on account breaches
2009m.html#3 Does this count as 'computer' folklore?
2009m.html#6 FBI arrests programmer for stolen software
2009m.html#9 Cyber crooks increasingly target small business accounts
2009m.html#13 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#21 The Art of Creating Strong Passwords
2009m.html#28 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#42 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#52 Online banking: Which bank is the most secure?
2009m.html#62 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
2009m.html#65 European Banks Warned: Brace for Rise in Cash Machine Fraud
2009m.html#67 European Banks Warned: Brace for Rise in Cash Machine Fraud
2009m.html#74 ATMs by the Numbers
2009n.html#8 Malware lingers months on infected PCs
2009n.html#11 Banks should share cyber crime information IT PRO
2009n.html#37 Firms failing to treat card data security seriously
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009n.html#72 Real-Time Hackers Foil Two-Factor Security
2009o.html#50 WSJ.com The Fallacy of Identity Theft
2009o.html#53 E-Banking on a Locked Down (Non-Microsoft) PC
2009o.html#71 "Rat Your Boss" or "Rats to Riches," the New SEC
2009p.html#15 Rogue security software threat will grow in 2010, warns report
2009p.html#17 U.K. lags in information security management practices
2009p.html#22 FBI: National data-breach law would help fight cybercrime
2009p.html#27 FBI: National data-breach law would help fight cybercrime
2009p.html#29 Computer Experts Deconstruct FDIC Email Scam
2009p.html#44 Nearly 500 People Fall Victim to ATM Skimming Scam
2009p.html#45 ATM machines are increasingly attractive to hackers
2009p.html#64 Failing The Sniff Test: Researchers Find New Way To Spot Fraud
2009p.html#65 Crypto dongles to secure online transactions
2009p.html#68 US retailers face $100bn in ID fraud losses a year - study
2009p.html#72 Crypto dongles to secure online transactions
2009p.html#73 The computer virus turns 26 today
2009p.html#75 What's old is new again
2009q.html#55 Crypto dongles to secure online transactions ... addenda
2009q.html#56 Crypto dongles to secure online transactions ... addenda
2009q.html#58 Cyber breaches are a closely kept secret
2009q.html#71 Trade Secrets and Confidential Information
2009r.html#71 Trade group seeks to stave off cybersecurity mandates
2009r.html#16 70 Years of ATM Innovation
2009r.html#19 Scammers scrape RAM for bank card data
2009r.html#27 New Gift Card Laws Also Benefit Terrorists
2009r.html#29 Data Breaches Show PCI DSS Ineffective
2009r.html#41 While watching Biography about Bill Gates on CNBC last Night
2009r.html#48 Strong Authentication Not Strong Enough
2009r.html#55 Verizon report goes deep inside data breach investigations
2009r.html#58 xmas card
2009r.html#71 While watching Biography about Bill Gates on CNBC last Night
2009s.html#39 Six Months Later, MasterCard Softens a Controversial PCI Rule
2009s.html#44 PCI and Network Encryption
2009s.html#48 Larrabee delayed: anyone know what's happening?
2009s.html#49 Six Months Later, MasterCard Softens a Controversial PCI Rule
2010.html#73 Korean bank Moves back to Mainframes (...no, not back)
2010.html#81 Happy DEC-10 Day
2010.html#93 Korean bank Moves back to Mainframes (...no, not back)
2010.html#97 Korean bank Moves back to Mainframes (...no, not back)
2010.html#2 Korean bank Moves back to Mainframes (...no, not back)
2010b.html#18 security and online banking
2010b.html#75 Windows plagued by 17-year-old privilege escalation bug
2010b.html#89 Remember Ed Curry!
2010c.html#32 Happy DEC-10 Day
2010c.html#33 Happy DEC-10 Day
2010c.html#34 Happy DEC-10 Day
2010c.html#37 Happy DEC-10 Day
2010c.html#60 Cybercrime Checks Into The Hotel Industry
2010c.html#61 Engineer shows how to crack a 'secure' TPM chip
2010c.html#63 who pioneered the WEB

top , by subject , technology , networking , public key , Boyd - home

Buffer overflows, overruns, exploits

99.html#70 Series/1 as NCP (was: Re: System/1 ?)
99.html#85 Perfect Code
99.html#163 IBM Assembler 101
99.html#219 Study says buffer overflow is most common security bug
ansiepay.htm#theory Security breach raises questions about Internet shopping
aadsm9.htm#cfppki10 CFP: PKI research workshop
aepay11.htm#65 E-merchants Turn Fraud-busters (somewhat related)
aadsm12.htm#16 Feasability of Palladium / TCPA
aadsm14.htm#32 An attack on paypal
aadsm14.htm#34 virus attack on banks (was attack on paypal)
aadsm14.htm#38 An attack on paypal (trivia addenda)
aadsm16.htm#1 FAQ: e-Signatures and Payments
aadsm18.htm#18 Any TLS server key compromises?
2000.html#25 Computer of the century
2000.html#30 Computer of the century
2000b.html#17 ooh, a real flamewar :)
2000b.html#22 ooh, a real flamewar :)
2000c.html#40 Domainatrix - the final word
2000g.html#50 Egghead cracked, MS IIS again
2001b.html#47 what is interrupt mask register?
2001b.html#58 Checkpoint better than PIX or vice versa???
2001c.html#32 How Commercial-Off-The-Shelf Systems make society vulnerable
2001c.html#38 How Commercial-Off-The-Shelf Systems make society vulnerable
2001d.html#58 Very CISC Instuctions (Was: why the machine word size ...)
2001i.html#54 Computer security: The Future
2001k.html#43 Why is UNIX semi-immune to viral infection?
2001l.html#49 Virus propagation risks
2001m.html#27 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
2001n.html#30 FreeBSD more secure than Linux
2001n.html#71 Q: Buffer overflow
2001n.html#72 Buffer overflow
2001n.html#76 Buffer overflow
2001n.html#84 Buffer overflow
2001n.html#90 Buffer overflow
2001n.html#91 Buffer overflow
2001n.html#93 Buffer overflow
2002.html#4 Buffer overflow
2002.html#19 Buffer overflow
2002.html#20 Younger recruits versus experienced veterans ( was Re: The demise of compa
2002.html#23 Buffer overflow
2002.html#24 Buffer overflow
2002.html#26 Buffer overflow
2002.html#27 Buffer overflow
2002.html#28 Buffer overflow
2002.html#29 Buffer overflow
2002.html#32 Buffer overflow
2002.html#33 Buffer overflow
2002.html#34 Buffer overflow
2002.html#35 Buffer overflow
2002.html#37 Buffer overflow
2002.html#38 Buffer overflow
2002.html#39 Buffer overflow
2002e.html#58 O'Reilly C Book
2002h.html#74 Where did text file line ending characters begin?
2002i.html#62 subjective Q. - what's the most secure OS?
2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation
2002m.html#8 Backdoor in AES ?
2002m.html#10 Backdoor in AES ?
2002m.html#58 The next big things that weren't
2002p.html#6 unix permissions
2003g.html#62 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
2003h.html#41 Segments, capabilities, buffer overrun attacks
2003h.html#47 Segments, capabilities, buffer overrun attacks
2003i.html#59 grey-haired assembler programmers (Ritchie's C)
2003j.html#4 A Dark Day
2003j.html#8 A Dark Day
2003j.html#20 A Dark Day
2003k.html#64 C & reliability: Was "The Incredible Shrinking Legacy"
2003l.html#2 S/360 Engineering Changes
2003n.html#14 Poor people's OS?
2003o.html#5 perfomance vs. key size
2003o.html#6 perfomance vs. key size
2003o.html#20 IS CP/M an OS?
2003o.html#25 Any experience with "The Last One"?
2003o.html#50 Pub/priv key security
2004.html#30 Threat of running a web server?
2004e.html#41 Infiniband - practicalities for small clusters
2004e.html#43 security taxonomy and CVE
2004f.html#20 Why does Windows allow Worms?
2004h.html#2 Adventure game (was:PL/? History (was Hercules))
2004j.html#28 Vintage computers are better than modern crap !
2004j.html#29 Vintage computers are better than modern crap !
2004j.html#37 Vintage computers are better than modern crap !
2004j.html#38 Vintage computers are better than modern crap !
2004j.html#46 Vintage computers are better than modern crap !
2004j.html#47 Vintage computers are better than modern crap !
2004j.html#58 Vintage computers are better than modern crap !
2004k.html#2 Linguistic Determinism
2004k.html#5 Losing colonies
2004k.html#6 Losing colonies
2004k.html#13 FAST TCP makes dialup faster than broadband?
2004l.html#21 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#40 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#41 "Perfect" or "Provable" security both crypto and non-crypto?
2004m.html#25 Shipwrecks
2004m.html#26 Shipwrecks
2004m.html#27 Shipwrecks
2004m.html#28 Shipwrecks
2004m.html#34 tracking 64bit storage
2004m.html#60 Shipwrecks
2004p.html#21 need a firewall
2004p.html#46 US-CERT Technical Cyber Security Alert TA04-336A -- another buffer overflow
2004q.html#2 [Lit.] Buffer overruns
2004q.html#3 [Lit.] Buffer overruns
2004q.html#4 [Lit.] Buffer overruns
2004q.html#5 [Lit.] Buffer overruns
2004q.html#7 [Lit.] Buffer overruns
2004q.html#8 [Lit.] Buffer overruns
2004q.html#9 [Lit.] Buffer overruns
2004q.html#10 [Lit.] Buffer overrun
2004q.html#11 [Lit.] Buffer overruns
2004q.html#12 [Lit.] Buffer overruns
2004q.html#13 [Lit.] Buffer overruns
2004q.html#14 [Lit.] Buffer overruns
2004q.html#15 [Lit.] Buffer overruns
2004q.html#17 [Lit.] Buffer overruns
2004q.html#26 [Lit.] Buffer overruns
2004q.html#28 [Lit.] Buffer overruns
2004q.html#31 Integer types for 128-bit addressing
2004q.html#35 [Lit.] Buffer overruns
2004q.html#43 [Lit.] Buffer overruns
2004q.html#47 [Lit.] Buffer overruns
2004q.html#48 [Lit.] Buffer overruns
2004q.html#50 [Lit.] Buffer overruns
2004q.html#51 [Lit.] Buffer overruns
2004q.html#74 [Lit.] Buffer overruns
2004q.html#78 [Lit.] Buffer overruns
2004q.html#80 [Lit.] Buffer overruns
2004q.html#81 [Lit.] Buffer overruns
2004q.html#82 [Lit.] Buffer overruns
2004q.html#83 [Lit.] Buffer overruns
2004q.html#84 [Lit.] Buffer overruns
2005.html#0 [Lit.] Buffer overruns
2005.html#1 [Lit.] Buffer overruns
2005.html#3 [Lit.] Buffer overruns
2005.html#8 [Lit.] Buffer overruns
2005.html#32 8086 memory space [was: The Soul of Barb's New Machine]
2005.html#51 something like a CTC on a PC
2005b.html#17 [Lit.] Buffer overruns
2005b.html#20 [Lit.] Buffer overruns
2005b.html#21 [Lit.] Buffer overruns
2005b.html#30 [Lit.] Buffer overruns
2005b.html#31 [Lit.] Buffer overruns
2005b.html#33 [Lit.] Buffer overruns
2005b.html#34 [Lit.] Buffer overruns
2005b.html#35 [Lit.] Buffer overruns
2005b.html#37 [Lit.] Buffer overruns
2005b.html#39 [Lit.] Buffer overruns
2005b.html#42 [Lit.] Buffer overruns
2005b.html#43 [Lit.] Buffer overruns
2005b.html#45 [Lit.] Buffer overruns
2005b.html#46 [Lit.] Buffer overruns
2005b.html#48 [Lit.] Buffer overruns
2005b.html#52 [Lit.] Buffer overruns
2005b.html#60 [Lit.] Buffer overruns
2005b.html#61 [Lit.] Buffer overruns
2005b.html#63 [Lit.] Buffer overruns
2005b.html#64 [Lit.] Buffer overruns
2005b.html#66 [Lit.] Buffer overruns
2005c.html#5 [Lit.] Buffer overruns
2005c.html#13 [Lit.] Buffer overruns
2005c.html#14 [Lit.] Buffer overruns
2005c.html#28 [Lit.] Buffer overruns
2005c.html#29 [Lit.] Buffer overruns
2005c.html#30 [Lit.] Buffer overruns
2005c.html#31 [Lit.] Buffer overruns
2005c.html#33 [Lit.] Buffer overruns
2005c.html#34 [Lit.] Buffer overruns
2005c.html#37 [Lit.] Buffer overruns
2005c.html#40 [Lit.] Buffer overruns
2005c.html#44 [Lit.] Buffer overruns
2005c.html#47 [Lit.] Buffer overruns
2005c.html#48 [Lit.] Buffer overruns
2005c.html#52 [Lit.] Buffer overruns
2005c.html#55 [Lit.] Buffer overruns
2005d.html#53 [Lit.] Buffer overruns
2005d.html#54 [Lit.] Buffer overruns
2005d.html#55 [Lit.] Buffer overruns
2005d.html#65 [Lit.] Buffer overruns
2005d.html#67 [Lit.] Buffer overruns
2005d.html#69 [Lit.] Buffer overruns
2005f.html#39 [Lit.] Buffer overruns
2005j.html#42 Public disclosure of discovered vulnerabilities
2005j.html#46 Public disclosure of discovered vulnerabilities
2005j.html#48 Public disclosure of discovered vulnerabilities
2005j.html#49 Public disclosure of discovered vulnerabilities
2005j.html#57 Ancient history
2005j.html#60 Ancient history
2005j.html#61 Ancient history
2005j.html#64 More on garbage
2005k.html#24 Ancient history
2005o.html#10 Virtual memory and memory protection
2005p.html#12 Is there any RFC for telnet proxy?
aadsm21.htm#6 Clearing sensitive in-memory data in perl
aadsm21.htm#9 Clearing sensitive in-memory data in perl
aadsm21.htm#10 Clearing sensitive in-memory data in perl
2005r.html#35 X68-64 buffer overflow exploits and the borrowed code chunks exploitation techniqu
2005r.html#36 X68-64 buffer overflow exploits and the borrowed code chunks exploitation technique
2005r.html#37 X68-64 buffer overflow exploits and the borrowed code chunks exploitation technique
2006c.html#27 Mount DASD as read-only
2006c.html#28 Mount DASD as read-only
2006d.html#8 IBM 610 workstation computer
2006d.html#9 IBM 610 workstation computer
aadsm23.htm#3 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006p.html#51 what's the difference between LF(Line Fee) and NL (New line) ?
2006q.html#7 Linux More Secure on System z?
aadsm25.htm#40 Why security training is really important (and it ain't anything to do with security!)
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
2006s.html#64 Is the teaching of non-reentrant HLASM coding practices ever defensible?
2006x.html#20 "The Elements of Programming Style"
2006x.html#29 "The Elements of Programming Style"
2006x.html#35 "The Elements of Programming Style"
2006y.html#15 "The Elements of Programming Style"
2007b.html#12 Special characters in passwords was Re: RACF - Password rules
2007h.html#41 Fast and Safe C Strings: User friendly C macros to Declare and use C Strings
2007l.html#11 John W. Backus, 82, Fortran developer, dies
2007l.html#18 Non-Standard Mainframe Language?
2007l.html#21 Non-Standard Mainframe Language?
2007l.html#55 Scholars needed to build a computer history bibliography
aadsm27.htm#48 If your CSO lacks an MBA, fire one of you
aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
2007o.html#50 64 gig memory
2007p.html#71 Translation of IBM Basic Assembler to C?
2007q.html#31 what does xp do when system is copying
2007r.html#57 Translation of IBM Basic Assembler to C?
2007t.html#9 How the pages tables of each segment is located
2007t.html#21 How the pages tables of each segment is located
2008d.html#58 Linux zSeries questions
2008e.html#22 Linux zSeries questions
2008e.html#49 Any benefit to programming a RISC processor by hand?
2008f.html#64 Panic in Multicore Land
2008g.html#29 CA ESD files Options
2008j.html#77 CLIs and GUIs
2008m.html#84 question for C experts - strcpy vs memcpy
2009.html#45 Security experts identify 25 coding errors
2009.html#49 The 25 Most Dangerous Programming Errors
2009.html#56 Data losses set to soar
2009d.html#17 Null References, the Billion Dollar Mistake
2009e.html#11 Lack of bit field instructions in x86 instruction set because of ?patents ?
2009g.html#18 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
2009g.html#19 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
2009n.html#38 Cybersecurity Today: The Wild, Wild West
2009o.html#81 big iron mainframe vs. x86 servers
2010c.html#65 who pioneered the WEB

top , by subject : technology , networking , public key , Boyd - home

Assurance

aadsmore.htm#client3 Client-side revocation checking capability
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#useire3 U.S. & Ireland use digital signature
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#straw AADS Strawman
aadsm2.htm#strawm2 AADS Strawman
aadsm2.htm#strawm3 AADS Strawman
aadsm3.htm#cstech4 cardtech/securetech & CA PKI
aadsm3.htm#cstech5 cardtech/securetech & CA PKI
aadsm3.htm#cstech9 cardtech/securetech & CA PKI
aadsm3.htm#cstech10 cardtech/securetech & CA PKI
aadsm3.htm#cstech12 cardtech/securetech & CA PKI
aadsm3.htm#cstech13 cardtech/securetech & CA PKI
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss8 KISS for PKIX
aadsm3.htm#kiss9 KISS for PKIX .... password/digital signature
aadsm5.htm#asrn1 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn2 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn3 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn4 assurance, X9.59, etc
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm6.htm#terror3 [FYI] Did Encryption Empower These Terrorists?
aadsm7.htm#rubberhose Rubber hose attack
aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki10 CFP: PKI research workshop
aadsm9.htm#cfppki11 CFP: PKI research workshop
aadsm10.htm#cfppki13 CFP: PKI research workshop
aadsm10.htm#cfppki18 CFP: PKI research workshop
aadsm10.htm#paiin PAIIN security glossary & taxonomy
aadsm10.htm#keygen2 Welome to the Internet, here's your private key
ansiepay.htm#breach Security breach raises questions about Internet shopping
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay3.htm#x959risk1 Risk Management in AA / draft X9.59
aepay3.htm#x959risk4 Risk Management in AA / draft X9.59
aepay4.htm#comcert3 Merchant Comfort Certificates
aepay6.htm#idf Intel Developer's Forum ... fyi
aepay6.htm#ecom some electronic commerce discussion from dcsb & IDF
aepay6.htm#cacr7 7th CACR Information Security Workshop
aepay6.htm#asrn5 assurance, X9.59, etc
aepay10.htm#22 PKI: An Insider's View
2000.html#39 "Trusted" CA - Oxymoron?
2000b.html#40 general questions on SSL certificates
2000g.html#33 does CA need the proof of acceptance of key binding?
2001.html#50 What exactly is the status of the Common Criteria
2001c.html#34 PKI and Non-repudiation practicalities
2001d.html#41 solicit advice on purchase of digital certificate
2001d.html#58 Very CISC Instuctions (Was: why the machine word size ...)
2001e.html#26 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001e.html#40 Can I create my own SSL key?
2001e.html#59 Design (Was Re: Server found behind drywall)
2001g.html#0 FREE X.509 Certificates
2001h.html#7 PKI/Digital signature doesn't work
2001h.html#16 D
2001h.html#64 Net banking, is it safe???
2001i.html#52 misc loosely-coupled, sysplex, cluster, supercomputer, & electronic commerce
2001i.html#57 E-commerce security????
2001j.html#5 E-commerce security????
2001j.html#54 Does "Strong Security" Mean Anything?
2001n.html#71 Q: Buffer overflow
2001n.html#91 Buffer overflow
2002.html#28 Buffer overflow
2002.html#29 Buffer overflow
2002.html#32 Buffer overflow
2002c.html#35 TOPS-10 logins (Was Re: HP-2000F - want to know more about it)
2002d.html#16 Mainframers: Take back the light (spotlight, that is)
2002e.html#17 Smart Cards
2002e.html#58 O'Reilly C Book
2002e.html#71 Blade architectures
2002e.html#73 Blade architectures
2002f.html#23 Computers in Science Fiction
2002f.html#24 Computers in Science Fiction
2002f.html#27 Security Issues of using Internet Banking
2002f.html#28 Security Issues of using Internet Banking
2002f.html#31 Security and e-commerce
2002h.html#68 Are you really who you say you are?
2002h.html#39 Beginner question on Security
2002j.html#55 AADS, ECDSA, and even some TCPA
aadsm12.htm#16 Feasability of Palladium / TCPA
2002k.html#11 Serious vulnerablity in several common SSL implementations?
2002k.html#43 how to build tamper-proof unix server?
2002k.html#44 how to build tamper-proof unix server?
2002l.html#5 What good is RSA when using passwords?
2002l.html#9 Moore law
2002l.html#11 IEEE article on intelligence and security
2002l.html#12 IEEE article on intelligence and security
2002l.html#23 >Moore law
2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
2002o.html#14 Home mainframes
2003.html#34 Calculating expected reliability for designed system
2003.html#37 Calculating expected reliability for designed system
2003.html#38 Calculating expected reliability for designed system
2003.html#48 InfiniBand Group Sharply, Evenly Divided
2003.html#49 InfiniBand Group Sharply, Evenly Divided
2003.html#52 SSL & Man In the Middle Attack
2003b.html#53 Microsoft worm affecting Automatic Teller Machines
2003b.html#54 Microsoft worm affecting Automatic Teller Machines
2003e.html#11 PDP10 and RISC
2003e.html#73 Security Certifications?
2003e.html#74 Security Certifications?
2003g.html#62 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
2003g.html#65 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
2003j.html#15 A Dark Day
2003j.html#25 Idea for secure login
2003j.html#30 How is a smartcard created?
2003j.html#36 CC vs. NIST/TCSEC - Which do you prefer?
2003j.html#44 Hand cranking telephones
2003j.html#45 Hand cranking telephones
aadsm14.htm#50 E-banking is board-level Issue, Says Basel Committee
aadsm14.htm#52 Committee calls for better e-banking security management
2003k.html#23 virtual machines for security
2003k.html#25 virtual machines for security
2003l.html#19 Secure OS Thoughts
2003l.html#20 Secure OS Thoughts
2003l.html#22 Secure OS Thoughts
2003l.html#26 Secure OS Thoughts
aepay12.htm#25 Cyber Security In The Financial Services Sector
aadsm15.htm#23 NCipher Takes Hardware Security To Network Level
aadsm15.htm#24 Homeland Security chief mulls SEC cybersecurity filings
2003n.html#21 Is it possible to devise a public-key cipher with no flaws?
aepay12.htm#36 DNS, yet again
2003n.html#31 hardware vs software security
aadsm15.htm#31 Electronic Safety and Soundness: A Four Piller Approach; Public Policy Issues
aadsm15.htm#34 VS: On-line signature standards (slight addenda)
aadsm15.htm#36 VS: On-line signature standards
aadsm15.htm#38FAQ: e-Signatures and Payments
aadsm15.htm#39 FAQ: e-Signatures and Payments
aadsm16.htm#1 FAQ: e-Signatures and Payments
2003o.html#15 secure delete on 3390
2003o.html#20 IS CP/M an OS?
2003o.html#44 Biometrics
2003o.html#45 Any experience with "The Last One"?
2003o.html#46 What 'NSA'?
2003o.html#50 Pub/priv key security
aadsm16.htm#8 example: secure computing kernel needed
2003p.html#4 Does OTP need authentication?
aadsm16.htm#9 example: secure computing kernel needed
2003p.html#10 Secure web logins w random passwords
aadsm16.htm#12 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
2003p.html#37 The BASIC Variations
aadsm17.htm#0 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
2004.html#30 passwords
2004.html#36 merged security taxonomy & glossary
2004.html#37 When rsa vs dsa
2004.html#38 When rsa vs dsa
2004b.html#8 Mars Rover Not Responding
2004b.html#10 Mars Rover Not Responding
2004b.html#44 Foiling Replay Attacks
2004b.html#45 Foiling Replay Attacks
2004b.html#48 Automating secure transactions
2004b.html#51 Using Old OS for Security
2004c.html#4 OS Partitioning and security
aadsm17.htm#39 The future of security
aadsm17.htm#40 The future of security
aadsm17.htm#42 Article on passwords in Wired News
2004h.html#4 Adventure game (was:PL/? History (was Hercules))
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#57 dual-use digital signature vulnerability
aadsm17.htm#59 dual-use digital signature vulnerability
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#4 dual-use digital signature vulnerability
aadsm18.htm#12 dual-use digital signature vulnerability
aadsm18.htm#13 dual-use digital signature vulnerability
2004h.html#51 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#52 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#53 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#54 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#55 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#56 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#57 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceriticates
2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#19 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#20 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#21 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#22 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#23 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
20041.html#25 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#26 /. passwords - 64 characters, changed daily?
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#29Vintage computers are better than modern crap !
2004j.html#35 A quote from Crypto-Gram
aadsm18.htm#21 RFC 3833 Threat analysis of the domain name system (DNS)
2004k.html#20 Vintage computers are better than modern crap !
2004k.html#21 Vintage computers are better than modern crap !
2004l.html#40 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#41 "Perfect" or "Provable" security both crypto and non-crypto?
2004l.html#45 "Perfect" or "Provable" security both crypto and non-crypto?
aadsm18.htm#23 public-key: the wrong model for email?
aadsm18.htm#24 public-key: the wrong model for email?
aadsm18.htm#25 public-key: the wrong model for email?
aadsm18.htm#26 public-key: the wrong model for email?
2004l.html#49 "Perfect" or "Provable" security both crypto and non-crypto?
aadsm18.htm#32 EMV cards as identity cards
aadsm18.htm#33 An interesting "new" computer security problem
aadsm18.htm#34 An interesting "new" computer security problem
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
2004m.html#25 Shipwrecks
2004m.html#26 Shipwrecks
2004m.html#27 Shipwrecks
2004m.html#28 Shipwrecks
2004m.html#29 Shipwrecks
2004m.html#30 Shipwrecks
2004m.html#31 Shipwrecks
2004m.html#33 Shipwrecks
2004m.html#41 EAL5
2004m.html#49 EAL5
2004m.html#50 EAL5
aadsm18.htm#40 Financial identity is *dangerous*? (was re: Fake companies, real money)
aadsm18.htm#41 Adding reliability and trust to smartcards
2004p.html#21 need a firewall
2004p.html#23 Systems software versus applications software definitions
2004p.html#63 Systems software versus applications software definitions
2004p.html#64 Systems software versus applications software definitions
2004q.html#1 Systems software versus applications software definitions
2004q.html#3 [Lit.] Buffer overruns
2004q.html#45 C v. Ada
2004q.html#46 [Lit.] Buffer overruns
2004q.html#47 [Lit.] Buffer overruns
2004q.html#48 [Lit.] Buffer overruns
2004q.html#50 [Lit.] Buffer overruns
2004q.html#51 [Lit.] Buffer overruns
2004q.html#52 [Lit.] Buffer overruns
2004q.html#53 [Lit.] Buffer overruns
2004q.html#57 high speed network, cross-over from sci.crypt
2004q.html#74 [Lit.] Buffer overruns
2004q.html#75 [Lit.] Buffer overruns
2004q.html#78 [Lit.] Buffer overruns
2004q.html#81 [Lit.] Buffer overruns
2004q.html#82 [Lit.] Buffer overruns
2004q.html#83 [Lit.] Buffer overruns
2004q.html#84 [Lit.] Buffer overruns
2005.html#0 [Lit.] Buffer overruns
2005.html#1 [Lit.] Buffer overruns
2005.html#3 [Lit.] Buffer overruns
2005.html#8 [Lit.] Buffer overruns
aadsm18.htm#46 Banks Test ID Device for Online Security
2005.html#10 The Soul of Barb's New Machine
2005.html#32 8086 memory space [was: The Soul of Barb's New Machine]
2005.html#46 8086 memory space
2005.html#52 8086 memory space
2005.html#53 8086 memory space
2005.html#60 8086 memory space
2005b.html#6 [Lit.] Buffer overruns
2005b.html#7 [Lit.] Buffer overruns
2005b.html#16 [Lit.] Buffer overruns
2005b.html#17 [Lit.] Buffer overruns
2005b.html#34 [Lit.] Buffer overruns
2005b.html#37 [Lit.] Buffer overruns
2005b.html#39 [Lit.] Buffer overruns
2005b.html#40 [Lit.] Buffer overruns
2005b.html#42 [Lit.] Buffer overruns
2005b.html#50 [Lit.] Buffer overruns
2005b.html#55 [Lit.] Buffer overruns
2005b.html#56 [Lit.] Buffer overruns
2005c.html#5 [Lit.] Buffer overruns
2005c.html#6 [Lit.] Buffer overruns
2005c.html#7 [Lit.] Buffer overruns
2005c.html#13 [Lit.] Buffer overruns
2005c.html#14 [Lit.] Buffer overruns
2005c.html#17 [Lit.] Buffer overruns
2005c.html#26 [Lit.] Buffer overruns
2005c.html#44 [Lit.] Buffer overruns
aadsm18.htm#47 Dell to Add Security Chip to PCs
aadsm18.htm#48 Dell to Add Security Chip to PCs
2005c.html#47 [Lit.] Buffer overruns
2005c.html#48 [Lit.] Buffer overruns
2005c.html#51 [Lit.] Buffer overruns
2005d.html#0 [Lit.] Buffer overruns
2005d.html#15 data integrity and logs
2005d.html#19 Digital signature with Javascript
2005d.html#21 Digital signature with Javascript
2005d.html#33 Thou shalt have no other gods before the ANSI C standard
2005d.html#42 Thou shalt have no other gods before the ANSI C standard
2005d.html#43 Secure design
2005d.html#46 Secure design
2005d.html#50 Secure design
2005d.html#52 Thou shalt have no other gods before the ANSI C standard
2005e.html#1 [Lit.] Buffer overruns
2005e.html#6 He Who Thought He Knew Something About DASD
aadsm19.htm#3 Do You Need a Digital ID?
aadsm19.htm#5 Do You Need a Digital ID?
aadsm19.htm#6 Do You Need a Digital ID?
2005e.html#42 xml-security vs. native security
2005e.html#51 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#52 Where should the type information be?
2005e.html#62 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005f.html#20 Some questions on smart cards (Software licensing using smart cards
2005f.html#38 Where should the type information be: in tags and descriptors
2005f.html#60 Where should the type information be: in tags and descriptors
2005f.html#61 Where should the type information be: in tags and descriptors
2005g.html#36 Maximum RAM and ROM for smartcards
2005g.html#37 MVS secure configuration standard
2005g.html#38 MVS secure configuration standard
2005g.html#40 MVS secure configuration standard
2005g.html#41 Maximum RAM and ROM for smartcards
2005g.html#51 Security via hardware?
2005g.html#53 "Best practices" or "Best implementations"?
2005g.html#54 Security via hardware?
2005g.html#57 Security via hardware?
2005h.html#16 Today's mainframe--anything to new?
2005h.html#36 Security via hardware?
aadsm19.htm#12 EuroPKI 2005 - Call for Participation
2005i.html#22 technical question about fingerprint usbkey
2005i.html#25 technical question about fingerprint usbkey
aadsm19.htm#24 Citibank discloses private information to improve security
aadsm19.htm#27 Citibank discloses private information to improve security
aadsm19.htm#32 Using Corporate Logos to Beat ID Theft
2005j.html#49 Public disclosure of discovered vulnerabilities
2005j.html#64 More on garbage
2005k.html#1 More on garbage
2005k.html#2 Ancient history
2005k.html#16 More on garbage
2005k.html#23 More on garbage
2005k.html#26 More on garbage
2005k.html#29 More Phishing scams, still no SSL being used
2005k.html#57 Secure Banking
aadsm19.htm#44 massive data theft at MasterCard processor
2005l.html#13 The Worth of Verisign's Brand
2005l.html#17 The Worth of Verisign's Brand
aadsm20.htm#21 Qualified Certificate Request
aadsm20.htm#30 How much for a DoD X.509 certificate?
2005o.html#2 X509 digital certificate for offline solution
2005o.html#3 The Chinese MD5 attack
aadsm20.htm#34 Federal Information Assurance Conference 2005, Oct 25-26
2005o.html#46 Article: The True Value of Mainframe Security
2005p.html#0 Article: The True Value of Mainframe Security
2005p.html#6 Innovative password security
2005p.html#13 One more about SYRES Sharing
aadsm21.htm#1 Is there any future for smartcards?
aadsm21.htm#3 Is there any future for smartcards?
aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
2005p.html#43 Security of Secret Algorithm encruption
2005q.html#2 Article in Information week: Mainframe Programmers Wanted
2005r.html#7 DDJ Article on "Secure" Dongle
aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket
2005r.html#39 What ever happened to Tandem and NonStop OS ?
aadsm21.htm#20 Some thoughts on high-assurance certificates
2005s.html#42 feasibility of certificate based login (PKI) w/o real smart card
2005s.html#49 phishing web sites using self-signed certs
2005s.html#52 TTP and KCM
aadsm21.htm#25Broken SSL domain name trust model
2005u.html#2 PGP Lame question
aadsm21.htm#27 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#28 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#32 NSA posts notice about faster, lighter crypto
2005u.html#27 RSA SecurID product
2005u.html#32 AMD to leave x86 behind?
aadsm21.htm#36 browser vendors and CAs agreeing on high-assurance certificates
2005u.html#37 Mainframe Applications and Records Keeping?
2005v.html#3 ABN Tape - Found
2006.html#11 Some credible documented evidence that a MVS or later op sys has ever been hacked
2006.html#33 The new High Assurance SSL Certificates
2006.html#37 The new High Assurance SSL Certificates
aadsm22.htm#17 Major Browsers and CAS announce balkanisation of Internet Security
aadsm22.htm#18 "doing the CA statement shuffle" and other dances
aadsm22.htm#19 "doing the CA statement shuffle" and other dances
2006e.html#11 Caller ID "spoofing"
aadsm22.htm#32 Meccano Trojans coming to a desktop near you
2006f.html#16 trusted repositories and trusted transactions
2006f.html#17 trusted certificates and trusted repositories
aadsm22.htm#35 4th April, 1984
aadsm22.htm#36 Unforgeable Blinded Credentials
aadsm22.htm#41 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#14 Security
2006h.html#15 Security
2006h.html#26 Security
2006h.html#31 Intel vPro Technology
2006h.html#32 Intel vPro Technology
2006h.html#33 The Pankian Metaphor
2006h.html#40 Mainframe vs. xSeries
2006h.html#42 Mainframe vs. xSeries
2006h.html#43 vPro
2006h.html#44 Mainframe vs. xSeries
aadsm23.htm#6 PGP "master keys"
aadsm23.htm#7 PGP "master keys"
2006h.html#53 Mainframe vs. xSeries
2006h.html#54 Mainframe vs. xSeries
aadsm23.htm#10 PGP "master keys"
2006i.html#3 Spoofing fingerprint scanners - NEWBIE()
aadsm23.htm#21 Reliable Connections Are Not
2006k.html#37 PDP-1
2006k.html#38 PDP-1
aadsm24.htm#11 FC++3 - Advances in Financial Cryptography, Number Three
2006m.html#34 PDP-1
aadsm24.htm#15 Apple to help Microsoft with "security neutrality"?
aadsm24.htm#16 Apple to help Microsoft with "security neutrality"?
aadsm24.htm#23 Use of TPM chip for RNG?
aadsm24.htm#28 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#36 Interesting bit of a quote
aadsm24.htm#39 Interesting bit of a quote
2006n.html#17 The System/360 Model 20 Wasn't As Bad As All That
2006n.html#20 The System/360 Model 20 Wasn't As Bad As All That
aadsm24.htm#40 Interesting bit of a quote
2006n.html#32 The System/360 Model 20 Wasn't As Bad As All That
aadsm24.htm#45 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
2006n.html#52 the more things change, the more things stay the same
aadsm24.htm#46 More Brittle Security -- Agricultur e
aadsm24.htm#47 More Brittle Security -- Agriculture
aadsm24.htm#48 more on FBI plans new Net-tapping push
2006n.html#53 the more things change, the more things stay the same
2006n.html#54 MD5 for z/OS?
aadsm24.htm#49 Crypto to defend chip IP: snake oil or good idea?
aadsm24.htm#50 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#51 Crypto to defend chip IP: snake oil or good idea?
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
2006o.html#2 the more things change, the more things stay the same
aadsm25.htm#0 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#1 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#2 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#3 Crypto to defend chip IP: snake oil or good idea?
2006o.html#9 Pa Tpk spends $30 million for "Duet" system; but benefits are unknown
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#6 Crypto to defend chip IP: snake oil or good idea?
2006o.html#20 Gen 2 EPC Protocol Approved as ISO 18000-6C
aadsm25.htm#10 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#12 Sarbanes-Oxley is what you get when you don't do FC
aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
aadsm25.htm#14 Sarbanes-Oxley is what you get when you don't do FC
aadsm25.htm#15 Sarbanes-Oxley is what you get when you don't do FC
2006p.html#13 What part of z/OS is the OS?
2006p.html#32 OT - hand-held security
2006p.html#41 Device Authentication - The answer to attacks lauched using stolen passwords?
2006p.html#43 Slow-Going For Next-Generation Threat-Scoring System
2006p.html#48 Device Authentication - The answer to attacks lauched using stolen passwords?
2006q.html#3 Device Authentication - The answer to attacks lauched using stolen passwords?
aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design
2006q.html#59 TCPA compatible smarcard readers?
aadsm25.htm#33 Mozilla moves on security
2006r.html#29 Intel abandons USEnet news
aadsm25.htm#37 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#38 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#39 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#40 Why security training is really important (and it ain't anything to do with security!)
2006s.html#9 Why not 2048 or 4096 bit RSA key issuance?
aadsm25.htm#43 Audit Follies - Atlantic differences, branding UnTrust, thunbs on Sarbanes-Oxley, alternates
aadsm25.htm#44 TPM & disk crypto
2006s.html#28 Storage Philosophy Question
2006s.html#34 Basic Question
2006s.html#64 Is the teaching of non-reentrant HLASM coding practices ever defensible?
2006t.html#5 Are there more stupid people in IT than there used to be?
2006t.html#29 Storage Philosophy Question
2006t.html#38 Vulnerability Assessment of a EAL 4 system
aadsm26.htm#2 Audit Follies - Atlantic differences, branding UnTrust, thunbs on Sarbanes-Oxley, alternates
2006u.html#36 remote support questions - curiousity
aadsm26.htm#6 Citibank e-mail looks phishy
aadsm26.htm#9 Who has a Core Competency in Security?
2006v.html#13 Who has a Core Competency in Security?
2006v.html#26 Fighting Fraudulent Transactions
2006w.html#0 Patent buster for a method that increases password security
2006y.html#8 Securing financial transactions a high priority for 2007
aadsm26.htm#17 Changing the Mantra -- RFC 4732 on rethinking DOS
2006y.html#25 "The Elements of Programming Style"
2007.html#28 Securing financial transactions a high priority for 2007
2007b.html#8 Special characters in passwords was Re: RACF - Password rules
2007b.html#30 How many 36-bit Unix ports in the old days?
2007b.html#33 security engineering versus information security
2007b.html#35 security engineering versus information security
aadsm26.htm#23 It's a Presidential Mandate, Feds use it. How come you are not using FDE?
2007c.html#1 Decoding the encryption puzzle
2007c.html#9 Decoding the encryption puzzle
2007c.html#38 Securing financial transactions a high priority for 2007
2007c.html#51 Securing financial transactions a high priority for 2007
aadsm26.htm#35 Failure of PKI in messaging
aadsm26.htm#36 New Credit Cards May Leak Personal Information
2007g.html#19 T.J. Maxx data theft worse than first reported
aadsm26.htm#44 Governance of anonymous financial services
2007g.html#61 The Perfect Computer - 36 bits?
2007g.html#63 The Perfect Computer - 36 bits?
aadsm26.htm#56 What to do about responsible disclosure?
aadsm26.htm#57 Our security sucks. Why can't we change? What's wrong with us?
aadsm26.htm#58 Our security sucks. Why can't we change? What's wrong with us?
2007i.html#20 Does anyone know of a documented case of VM being penetrated by hackers?
2007i.html#26 Latest Principles of Operation
aadsm26.htm#64 Dr Geer goes to Washington
2007i.html#66 John W. Backus, 82, Fortran developer, dies
2007j.html#55 John W. Backus, 82, Fortran developer, dies
2007j.html#67 open source voting
aadsm27.htm#9 Enterprise Right Management vs. Traditional Encryption Tools
aadsm27.htm#10 K6 again, again and again. Therefore, H6.4 -- Compromise on Security before Delivery
aadsm27.htm#13 Is this Risk Management's Waterloo?
2007k.html#50 John W. Backus, 82, Fortran developer, dies
2007k.html#53 My Dream PC -- Chip-Based
2007k.html#55 My Dream PC -- Chip-Based
aadsm27.htm#17 dnssec?
2007k.html#76 My Dream PC -- Chip-Based
2007l.html#7 John W. Backus, 82, Fortran developer, dies
2007l.html#8 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#22 A crazy thought?
2007l.html#33 John W. Backus, 82, Fortran developer, dies
2007l.html#39 My Dream PC -- Chip-Based
2007l.html#40 My Dream PC -- Chip-Based
2007l.html#42 My Dream PC -- Chip-Based
2007l.html#43 My Dream PC -- Chip-Based
2007l.html#55 Scholars needed to build a computer history bibliography
2007l.html#64 John W. Backus, 82, Fortran developer, dies
2007m.html#9 John W. Backus, 82, Fortran developer, dies
2007m.html#20 Patents, Copyrights, Profits, Flex and Hercules
aadsm27.htm#32 The bank fraud blame game
aadsm27.htm#33 The bank fraud blame game
aadsm27.htm#36 TPM, part 2
aadsm27.htm#37 The bank fraud blame game
2007n.html#77 PSI MIPS
aadsm27.htm#47 If your CSO lacks an MBA, fire one of you
aadsm27.htm#48 If your CSO lacks an MBA, fire one of you
aadsm27.htm#49 If your CSO lacks an MBA, fire one of you
aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
2007n.html#94 PCI Compliance - Encryption of all non-console administrative access
aadsm27.htm#54 Security can only be message-based?
2007o.html#4 Hypervisors May Replace Operating Systems As King Of The Data Center
2007o.html#5 The Unexpected Fact about the First Computer Programmer
aadsm27.htm#61 Linus: Security is "people wanking around with their opinions"
2007q.html#20 Hackers Attack Apps While Still in Development
2007q.html#36 what does xp do when system is copying
2007q.html#37 what does xp do when system is copying
2007r.html#21 Is the media letting banks off the hook on payment card security
2007r.html#29 The new urgency to fix online privacy
20074.html#34 Is the media letting banks off the hook on payment card security
2007s.html#17 Oddly good news week: Google announces a Caps library for Javascript
aadsm27.htm#63 Oddly good news week: Google announces a Caps library for Javascript
2007s.html#18 Oddly good news week: Google announces a Caps library for Javascript
2007s.html#55 Translation of IBM Basic Assembler to C?
2007s.html#56 Translation of IBM Basic Assembler to C?
2007s.html#64 Is the media letting banks off the hook on payment card security
2007s.html#65 Translation of IBM Basic Assembler to C?
2007t.html#8 Translation of IBM Basic Assembler to C?
2007t.html#12 Translation of IBM Basic Assembler to C?
2007t.html#48 Data Center Theft
2007u.html#47 folklore indeed
2007u.html#53 folklore indeed
2007u.html#56 folklore indeed
2007u.html#57 folklore indeed
2007u.html#62 folklore indeed
2007u.html#63 folklore indeed
2007u.html#70 folklore indeed
2007v.html#66 2007: year in review
aadsm28.htm#0 2007: year in review
2007v.html#61 Apple files patent for WGA-style anti-piracy tech
2007v.html#75 virtual appliance
2007v.html#79 folklore indeed
2007v.html#85 folklore indeed
2007v.html#86 folklore indeed
aadsm28.htm#4 Death of antivirus software imminent
aadsm28.htm#6 Death of antivirus software imminent
aadsm28.htm#7 Why Security Modelling doesn't work -- the OODA loop of today's battle
2008.html#11 Information security breaches quadrupled in 2007
aadsm28.htm#8 Death of antivirus software imminent
2008.html#14 hacked TOPS-10 monitors
aadsm28.htm#9 Death of antivirus software imminent
aadsm28.htm#11 Death of antivirus software imminent
2008.html#35 U.S. Identity Theft at Record Level in 2007
aadsm28.htm#12 #4.2 Simplicity is Inversely Proportional to the Number of Designers
2008b.html#4folklore indeed
2008b.html#5folklore indeed
2008b.html#23 Yahoo's CAPTCHA Security Reportedly Broken
2008b.html#24 folklore indeed
2008b.html#26 folklore indeed
2008b.html#39 folklore indeed
2008b.html#82 Break the rules of governance and lose 4.9 billion
2008c.html#0 folklore indeed
aadsm28.htm#16 Dutch Transport Card Broken
2008c.html#48 Data Erasure Products
aadsm28.htm#25 H2.1 Protocols Divide Naturally Into Two Parts
2008e.html#50 fraying infrastructure
2008e.html#54 news maintenance: Prison pushes
2008e.html#57 Any benefit to programming a RISC processor by hand?
2008e.html#59 independent appraisers
2008f.html#33 EPIC, Ending Piracy of Integrated Circuits
2008f.html#67 Virtualization's security threats
2008g.html#26 CA ESD files Options
2008g.html#50 CA ESD files Options
2008g.html#58 Virtualization: History repeats itself with a search for security
aadsm28.htm#63 Is Basel 2 out...Basel 3 in?
aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#73 "Designing and implementing malicious hardware"
2008h.html#76 How do you define 'privileged access'?
2008i.html#43 IT Security Statistics
2008i.html#54 Trusted (mainframe) online transactions
2008i.html#55 Is data classification the right approach to pursue a risk based information security program?
2008i.html#81 Selling Security using Prospect Theory. Or not
2008i.html#90 Certificate Purpose
2008j.html#34 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#36 The wisdom of the ill informed
2008j.html#56 WoW security: now better than most banks
2008j.html#63 CLIs and GUIs
2008j.html#64 lack of information accuracy
2008l.html#33 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#52 Payments Security in RFS
2008m.html#40 IBM--disposition of clock business
2008m.html#55 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#82 Data sharing among Industry players about frauds
2008n.html#35 Builders V. Breakers
2008n.html#36 Builders V. Breakers
2008o.html#17 what will be a wow feature in a credit card
2008q.html#13 Web Security hasn't moved since 1995
2008q.html#63 EAL5 Certification for z10 Enterprise Class Server
2008q.html#64 EAL5 Certification for z10 Enterprise Class Server
2008r.html#4 Basel Committee outlines plans to strengthen Basel II
2008r.html#18 Comprehensive security?
2008r.html#50 Security is a subset of Reliability
2008r.html#54 PCI needs to address virtualization, experts say
2008r.html#65 Did you think about Virtualization Security?
2009.html#4 Is SUN going to become x86'ed ??
2009h.html#0 China deploys secure computer operating system
2009h.html#11 China deploys secure computer operating system
2009h.html#28 Computer virus strikes US Marshals, FBI affected
2009j.html#27 Usability and security gurus agree that masked passwords should go
2009j.html#43 Usability and security gurus agree that masked passwords should go
2009j.html#46 How can we stop Credit card FRAUD?
2009j.html#51 Replace the current antiquated credit card system
2009j.html#57 How can we stop Credit card FRAUD?
2009j.html#58 Price Tag for End-to-End Encryption: $4.8 Billion, Mercator Says
2009j.html#65 Infosec As a Form of Asymmetric Warfare
2009k.html#5 Moving to the Net: Encrypted Execution for User Code on a Hosting Site
2009k.html#21 Security certificate warnings don't work, researchers say
2009l.html#20 Cyber attackers empty business accounts in minutes
2009l.html#53 Hacker charges also an indictment on PCI, expert says
2009m.html#2 Does this count as 'computer' folklore?
2009m.html#14 The Art of Creating Strong Passwords
2009m.html#23 Need new 3270 emulator: SSH, inexpensive, reliable
2009m.html#26 comp.arch has made itself a sitting duck for spam
2009m.html#48 Hacker charges also an indictment on PCI, expert says
2009m.html#49 Hacker charges also an indictment on PCI, expert says
2009m.html#51 Chip with PIN or Chip with signature
2009m.html#62 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
2009m.html#89 Audits V: Why did this happen to us ;-(
2009n.html#3 Hacker charges also an indictment on PCI, expert says
2009n.html#33 33 Years In IT/Security/Audit
2009n.html#39 Status of Arpanet/Internet in 1976?
2009n.html#52 Security
2009o.html#53 E-Banking on a Locked Down (Non-Microsoft) PC
2009o.html#54 Should SSL be enabled on every website?
2009q.html#40 Crypto dongles to secure online transactions
2009q.html#54 Crypto dongles to secure online transactions
2009q.html#59 EU agency runs rule over ID cards for online banking logins
2009q.html#71 Trade Secrets and Confidential Information
2009r.html#39 While watching Biography about Bill Gates on CNBC last Night
2009r.html#41 While watching Biography about Bill Gates on CNBC last Night
2009r.html#48 Strong Authentication Not Strong Enough
2009r.html#68 360 programs on a z/10
2009r.html#69 360 programs on a z/10
2009s.html#45 Audits VII: the future of the Audit is in your hands
2009s.html#47 Audits VII: the future of the Audit is in your hands
2010c.html#64 Happy DEC-10 Day
2010c.html#66 Happy DEC-10 Day

top , by subject : technology , networking , public key , Boyd - home

three factor authentcation

2005h.html#8 keysigning: identity checks
aadsmail.htm#perform AADS & X9.59 performance and algorithm key sizes
aadsmore.htm#bioinfo1 QC Bio-info leak?
aadsmore.htm#killer1 Killer PKI Applications
aadsmore.htm#schneier Schneier: Why Digital Signatures are not Signatures (was Re :CRYPTO-GRAM, November 15, 2000)
aadsm2.htm#architecture A different architecture? (was Re: certificate path
aadsm2.htm#pkikrb PKI/KRB
aadsm3.htm#cstech7 cardtech/securetech & CA PKI
aadsm3.htm#cstech10 cardtech/securetech & CA PKI
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm5.htm#spki3 Simple PKI
aadsm5.htm#spki4 Simple PKI
aadsm7.htm#rubberhose Rubber hose attack
aadsm7.htm#rhose12 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose13 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose14 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose15 when a fraud is a sale, Re: Rubber hose attack
aadsm8.htm#softpki8 Software for PKI
aadsm9.htm#cfppki9 CFP: PKI research workshop
aepay2.htm#privrule3 U.S. firms gird for privacy rules
aepay3.htm#x959risk2 Risk Management in AA / draft X9.59
aepay4.htm#comcert12 Merchant Comfort Certificates
aepay6.htm#pkimort2 problem with the death of X.509 PKI (forwarded)
aepay7.htm#3dsecure 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aadsm10.htm#cfppki17 CFP: PKI research workshop
aadsm10.htm#cfppki18 CFP: PKI research workshop
aadsm10.htm#bio6 biometrics
aadsm10.htm#bio7 biometrics
aadsm10.htm#keygen Welome to the Internet, here's your private key
aadsm10.htm#keygen2 Welome to the Internet, here's your private key
aadsm11.htm#5 Meaning of Non-repudiation
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#20 IBM alternative to PKI?
aadsm12.htm#0 maximize best case, worst case, or average case? (TCPA)
aadsm12.htm#42 draft-ietf-pkix-warranty-extn-01.txt
aadsm13.htm#16 A challenge
aadsm14.htm#23 Maybe It's Snake Oil All the Way Down
aadsm14.htm#32 An attack on paypal
aadsm14.htm#34 virus attack on banks (was attack on paypal)
aadsm14.htm#39 An attack on paypal
aadsm14.htm#48 basic question: semantics of "map", "tie", etc in PKI
aadsm15.htm#25 WYTM?
aadsm15.htm#32 VS: On-line signature standards
aadsm15.htm#33 VS: On-line signature standards
aadsm15.htm#34 VS: On-line signature standards (slight addenda)
aadsm15.htm#35 VS: On-line signature standards
aadsm15.htm#36 VS: On-line signature standards
aadsm15.htm#37 VS: On-line signature standards
aadsm16.htm#9 example: secure computing kernel needed
aadsm16.htm#10 Difference between TCPA-Hardware and a smart card (was: example:secure computing kernel needed)
aadsm16.htm#11 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm16.htm#12 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm16.htm#14 Non-repudiation (was RE: The PAIN mnemonic)
aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#0 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)<
aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm17.htm#23 PKI International Consortium
aadsm17.htm#34 The future of security
aadsm17.htm#42 Article on passwords in Wired News
aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#57 dual-use digital signature vulnerability
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm18.htm#7 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#32 EMV cards as identity cards
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay11.htm#53 Authentication white paper
aepay11.htm#55 FINREAD ... and as an aside
aepay11.htm#56 FINREAD was. Authentication white paper
aepay12.htm#2 Confusing business process, payment, authentication and identification
aepay12.htm#4 Confusing business process, payment, authentication and identification
99.html#160 checks (was S/390 on PowerPC?)
2000.html#57 RealNames hacked. Firewall issues.
2000c.html#2 Financial Stnadards Work group?
2000f.html#2 Why trust root CAs ?
2000f.html#65 Cryptogram Newsletter is off the wall?
2001c.html#39 PKI and Non-repudiation practicalities
2001g.html#1 distributed authentication
2001g.html#11 FREE X.509 Certificates
2001g.html#38 distributed authentication
2001g.html#62 PKI/Digital signature doesn't work
2001g.html#63 PKI/Digital signature doesn't work
2001i.html#26 No Trusted Viewer possible?
2001i.html#36 Net banking, is it safe???
2001j.html#44 Does "Strong Security" Mean Anything?
2001j.html#49 Are client certificates really secure?
2001j.html#52 Are client certificates really secure?
2001k.html#34 A thought on passwords
2001k.html#61 I-net banking security
2001n.html#57 Certificate Authentication Issues in IE and Verisign
2002c.html#7 Opinion on smartcard security requested
2002c.html#10 Opinion on smartcard security requested
2002c.html#26 economic trade off in a pure reader system
2002d.html#7 IBM Mainframe at home
2002e.html#18 Opinion on smartcard security requested
2002e.html#36 Crypting with Fingerprints ?
2002f.html#22 Biometric Encryption: the solution for network intruders?
2002h.html#6 Biometric authentication for intranet websites?
2002h.html#8 Biometric authentication for intranet websites?
2002h.html#41 Biometric authentication for intranet websites?
2002i.html#1 User 2-factor authentication on laptops
2002i.html#65 privileged IDs and non-privileged IDs
2002n.html#26 Help! Good protocol for national ID card?
2002n.html#30 Help! Good protocol for national ID card?
2002o.html#41 META: Newsgroup cliques?
2002o.html#57 Certificate Authority: Industry vs. Government
2002o.html#67 smartcard+fingerprint
2003d.html#29 SSL questions
2003h.html#29 application of unique signature
2003h.html#38 entity authentication with non-repudiation
2003i.html#1 Two-factor authentication with SSH?
2003i.html#2 Two-factor authentication with SSH?
2003i.html#35 electronic-ID and key-generation
2003j.html#25 Idea for secure login
2003m.html#49 public key vs passwd authentication?
2003m.html#51 public key vs passwd authentication?
2003m.html#52 public key vs passwd authentication?
2003n.html#17 which CPU for educational purposes?
2003o.html#29 Biometric cards will not stop identity fraud
2003o.html#44 Biometrics
2003o.html#50 Pub/priv key security
2003o.html#57 Pub/priv key security
2003p.html#17 Does OTP need authentication?
2004b.html#28 Methods of Authentication on a Corporate
2004b.html#45 Foiling Replay Attacks
2004e.html#9 Authentification classifications
2004e.html#20 Soft signatures
2004e.html#21 A POX on you, Dennis Ritchie!!!
2004f.html#8 racf
2004h.html#13 Two-factor Authentication Options?
2004h.html#14 Two-factor Authentication Options?
2004h.html#23 Basics of key authentication
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004.html#29 passwords
2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#26 /. passwords - 64 characters, changed daily?
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#13 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#37 Vintage computers are better than modern crap !
2004j.html#39 Methods of payment
2004k.html#21 Vintage computers are better than modern crap !
2004k.html#22 Public key authentication defeats passwd age warning
2004l.html#63 Actuarial facts
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
2004m.html#9 REVIEW: "Biometrics for Network Security", Paul Reid
2004m.html#23 Help! I'm trying to understand PKI - especially CA's role
2004p.html#60 Single User: Password or Certificate
2004q.html#0 Single User: Password or Certificate
2005.html#14 Using smart cards for signing and authorization in applets
2005.html#35 Do I need a certificat?
2005d.html#17 Digital signature with Javascript
2005d.html#19 Digital signature with Javascript
2005d.html#21 Digital signature with Javascript
2005d.html#32 Is a cryptographic monoculture hurting us all?
aadsm18.htm#55 MD5 collision in X509 certificates
aadsm18.htm#56 two-factor authentication problems
aadsm19.htm#0 two-factor authentication problems
aadsm19.htm#1 Do You Need a Digital ID?
aadsm19.htm#2 Do You Need a Digital ID?
aadsm19.htm#3 Do You Need a Digital ID?
2005e.html#22 PKI: the end
aadsm19.htm#4 Do You Need a Digital ID?
2005e.html#24 PKI: the end
2005e.html#25 PKI: the end
2005e.html#26 PKI: the end
aadsm19.htm#5 Do You Need a Digital ID?
aadsm19.htm#6 Do You Need a Digital ID?
2005e.html#31 Public/Private key pair protection on Windows
2005e.html#45 Actual difference between RSA public and private keys?
2005f.html#20 Some questions on smart cards (Software licensing using smart cards)
2005g.html#0 What is a Certificate?
2005g.html#8 On smartcards and card readers
2005g.html#34 Maximum RAM and ROM for smartcards
2005g.html#46 Maximum RAM and ROM for smartcards
2005g.html#47 Maximum RAM and ROM for smartcards
2005g.html#54 Security via hardware?
2005g.html#57 Security via hardware?
2005h.html#36 Security via hardware?
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#26 The Worth of Verisign's Brand
2005i.html#27 REPOST: Authentication, Authorization TO Firewall
2005i.html#28 REPOST: Authentication, Authorization TO Firewall
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#23 Citibank discloses private information to improve security
aadsm19.htm#33 Digital signatures have a big problem with meaning
2005k.html#16 More on garbage
2005l.html#29 Importing CA certificate to smartcard
2005l.html#35 More Phishing scams, still no SSL being used
2005m.html#1 Creating certs for others (without their private keys)
aadsm19.htm#46 the limits of crypto and authentication
2005m.html#37 public key authentication
2005o.html#6 X509 digital certificate for offline solution
2005o.html#17 Smart Cards?
2005p.html#2 Innovative password security
2005p.html#25 Hi-tech no panacea for ID theft woes
aadsm21.htm#5 Is there any future for smartcards?
2005p.html#32 PKI Certificate question
2005p.html#33 Digital Singatures question
aadsm21.htm#13 Contactless payments and the security challenges
2005q.html#13 IPSEC with non-domain Server
2005r.html#54 NEW USA FFIES Guidance
2005s.html#42 feasibility of certificate based login (PKI) w/o real smart card
2005s.html#52 TTP and KCM
2005t.html#22 What ever happened to Tandem and NonStop OS ?
2005t.html#27 RSA SecurID product
2005t.html#28 RSA SecurID product
2005t.html#31 Looking for Information on password systems
2005t.html#52 PGP Lame question
aadsm21.htm#27 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#26 RSA SecurID product
2005u.html#31 AMD to leave x86 behind?
2005u.html#33 PGP Lame question
2005u.html#34 PGP Lame question
2006c.html#16 X.509 and ssh
2006d.html#31 Caller ID "spoofing"
2006d.html#32 When *not* to sign an e-mail message?
2006d.html#41 Caller ID "spoofing"
2006e.html#2 When *not* to sign an e-mail message?
2006e.html#4 When *not* to sign an e-mail message?
2006e.html#10 Caller ID "spoofing"
2006e.html#30 Debit Cards HACKED now
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
2006f.html#39 X.509 and ssh
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#1 RSA Adaptive Authentication
2006g.html#38 Why are smart cards so dumb?
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#13 Security
2006h.html#33 The Pankian Metaphor
2006i.html#3 Spoofing fingerprint scanners - NEWBIE()
aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
2006i.html#25 Benefits of PKI - 5,000 nodes organization
2006k.html#0 Passwords for bank sites - change or not?
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#9 Naked Payments IV - let's all go naked
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#33 Threatwatch - 2-factor tokens attacked by phishers
aadsm24.htm#34 Phishers Defeat 2-Factor Auth
2006o.html#40 the personal data theft pandemic continues
2006p.html#32 OT - hand-held security
2006q.html#48 Smartcard reader with certificate inside the reader
aadsm25.htm#32 On-card displays
2006r.html#38 Trying to underdtand 2-factor authentication
aadsm25.htm#42 Why security training is really important (and it ain't anything to do with security!)
2006u.html#5 Are there more stupid people in IT than there used to be?
2006u.html#40 New attacks on the financial PIN processing
2006u.html#42 New attacks on the financial PIN processing
2006v.html#45 On sci.crypt: New attacks on the financial PIN processing
2006w.html#5 Patent buster for a method that increases password security
2007b.html#12 Special characters in passwords was Re: RACF - Password rules
2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
aadsm26.htm#35 Failure of PKI in messaging
2007e.html#61 Securing financial transactions a high priority for 2007
aadsm26.htm#48 Governance of anonymous financial services
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007j.html#3 John W. Backus, 82, Fortran developer, dies
2007l.html#8 John W. Backus, 82, Fortran developer, dies
2007l.html#35 My Dream PC -- Chip-Based
aadsm27.htm#23 Identity resurges as a debate topic
2007l.html#64 John W. Backus, 82, Fortran developer, dies
2007o.html#29 EZPass: Yes, Big Brother IS Watching You!
20074.html#34 Is the media letting banks off the hook on payment card security
2007s.html#12 Translation of IBM Basic Assembler to C?
2007s.html#59 Translation of IBM Basic Assembler to C?
2007s.html#62 Translation of IBM Basic Assembler to C?
2007s.html#65 Translation of IBM Basic Assembler to C?
2007u.html#5 Public Computers
2007u.html#47 folklore indeed
2008d.html#10 Toyota Sales for 2007 May Surpass GM
2008e.html#76 independent appraisers
2008f.html#49 How do OTP tokens work?
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008k.html#38 Calling Out
2008o.html#9 Homebanking authentication methods: what's being used by your bank?
2008o.html#13 What risk of possible data leakage do you see for your organization?
2008o.html#17 what will be a wow feature in a credit card
2008o.html#60 Biometric Credit cards
2008p.html#46 Would you say high tech authentication gizmo's are a waste of time/money/effort?
2008p.html#76 Multi-Factor Authentication - Moving Beyond Passwords for Security of Online Transactions
2008p.html#79 PIN entry on digital signatures + extra token
2008p.html#83 Residual Risk Methodology for Single Factor Authentication
2008q.html#7 GPG
2008r.html#65 Did you think about Virtualization Security?
2008s.html#26 Combining EMV and eID on a payment card?
2009.html#60The 25 Most Dangerous Programming Errors
2009.html#66 What's missing in security: business
2009.html#69 Double authentification for internet payment
2009.html#72 Double authentification for internet payment
2009b.html#14 question about ssh-keygen with empty passphrase
2009b.html#15 It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct
2009b.html#21 ICSF and VISA/MasterCard?amex reference list
2009e.html#2 Passwords: silly or serious?
2009h.html#69 How practically risky is it to use unsecured IMAP
2009i.html#46 64 Cores -- IBM is showing a prototype already
2009j.html#31 password safes for mac
2009j.html#51 Replace the current antiquated credit card system
2009l.html#4 Card PINs traded at two for a dollar
2009m.html#14 The Art of Creating Strong Passwords
2009m.html#51 Chip with PIN or Chip with signature
2009m.html#52 Online banking: Which bank is the most secure?
2009n.html#7 Some companies are selling the idea that you can use just a (prox) physical access badge (single factor) for logical access as acceptable
2009q.html#54 Crypto dongles to secure online transactions
2010.html#93 Korean bank Moves back to Mainframes (...no, not back)
2010c.html#59 Customers risk online banking fraud by reusing bank credentials
2010c.html#72 Users still make hacking easy with weak passwords

top , by subject : technology , networking , public key , Boyd - home

Secrets and/or Account numbers

aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay3.htm#mcomm (my) misc. additional comments on X9.59 issues.
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#passwords Passwords don't work
aepay6.htm#x959b X9.59 Electronic Payment standard issue
aepay6.htm#erictalk Announce: Eric Hughes giving Stanford EE380 talk this
aepay7.htm#ssexploit Shared-Secret exploit
aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
aepay7.htm#3dsecure 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aepay8.htm#vulner account number & shared-secret vulnerabilities
aadsm2.htm#strawm3 AADS Strawman
aadsm2.htm#pkikrb PKI/KRB
aadsm3.htm#cstech4 cardtech/securetech & CA PKI
aadsm3.htm#cstech5 cardtech/securetech & CA PKI
aadsm3.htm#cstech6 cardtech/securetech & CA PKI
aadsm3.htm#cstech8 cardtech/securetech & CA PKI
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm6.htm#websecure merchant web server security
aadsm7.htm#cryptofree Erst-Freedom: Sic Semper Political Cryptography
aadsm7.htm#rhose9 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose12 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose13 when a fraud is a sale, Re: Rubber hose attack
aadsm8.htm#softpki11 Software for PKI
aadsm8.htm#3dvulner 3D Secure Vulnerabilities?
aadsm10.htm#bio3 biometrics (addenda)
aadsm10.htm#bio7 biometrics
aadsm10.htm#bio8 biometrics (addenda)
aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai
aadsm12.htm#4 NEWS: 3D-Secure and Passport
aadsm13.htm#14 A challenge (addenda)
aadsm14.htm#1 Who's afraid of Mallory Wolf?
aadsm14.htm#4 Who's afraid of Mallory Wolf?
aadsm14.htm#26 Maybe It's Snake Oil All the Way Down
aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
aadsm14.htm#29 Maybe It's Snake Oil All the Way Down
aadsm14.htm#30 Maybe It's Snake Oil All the Way Down
aadsm14.htm#32 An attack on paypal
aadsm14.htm#33 An attack on paypal
aadsm14.htm#35 The real problem that https has conspicuously failed to fix
aadsm15.htm#21 Simple SSL/TLS - Some Questions
aadsm15.htm#26 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#36 VS: On-line signature standards
aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aepay10.htm#37 landscape & p-cards
aepay11.htm#37 Who's afraid of Mallory Wolf?
aepay11.htm#49 A More Anonymous Internet
aepay11.htm#50 Concern Grows About ID Theft
aepay11.htm#53 Authentication white paper
aepay11.htm#66 Confusing Authentication and Identiification?
aepay11.htm#72 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay12.htm#2 Confusing business process, payment, authentication and identification
aepay12.htm#4 Confusing business process, payment, authentication and identification
aepay12.htm#8 Know your security onions (or security proportional to risk)
99.html#189 Internet Credit Card Security
99.html#228 Attacks on a PKI
99.html#235 Attacks on a PKI
99.html#238 Attacks on a PKI
2000.html#39 "Trusted" CA - Oxymoron?
2000b.html#90 Question regarding authentication implementation
2000b.html#92 Question regarding authentication implementation
2000g.html#5 e-commerce: Storing Credit Card numbers safely
2000g.html#33 does CA need the proof of acceptance of key binding ?
2000g.html#49 Use of SET?
2001c.html#30 PKI and Non-repudiation practicalities
2001c.html#34 PKI and Non-repudiation practicalities
2001c.html#41 PKI and Non-repudiation practicalities
2001c.html#42 PKI and Non-repudiation practicalities
2001c.html#45 PKI and Non-repudiation practicalities
2001f.html#25 Question about credit card number
2001f.html#31 Remove the name from credit cards!
2001h.html#5 PKI/Digital signature doesn't work
2001h.html#7 PKI/Digital signature doesn't work
2001h.html#58 Net banking, is it safe???
2001i.html#9 Net banking, is it safe???
2001i.html#16 Net banking, is it safe???
2001i.html#25 Net banking, is it safe???
2001i.html#35 Net banking, is it safe???
2001i.html#36 Net banking, is it safe???
2001i.html#57 E-commerce security????
2001j.html#0 E-commerce security????
2001j.html#2 E-commerce security????
2001j.html#9 E-commerce security????
2001j.html#49 Are client certificates really secure?
2001j.html#52 Are client certificates really secure?
2001k.html#34 A thought on passwords
2001m.html#5 Smart Card vs. Magnetic Strip Market
2002c.html#7 Opinion on smartcard security requested
2002c.html#31 You think? TOM
2002e.html#18 Opinion on smartcard security requested
2002e.html#23 Opinion on smartcard security requested
2002f.html#45 Biometric Encryption: the solution for network intruders?
2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
2002j.html#18 Symmetric-Key Credit Card Protocol on Web Site
2002j.html#63 SSL integrity guarantees in abscense of client certificates
2002l.html#35 Cryptography
2002m.html#14 fingerprint authentication
2002m.html#19 A new e-commerce security proposal
2002m.html#55 Beware, Intel to embed digital certificates in Banias
2002n.html#14 So how does it work... (public/private key)
2002n.html#25 Help! Good protocol for national ID card?
2003e.html#47 Public key and the authority problem
2003i.html#1 Two-factor authentication with SSH?
2003j.html#25 Idea for secure login
2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
2003m.html#1 Password / access rights check
2003m.html#50 public key vs passwd authentication?
2003m.html#51 public key vs passwd authentication?
2003o.html#29 Biometric cards will not stop identity fraud
2004.html#29 passwords
2004f.html#13 racf
2004h.html#13 Two-factor Authentication Options?
aadsm17.htm#13 A combined EMV and ID card
aadsm17.htm#15 PKI International Consortium
aadsm17.htm#19 PKI International Consortium
aadsm17.htm#25 Single Identity. Was: PKI International Consortium
aadsm17.htm#42 Article on passwords in Wired News
aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#58 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm18.htm#18 Any TLS server key compromises?
2004m.html#9 REVIEW: "Biometrics for Network Security", Paul Reid
2005d.html#17 Digital signature with Javascript
2005g.html#0 What is a Certificate?
2005g.html#15 Good passwords and security priorities
2005g.html#33 Good passwords and security priorities
2005h.html#46 Password question
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#22 technical question about fingerprint usbkey
2005i.html#24 The Worth of Verisign's Brand
2005i.html#26 The Worth of Verisign's Brand
2005i.html#36 Improving Authentication on the Internet
aadsm19.htm#18 Citibank discloses private information to improve security
2005i.html#52 Single Password - Linux & Windows
2005j.html#42 Public disclosure of discovered vulnerabilities
2005l.html#7 Signing and bundling data using certificates
2005l.html#8 derive key from password
2005l.html#22 The Worth of Verisign's Brand
2005l.html#35 More Phishing scams, still no SSL being used
aadsm19.htm#47 the limits of crypto and authentication
2005m.html#37 public key authentication
aadsm20.htm#24 [Clips] Escaping Password Purgatory
2005o.html#0 The Chinese MD5 attack
2005o.html#1 The Chinese MD5 attack
2005o.html#17 Smart Cards?
2005p.html#2 Innovative password security
aadsm20.htm#41 Another entry in the internet security hall of shame
2005q.html#13 IPSEC with non-domain Server
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005r.html#25 PCI audit compliance
2005r.html#31 Symbols vs letters as passphrase?
2005r.html#45 Password Requirements - VM:Secure
2005r.html#53 Password Requirements - VM:Secure
2005t.html#22 What ever happened to Tandem and NonStop OS ?
2005t.html#27 RSA SecurID product
2005t.html#31 Looking for Information on password systems
2005t.html#34 RSA SecurID product
2005u.html#33 PGP Lame question
aadsm21.htm#40 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#5 long-term GPG signing key
aadsm22.htm#6 long-term GPG signing key
2006c.html#34 X.509 and ssh
2006d.html#41 Caller ID "spoofing"
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
2006h.html#13 Security
2006h.html#15 Security
2006i.html#25 Benefits of PKI - 5,000 nodes organization
2006j.html#28 Password Complexity
2006j.html#42 Passwords for bank sites - change or not?
2006j.html#52 Passwords for bank sites - change or not?
2006k.html#28 Hashes and Passwords
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
2006o.html#37 the personal data theft pandemic continues
2006p.html#32 OT - hand-held security
2006r.html#38 Trying to underdtand 2-factor authentication
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
2006t.html#40 Encryption and authentication
2006u.html#3 ssh - password control or key control?
2006u.html#5 Are there more stupid people in IT than there used to be?
2006v.html#29 User Authentication
2006v.html#44 User Authentication
2006v.html#45 On sci.crypt: New attacks on the financial PIN processing
2006v.html#46 Patent buster for a method that increases password security
2006w.html#4 Patent buster for a method that increases password security
2006w.html#5 Patent buster for a method that increases password security
2006w.html#30 Does Public Key Authentication offer additional security over SSH/SFTP
2007b.html#6 Special characters in passwords was Re: RACF - Password rules
2007b.html#10 Special characters in passwords was Re: RACF - Password rules
2007b.html#36 Special characters in passwords was Re: RACF - Password rules
2007b.html#54 Forbidding Special characters in passwords
2007d.html#12 One Time Identification, a request for comments/testing
aadsm26.htm#30 man in the middle, SSL
2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
2007d.html#42 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
2007e.html#61 Securing financial transactions a high priority for 2007
2007l.html#35 My Dream PC -- Chip-Based
2007s.html#12 Translation of IBM Basic Assembler to C?
2007s.html#59 Translation of IBM Basic Assembler to C?
2007s.html#65 Translation of IBM Basic Assembler to C?
2007u.html#15 Public Computers
2007u.html#51 folklore indeed
2007u.html#59 folklore indeed
aadsm28.htm#19 Lack of fraud reporting paths considered harmful
2008c.html#76 Neglected IT Tasks May Have Led to Bank Meltdown
2008d.html#3 Govt demands password to personal computer
2008d.html#10 Toyota Sales for 2007 May Surpass GM
2008e.html#76 independent appraisers
2008f.html#49 How do OTP tokens work?
2008f.html#54 How do OTP tokens work?
2008j.html#79 Calling Out
2008k.html#38 Calling Out
2008n.html#45 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008o.html#76 Blinkenlights
2008p.html#42 Password Rules
2008p.html#83 Residual Risk Methodology for Single Factor Authentication
2008q.html#7 GPG
2008r.html#0 ATM Skimmers: Watch Out for Electronic Theft Devices
2009.html#72 Double authentification for internet payment
2009b.html#14 question about ssh-keygen with empty passphrase
2009b.html#21 ICSF and VISA/MasterCard?amex reference list
2009b.html#61 Passport RFIDs cloned wholesale by $250 eBay auction spree
2009e.html#2 Passwords: silly or serious?
2009e.html#75 The Future Shape of Payments Is Anything But Flat
2009i.html#14 Online Banking’s Innate Security Flaws
2009i.html#68 Weak security enables credit card hacks
2009m.html#13 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#14 The Art of Creating Strong Passwords
2009r.html#55 Verizon report goes deep inside data breach investigations
2010.html#95 Korean bank Moves back to Mainframes (...no, not back)
2010c.html#59 Customers risk online banking fraud by reusing bank credentials
2010c.html#72 Users still make hacking easy with weak passwords
2010c.html#79 Customers risk online banking fraud by reusing bank credentials

top , by subject : technology , networking , public key , Boyd - home

Account Number Harvesting

ansiepay.htm#privacy more on privacy
ansiepay.htm#theory Security breach raises questions about Internet shopping
aadsmore.htm#debitfraud Debit card fraud in Canada
aepay6.htm#fraud Online Card Fraud Thirty Times That Offline
aepay6.htm#harvest harvesting of credit card numbers
aepay6.htm#harvest2 shared-secrets, CC#, & harvesting CC#
aepay6.htm#erictalk Announce: Eric Hughes giving Stanford EE380 talk this
aepay6.htm#ccfraud2 "out of control credit card fraud"
aepay6.htm#ccfraud3 "out of control credit card fraud"
aepay7.htm#nonrep0 non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep1 non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep3 non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep4 non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep5 non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep6 non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#ssexploit Shared-Secret exploit
aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
aepay8.htm#ccfraud Almost Half UK E-Shopper's Fear Card Fraud (CC fraud increased by 50% in 2k)
aepay8.htm#ccfraud2 Statistics for General and Online Card Fraud
aepay8.htm#x959paper Credit Card Fraud and E-Commerce: A Case Study
aepay9.htm#risks credit card & gift card fraud (from today's comp.risks)
aepay9.htm#skim High-tech Thieves Snatch Data From ATMs (including PINs)
aadsm5.htm#asrn4 assurance, X9.59, etc
aadsm6.htm#websecure merchant web server security
aadsm6.htm#terror7 [FYI] Did Encryption Empower These Terrorists?
aadsm6.htm#terror8 [FYI] Did Encryption Empower These Terrorists?
aadsm6.htm#terror14 [FYI] Did Encryption Empower These Terrorists? (addenda to chargebacks)
aadsm7.htm#pcards4 FW: The end of P-Cards?
aadsm7.htm#auth2 Who or what to authenticate? (addenda)
aadsm7.htm#cryptofree Erst-Freedom: Sic Semper Political Cryptography
aadsm7.htm#rubberhose Rubber hose attack
aadsm7.htm#rhose4 Rubber hose attack
aadsm7.htm#rhose5 when a fraud is a sale, Re: Rubber hose attack
aadsm8.htm#softpki16 DNSSEC (RE: Software for PKI)
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aadsm10.htm#cfppki13 CFP: PKI research workshop
aadsm10.htm#risks credit card & gift card fraud (from today's comp.risks)
aadsm10.htm#tamper Limitations of limitations on RE/tampering (was: Re: biometrics)
aadsm10.htm#bio3 biometrics (addenda)
aadsm10.htm#bio5 biometrics
aadsm10.htm#bio6 biometrics
aadsm10.htm#bio7 biometrics
aadsm11.htm#44 Web site exposes credit card fraud
aadsm11.htm#45 Web site exposes credit card fraud
aadsm12.htm#47 Online Fraud Growing in Scale, Sophistication
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm12.htm#57 eBay Customers Targetted by Credit Card Scam
aadsm12.htm#60 signing & authentication (was Credit Card Scam)
aadsm13.htm#35 How effective is open source crypto? (bad form)
aadsm14.htm#1 Who's afraid of Mallory Wolf?
aadsm14.htm#2 Who's afraid of Mallory Wolf? (addenda)
aadsm14.htm#4 Who's afraid of Mallory Wolf?
aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
aadsm14.htm#32 An attack on paypal
aadsm14.htm#34 virus attack on banks (was attack on paypal)
aadsm15.htm#2 Is cryptography where security took the wrong branch?
aadsm15.htm#5 Is cryptography where security took the wrong branch?
aadsm15.htm#21 Simple SSL/TLS - Some Questions
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#36 VS: On-line signature standards
aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm17.htm#35 Online credit card fraud rocks Indonesia
aadsm17.htm#42 Article on passwords in Wired News
aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#49 Use cash machines as little as possible
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
aepay10.htm#3 High-tech Thieves Snatch Data From ATMs (including PINs)
aepay10.htm#6 credit card & gift card fraud (from today's comp.risks)
aepay10.htm#19 Misc. payment, security, fraud, & authentication GAO reports (long posting)
aepay10.htm#25 Definese Dept Criticised on Internal Credit Card Fraud
aepay10.htm#26 Definese Dept Criticised on Internal Credit Card Fraud
aepay10.htm#38 Credit card fraud sending night-vision rifle scope to criminal
aepay10.htm#44 Credit Card Skimming Rising In The US
aepay11.htm#22 FBI Probing Theft of 8 Million Credit Card Numbers
aepay11.htm#32 Don't-Ask-Don't-Tell E-commerce
aepay11.htm#37 Who's afraid of Mallory Wolf?
aepay11.htm#49 A More Anonymous Internet
aepay11.htm#62 HIPAA, privacy, identity theft (addenda)
aepay11.htm#63 E-merchants Turn Fraud-busters
aepay12.htm#6 Know Your Enemy Automated Credit Card Fraud (automated, forwarded)
aepay12.htm#14 Technology and Crime, Criminal Intelligence Service Canada - 2003
aepay12.htm#23 Police smash UK's biggest credit card fraud ring
aepay12.htm#24 More on the ID theft saga
2001c.html#39 PKI and Non-repudiation practicalities
2001c.html#41 PKI and Non-repudiation practicalities
2001c.html#42 PKI and Non-repudiation practicalities
2001c.html#44 PKI and Non-repudiation practicalities
2001c.html#45 PKI and Non-repudiation practicalities
2001c.html#54 PKI and Non-repudiation practicalities
2001c.html#59 PKI and Non-repudiation practicalities
2001c.html#73 PKI and Non-repudiation practicalities
2001d.html#19 [Newbie] Authentication vs. Authorisation?
2001f.html#24 Question about credit card number
2001f.html#25 Question about credit card number
2001f.html#31 Remove the name from credit cards!
2001f.html#52 any 70's era supercomputers that ran as slow as today's supercomputers?
2001f.html#54 any 70's era supercomputers that ran as slow as today's supercomputers?
2001f.html#55 any 70's era supercomputers that ran as slow as today's supercomputers?
2001f.html#57 any 70's era supercomputers that ran as slow as today's supercomputers?
2001g.html#0 FREE X.509 Certificates
2001g.html#11 FREE X.509 Certificates
2001g.html#29 any 70's era supercomputers that ran as slow as today's supercomputers?
2001g.html#38 distributed authentication
2001g.html#63 PKI/Digital signature doesn't work
2001h.html#5 PKI/Digital signature doesn't work
2001h.html#7 PKI/Digital signature doesn't work
2001h.html#37 Credit Card # encryption
2001h.html#53 Net banking, is it safe???
2001h.html#58 Net banking, is it safe???
2001h.html#61 Net banking, is it safe???
2001h.html#66 UUCP email
2001h.html#67 Would this type of credit card help online shopper to feel more secure?
2001h.html#68 Net banking, is it safe???
2001h.html#70 Net banking, is it safe???
2001h.html#75 Net banking, is it safe???
2001i.html#25 Net banking, is it safe???
2001i.html#57 E-commerce security????
2001j.html#9 E-commerce security????
2001j.html#52 Are client certificates really secure?
2001k.html#34 A thought on passwords
2001m.html#4 Smart Card vs. Magnetic Strip Market
2002d.html#16 Mainframers: Take back the light (spotlight, that is)
2002d.html#41 Why?
2002d.html#42 Farm kids
2002e.html#18 Opinion on smartcard security requested
2002e.html#37 Would the value of knowledge and information be transferred or shared accurately across the different culture??????
2002f.html#10 Least folklorish period in computing (was Re: IBM Mainframe at home)
2002f.html#45 Biometric Encryption: the solution for network intruders?
2002h.html#40 [survey] Possestional Security
2002i.html#74 A Lesson In Security
2002j.html#63 SSL integrity guarantees in abscense of client certificates
2002m.html#19 A new e-commerce security proposal
2002m.html#20 A new e-commerce security proposal
2002m.html#36 (OT) acceptance of technology, was: Convenient and secure
2002o.html#56 Certificate Authority: Industry vs. Government
2002q.html#52 Big Brother -- Re: National IDs
2003b.html#27 360/370 disk drives
2003d.html#14 OT: Attaining Perfection
2003d.html#30 SSL questions
2003e.html#78 Microsoft strikes again - from comp.risks
2003h.html#24 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#25 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#45 Question about Unix "heritage"
2003j.html#60 Big Ideas, where are they now?
2003m.html#51 public key vs passwd authentication?
2003o.html#3 Bank security question (newbie question)
2003o.html#4 Bank security question (newbie question)
2003o.html#29 Biometric cards will not stop identity fraud
2003o.html#50 Pub/priv key security
2004.html#29 passwords
2004b.html#39 SSL certificates
2004b.html#50 The SOB that helped IT jobs move to India is dead!
2004b.html#55 Oldest running code
2004f.html#8 racf
2004f.html#31 MITM attacks
2004h.html#2 Adventure game (was:PL/? History (was Hercules))
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#0 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
2004k.html#22 Public key authentication defeats passwd age warning
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm18.htm#18 Any TLS server key compromises?
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#35 Credit card leaks continue at a furious pace
aadsm18.htm#45 Banks Test ID Device for Online Security
2004k.html#22 Public key authentication defeats passwd age warning
2004m.html#9 REVIEW: "Biometrics for Network Security", Paul Reid
aadsm19.htm#5 Do You Need a Digital ID?
2005c.html#51 [Lit.] Buffer overruns
2005e.html#31 Public/Private key pair protection on Windows
2005g.html#46 Maximum RAM and ROM for smartcards
2005g.html#51 Security via hardware?
2005.html#14 Using smart cards for signing and authorization in applets
2005i.html#0 More Phishing scams, still no SSL being used
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#8 More Phishing scams, still no SSL being used
2005i.html#9 More Phishing scams, still no SSL being used
2005i.html#14 The Worth of Verisign's Brand
2005i.html#36 Improving Authentication on the Internet
2005i.html#38 More Phishing scams, still no SSL being used
aadsm19.htm#13 What happened with the session fixation bug?
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#18 Citibank discloses private information to improve security
aadsm19.htm#19 "SSL stops credit card sniffing" is a correlation/causality myth
aadsm19.htm#24 Citibank discloses private information to improve security
aadsm19.htm#27 Citibank discloses private information to improve security
2005j.html#3 Request for comments - anti-phishing approach
aadsm19.htm#28 "SSL stops credit card sniffing" is a correlation/causality myth
2005j.html#10 Request for comments - anti-phishing approach
2005j.html#52 Banks
2005j.html#53 Banks
2005k.html#26 More on garbage
2005.html#31 Banks
2005k.html#32 The 8008 (was: Blinky lights WAS: The SR-71 Blackbird was designed ENTIRELYwith slide rules)
2005k.html#55 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
2005k.html#56 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
aadsm19.htm#38 massive data theft at MasterCard processor
aadsm19.htm#39 massive data theft at MasterCard processor
aadsm19.htm#40 massive data theft at MasterCard processor
2005l.html#22 The Worth of Verisign's Brand
2005l.html@23 The Worth of Verisign's Brand
2005l.html#24 The Worth of Verisign's Brand
2005l.html#35 More Phishing scams, still no SSL being used
2005l.html#36 More Phishing scams, still no SSL being used
aadsm19.htm#47 the limits of crypto and authentication
aadsm19.htm#48 Why Blockbuster looks at your ID
aadsm20.htm#1 Keeping an eye on ATM fraud
2005m.html#53 Barcode Email
2005p.html#24 Hi-tech no panacea for ID theft woes
2005.html#5 [Lit.] Buffer overruns
2005b.html#41 [Lit.] Buffer overruns
2005f.html#11 Mozilla v Firefox
2005f.html#12 Mozilla v Firefox
2005f.html#18 Is Supercomputing Possible?
2005f.html#53 Where should the type information be: in tags and descriptors
2005h.html#6 Software for IBM 360/30 (was Re: DOS/360: Forty years)
2005h.html#13 Today's mainframe--anything to new?
2005i.html#37 Secure FTP on the Mainframe
2005j.html#54 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
2005m.html#16 CPU time and system load
2005n.html#45 Anyone know whether VM/370 EDGAR is still available anywhere?
2005p.html#15 DUMP Datasets and SMS
2005p.html#34 What is CRJE
aadsm21.htm#16 PKI too confusing to prevent phishing, part 28
2005t.html#34 RSA SecurID product
2005u.html#3 PGP Lame question
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#31 AMD to leave x86 behind?
2005u.html#33 PGP Lame question
2005v.html#2 ABN Tape - Found
2005v.html#3 ABN Tape - Found
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
2006.html#11 Some credible documented evidence that a MVS or later op sys has ever been hacked
aadsm22.htm#5 long-term GPG signing key
2006c.html#35 X.509 and ssh
2006d.html#28 Caller ID "spoofing"
2006d.html#41 Caller ID "spoofing"
2006e.html#24 Debit Cards HACKED now
2006e.html#30 Debit Cards HACKED now
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
aadsm22.htm#36 Unforgeable Blinded Credentials
aadsm22.htm#44 Creativity and security
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
2006h.html#13 Security
2006h.html#15 Security
aadsm23.htm#19 Petrol firm suspends chip-and-pin
aadsm23.htm#20 Petrol firm suspends chip-and-pin
aadsm23.htm#25 Petrol firm suspends chip-and-pin
aadsm23.htm#26 Petrol firm suspends chip-and-pin
aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#28 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#30 Petrol firm suspends chip-and-pin
2006i.html#25 Benefits of PKI - 5,000 nodes organization
aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
2006k.html#0 Passwords for bank sites - change or not?
2006k.html#5 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
aadsm23.htm#54 Status of SRP
2006l.html#33 Google Architecture
aadsm24.htm#9 Naked Payments IV - let's all go naked
aadsm24.htm#10 Naked Payments IV - let's all go naked
2006m.html#24 OT - J B Hunt
aadsm24.htm#38 Interesting bit of a quote
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#5 Crypto to defend chip IP: snake oil or good idea?
2006o.html#37 the personal data theft pandemic continues
2006o.html#40 the personal data theft pandemic continues
2006p.html#32 OT - hand-held security
aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
2006t.html#40 Encryption and authentication
2006u.html#40 New attacks on the financial PIN processing
2006u.html#43 New attacks on the financial PIN processing
aadsm26.htm#6 Citibank e-mail looks phishy
2006v.html#2 New attacks on the financial PIN processing
aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
2006v.html#49 Patent buster for a method that increases password security
2006w.html#4 Patent buster for a method that increases password security
2006w.html#5 Patent buster for a method that increases password security
2006y.html#25 "The Elements of Programming Style"
2007.html#0 Securing financial transactions a high priority for 2007
2007.html#5 Securing financial transactions a high priority for 2007
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2007b.html#60 Securing financial transactions a high priority for 2007
2007c.html#6 Securing financial transactions a high priority for 2007
2007c.html#8 Securing financial transactions a high priority for 2007
2007c.html#10 Securing financial transactions a high priority for 2007
2007c.html#15 Securing financial transactions a high priority for 2007
2007c.html#43 Securing financial transactions a high priority for 2007
aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
2007d.html#10 The logic of privacy
2007e.html#61 Securing financial transactions a high priority for 2007
2007f.html#58 Securing financial transactions a high priority for 2007
2007f.html#68 Securing financial transactions a high priority for 2007
2007f.html#72 Securing financial transactions a high priority for 2007
2007f.html#75 Securing financial transactions a high priority for 2007
2007g.html#8 Securing financial transactions a high priority for 2007
2007g.html#19 T.J. Maxx data theft worse than first reported
2007g.html#20 T.J. Maxx data theft worse than first reported
2007g.html#30 T.J. Maxx data theft worse than first reported
2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#43 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#56 T.J. Maxx data theft worse than first reported
2007h.html#58 T.J. Maxx data theft worse than first reported
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007i.html#19 John W. Backus, 82, Fortran developer, dies
2007i.html#64 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#66 More Tipping Point evidence - POS vendors sued
2007j.html#3 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach
aadsm27.htm#2 Threatwatch: Still searching for the economic MITM
aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
2007k.html#53 My Dream PC -- Chip-Based
aadsm27.htm#15 307 digit number factored
2007l.html#35 My Dream PC -- Chip-Based
2007n.html#9 John W. Backus, 82, Fortran developer, dies
2007n.html#72 Poll: oldest computer thing you still use
2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
2007o.html#27 EZPass: Yes, Big Brother IS Watching You!
2007r.html#24 How to tell a fake SSL certificate from a real one
20074.html#34 Is the media letting banks off the hook on payment card security
2007s.html#10 Translation of IBM Basic Assembler to C?
2007t.html#6 Translation of IBM Basic Assembler to C?
2007u.html#10 Crypto Related Posts
2007u.html#58 folklore indeed
2008.html#31 1975 movie "Three Days of the Condor" tech stuff
2008b.html#67 Govt demands password to personal computer
aadsm28.htm#19 Lack of fraud reporting paths considered harmful
2008e.html#69 independent appraisers
aadsm28.htm#50 Liability for breaches: do we need new laws?
aadsm28.htm#52 Pogo reports: big(gest) bank breach was covered up?
2008g.html#8 Hannaford case exposes holes in law, some say
2008g.html#10 Hannaford case exposes holes in law, some say
2008g.html#27 Hannaford case exposes holes in law, some say
aadsm28.htm#53 Pogo reports: big(gest) bank breach was covered up?
aadsm28.htm#56 Signs of Liability: 'Zero Day Threat' blames IT and Security industry
aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#71 Paypal -- Practical Approaches to Phishing -- open white paper
aadsm28.htm#74 Visa and MasterCard mandated PCI compliance as of Jan 1, 2008. I would like to get a feel or opinion on this subject
aadsm28.htm#77 How safe do you feel when using a debit or credit card?
2008i.html#42 "Security Breaches"
2008i.html#101 We're losing the battle
2008j.html#37 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#79 Calling Out
2008l.html#52 Quality of IBM school clock systems?
2008n.html#38 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#54 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
2008o.html#76 Blinkenlights
2008p.html#5 Privacy, Identity theft, account fraud
2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008r.html#23 What is the level of security in payment systems (credit and bank cards) nowadays?
2008r.html#53 21 million German bank account details on black market
2008r.html#59 Stolen credit-card boom
2008s.html#1 PCI's Bob Russo: Data loss hurts brand more than a fine
2008s.html#10 Data leakage - practical measures to improve Information Governance
2008s.html#50 Perfect MITM Attacks With No-Check SSL
2009.html#7 Swedish police warn of tampered credit card terminals
2009.html#29 Data losses set to soar
2009.html#33 European Payments Council calls for action on counterfeit cards
2009.html#66 What's missing in security: business
2009b.html#6 US credit card payment house breached by sniffing malware
2009b.html#9 New Research Reveals 45% of Card Breach Victims Lose Confidence in Their Financial Accounts
009b.html#13 US credit card payment house breaches by sniffing malware
2009b.html#28 Online-Banking Authentication
2009b.html#63 Study: Data breaches continue to get more costly for businesses
2009d.html#27 Californa's Data Breach Law May Get an Update
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009e.html#21 ATMs At Risk
2009g.html#57 LexisNexis says its data was used by fraudsters
2009i.html#14 Online Banking’s Innate Security Flaws
2009i.html#20 Online Banking’s Innate Security Flaws
2009i.html#53 Merchant Groups Ask for Broad Changes in Letter to PCI's Overseer
2009i.html#68 Weak security enables credit card hacks
2009j.html#11 Is anyone aware of a system that offers three layers of security and ID protection for online purchases or even over the counter POS purchases?
2009j.html#26 Price Tag for End-to-End Encryption: $4.8 Billion, Mercator Says
2009k.html#21 Security certificate warnings don't work, researchers say
2009k.html#54 The satate of software
2009k.html#77 Cyber attackers empty business accounts in minutes
2009l.html#4 Card PINs traded at two for a dollar
2009l.html#50 Hacker charges also an indictment on PCI, expert says
2009l.html#53 Hacker charges also an indictment on PCI, expert says
2009m.html#13 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#67 European Banks Warned: Brace for Rise in Cash Machine Fraud
2010b.html#12 Korean bank Moves back to Mainframes (...no, not back)
2010c.htmL#59 Customers risk online banking fraud by reusing bank credentials
2010c.html#72 Users still make hacking easy with weak passwords

top , by subject : technology , networking , public key , Boyd - home

some mention of EU FINREAD

aepay7.htm#3dsecure 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aepay11.htm#53 Authentication white paper
aepay11.htm#54 FINREAD was. Authentication white paper
aepay11.htm#55 FINREAD ... and as an aside
aepay11.htm#56 FINREAD was. Authentication white paper
aadsm10.htm#keygen2 Welome to the Internet, here's your private key
aadsm11.htm#4 AW: Digital signatures as proof
aadsm11.htm#5 Meaning of Non-repudiation
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#23 Proxy PKI. Was: IBM alternative to PKI?
aadsm12.htm#24 Interests of online banks and their users [was Re: Cryptogram: Palladium Only for DRM]
aadsm14.htm#32 An attack on paypal
aadsm14.htm#35 The real problem that https has conspicuously failed to fix
aadsm15.htm#38 FAQ: e-Signatures and Payments
aadsm15.htm#40 FAQ: e-Signatures and Payments
aadsm16.htm#9 example: secure computing kernel needed
aadsm18.htm#0 dual-use digital signature vulnerability
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#32 EMV cards as identity cards
2001g.html#57 Q: Internet banking
2001g.html#60 PKI/Digital signature doesn't work
2001g.html#61 PKI/Digital signature doesn't work
2001g.html#62 PKI/Digital signature doesn't work
2001g.html#64 PKI/Digital signature doesn't work
2001i.html#25 Net banking, is it safe???
2001i.html#26 No Trusted Viewer possible?
2001k.html#0 Are client certificates really secure?
2001m.html#6 Smart Card vs. Magnetic Strip Market
2001m.html#9 Smart Card vs. Magnetic Strip Market
2002c.html#10 Opinion on smartcard security requested
2002c.html#21 Opinion on smartcard security requested
2002f.html#46 Security Issues of using Internet Banking
2002f.html#55 Security Issues of using Internet Banking
2002g.html#69 Digital signature
2002m.html#38 Convenient and secure eCommerce using POWF
2002n.html#13 Help! Good protocol for national ID card?
2002n.html#26 Help! Good protocol for national ID card?
2002o.html#67 smartcard+fingerprint
2003h.html#25 HELP, Vulnerability in Debit PIN Encryption security, possibly
2003h.html#29 application of unique signature
2003j.html#25 Idea for secure login
2003m.html#51 public key vs passwd authentication?
2003o.html#29 Biometric cards will not stop identity fraud
2003o.html#44 Biometrics
2004.html#29 passwords
2004i.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#1 New Method for Authenticated Public Key Exchange without Digital Certificates
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
aadsm18.htm#40 Financial identity is *dangerous*? (was re: Fake companies, real money)
aadsm18.htm#55 MD5 collision in X509 certificates
aadsm18.htm#56 two-factor authentication problems
aadsm19.htm#2 Do You Need a Digital ID?
2005e.html#31 Public/Private key pair protection on Windows
2005e.html#42 xml-security vs. native security
2005g.html#41 Maximum RAM and ROM for smartcards
2005g.html#46 Maximum RAM and ROM for smartcards
2005g.html#57 Security via hardware?
aadsm19.htm#25 Digital signatures have a big problem with meaning
aadsm19.htm#44 massive data theft at MasterCard processor
aadsm19.htm#46 the limits of crypto and authentication
2005o.html#3The Chinese MD5 attack
aadsm21.htm#3 Is there any future for smartcards?
aadsm21.htm#4 Another entry in the internet security hall of shame
aadsm21.htm#5 Is there any future for smartcards?
aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
2005u.html#0 PGP Lame question
2006g.html#40 Why are smart cards so dumb?
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#26 Security
aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#12 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
2006k.html#4 Passwords for bank sites - change or not?
2006.html#15 Passwords for bank sites - change or not?
2006k.html#46 Keylogger resistance
2006k.html#52 Keylogger resistance
aadsm23.htm#45 Status of SRP
aadsm23.htm#49 Status of SRP
2006l.html#20 Why I use a Mac, anno 2006
aadsm23.htm#53 Status of SRP
aadsm25.htm#8 smart cards with displays - at last!
aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design
2006q.html#47 Smartcard reader with certificate inside the reader
2006s.html#34 Basic Question
2006v.html#26 Fighting Fraudulent Transactions
aadsm26.htm#20 Tamperproof, yet playing Tetris
2007c.html#36 Securing financial transactions a high priority for 2007
2007c.html#44 Securing financial transactions a high priority for 2007
2007e.html#20 Securing financial transactions a high priority for 2007
2007l.html#39 My Dream PC -- Chip-Based
2007l.html#41 My Dream PC -- Chip-Based
aadsm27.htm#31 The bank fraud blame game
2007n.html#78 Poll: oldest computer thing you still use
2007t.html#22 'Man in the browser' is new threat to online banking
2007u.html#11 Public Computers
2007u.html#15 Public Computers
2007u.html#47 folklore indeed
2007u.html#67 folklore indeed
2007u.html#71 folklore indeed
2007u.html#74 folklore indeed
2007u.html#76 folklore indeed
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
aadsm28.htm#41 Trojan with Everything, To Go!
aadsm28.htm#42 Trojan with Everything, To Go!
2008j.html#57 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008l.html#33 Authentication in the e-tailer / payment gateway / customer triangle
2008o.html#2 Credit Card Security
2008o.html#9 Homebanking authentication methods: what's being used by your bank?
2008p.html#11 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#32 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008q.html#3 GPG
2009.html#34 Swedish police warn of tampered credit card terminals
2009.html#69 Double authentification for internet payment
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009l.html#2 Cyber attackers empty business accounts in minutes
2009m.html#0 Lawsuit seeks to pry information from banks on account breaches
2009m.html#4 Hacker charges also an indictment on PCI, expert says
2009m.html#49 Hacker charges also an indictment on PCI, expert says
2009n.html#3 Hacker charges also an indictment on PCI, expert says
2009n.html#72 Real-Time Hackers Foil Two-Factor Security
2009p.html#65 Crypto dongles to secure online transactions
2009r.html#48 Strong Authentication Not Strong Enough
2010b.html#21 security and online banking
2010c.html#79 Customers risk online banking fraud by reusing bank credentials

top , by subject : technology , networking , public key , Boyd - home

postings mentioning MITM attacks

aadsmail.htm#variations variations on your account-authority model (small clarification)
aadsmore.htm#pkiart Public Key Infrastructure: An Artifact...
aepay3.htm#riskm The Thread Between Risk Management and Information Security
aadsm3.htm#cstech11 cardtech/securetech & CA PKI
aepay10.htm#84 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay11.htm#37 Who's afraid of Mallory Wolf?
aepay11.htm#49 A More Anonymous Internet
aepay12.htm#36 DNS, yet again
aadsm10.htm#bio3 biometrics (addenda)
aadsm10.htm#bio7 biometrics
aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aadsm12.htm#29 Employee Certificates - Security Issues
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm13.htm#20 surrogate/agent addenda (long)
aadsm13.htm#26 How effective is open source crypto?
aadsm13.htm#35 How effective is open source crypto? (bad form)
aadsm14.htm#1 Who's afraid of Mallory Wolf?
aadsm14.htm#2 Who's afraid of Mallory Wolf? (addenda)
aadsm14.htm#3 Armoring websites
aadsm14.htm#4 Who's afraid of Mallory Wolf?
aadsm14.htm#5 Who's afraid of Mallory Wolf?
aadsm14.htm#9 "Marginot Web" (SSL, payments, etc)
aadsm14.htm#39 An attack on paypal
aadsm14.htm#43 PKI "not working"
aadsm15.htm#26 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#29 SSL, client certs, and MITM (was WYTM?)
aadsm16.htm#16 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#36 Yahoo releases internet standard draft for using DNS as public key server
aadsm18.htm#14 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#15 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#16 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#40 Financial identity is *dangerous*? (was re: Fake companies, real money)
aadsm18.htm#45 Banks Test ID Device for Online Security
aadsm18.htm#56 two-factor authentication problems
aadsm19.htm#13 What happened with the session fixation bug?
2001.html#68 California DMV
2000f.html#78 TSS ancient history, was X86 ultimate CISC? designs)
2001b.html#0 Java as a first programming language for cs students
2001c.html#63 SSL weaknesses
2001d.html#12 database (or b-tree) page sizes
2001d.html#36 solicit advice on purchase of digital certificate
2001e.html#83 The Mind of War: John Boyd and American Security
2001h.html#10 VM: checking some myths.
2001i.html#28 Proper ISA lifespan?
2001k.html#1 Are client certificates really secure?
2001m.html#5 Smart Card vs. Magnetic Strip Market
2001m.html#41 Solutions to Man in the Middle attacks?
2002b.html#10 hollow files in unix filesystems?
2002c.html#4 Did Intel Bite Off More Than It Can Chew?
2002c.html#5 Did Intel Bite Off More Than It Can Chew?
2002d.html#4 IBM Mainframe at home
2002d.html#43 Mainframers: Take back the light (spotlight, that is)
2002d.html#47 SSL MITM Attacks
2002d.html#50 SSL MITM Attacks
2002e.html#18 Opinion on smartcard security requested
2002f.html#45 Biometric Encryption: the solution for network intruders?
2002g.html#65 Real man-in-the-middle attacks?
2002h.html#11 Why did OSI fail compared with TCP-IP?
2002h.html#12 Why did OSI fail compared with TCP-IP?
2002j.html#38 MITM solved by AES/CFB - am I missing something?!
2002j.html#58 SSL integrity guarantees in abscense of client certificates
2002k.html#11 Serious vulnerablity in several common SSL implementations?
2002k.html#51 SSL Beginner's Question
2002l.html#5 What good is RSA when using passwords ?
2002m.html#65 SSL certificate modification
2002n.html#25 Help! Good protocol for national ID card?
2003.html#52 SSL & Man In the Middle Attack
2003.html#63 SSL & Man In the Middle Attack
2003.html#64 SSL & Man In the Middle Attack
2003.html#66 SSL & Man In the Middle Attack
2003b.html#1 Disk drives as commodities. Was Re: Yamhill
2003c.html#73 iso 8583
2003e.html#78 Microsoft strikes again - from comp.risks
2003f.html#25 New RFC 3514 addresses malicious network traffic
2003f.html#48 Alpha performance, why?
2003g.html#38 What is Meet In The Middle Attack
2003h.html#18 Authentication protocol
2003h.html#23 Authentication protocol
2003j.html#17 pbx security from 20 years ago
2003j.html#25 Idea for secure login
2003l.html#6 The Original Interlock Protocol (what is...)
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003l.html#37 Thoughts on Utility Computing?
2003l.html#65 Strength of RSA with known plain-text
2003m.html#0 Passwords multiply as users' rage rises
2003m.html#50 public key vs passwd authentication?
2003n.html#1 public key vs passwd authentication?
2003n.html#3 public key vs passwd authentication?
2003n.html#3 public key vs passwd authentication?
2003n.html#10 Cracking SSL
2003n.html#30 Is this right? Question about SSL and PKI
2003o.html#3 Bank security question (newbie question)
2003o.html#4 Bank security question (newbie question)
2003o.html#8 Bank security question (newbie question)
2003o.html#22 securID weakness
2003p.html#4 Does OTP need authentication?
2003p.html#6 Does OTP need authentication?
2003p.html#10 Secure web logins w random passwords
2003p.html#17 Does OTP need authentication?
2003p.html#20 Dumb anti-MITM hacks / CAPTCHA application
2004b.html#45 Foiling Replay Attacks
2004c.html#61 IBM 360 memory
2004f.html#31 MITM attacks
2004f.html#33 MITM attacks
2004f.html#36 MITM attacks
2004g.html#22 Infiniband - practicalities for small clusters
2004h.html#52 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#53 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#55 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#57 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#0 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#37 Vintage computers are better than modern crap !
2004k.html#21 Vintage computers are better than modern crap !
2004n.html#35 Shipwrecks
2005c.html#51 [Lit.] Buffer overruns
2005g.html#13 What is a Certificate?
2005i.html#50 XOR passphrase with a constant
aadsm19.htm#20 Citibank discloses private information to improve security
aadsm19.htm#21 Citibank discloses private information to improve security
aadsm19.htm#26 Trojan horse attack involving many major Israeli companies, executives
aadsm19.htm#27 Citibank discloses private information to improve security
aadsm19.htm#44 massive data theft at MasterCard processor
2005l.html#17 The Worth of Verisign's Brand
2005l.html#19 Bank of America - On Line Banking *NOT* Secure?
2005l.html#21 The Worth of Verisign's Brand
2005m.html#0 simple question about certificate chains
2005m.html#37 public key authentication
aadsm20.htm#17 the limits of crypto and authentication
aadsm20.htm#24 [Clips] Escaping Password Purgatory
aadsm20.htm#32 How many wrongs do you need to make a right?
2005t.html#28 RSA SecurID product
2005u.html#9 PGP Lame question
aadsm21.htm#31 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
2006c.html#36 Secure web page?
2006d.html#26 Caller ID "spoofing"
2006d.html#28 Caller ID "spoofing"
2006d.html#41 Caller ID "spoofing"
2006e.html#3 When *not* to sign an e-mail message?
aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#29 Meccano Trojans coming to a desktop near you
aadsm22.htm#38 Creativity and security
aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
2006h.html#13 Security
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#18 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#19 Petrol firm suspends chip-and-pin
aadsm23.htm#28 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#26 Naked Payments IV - let's all go naked
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#43 DDA cards may address the UK Chip&Pin woes
2006o.html#16 Gen 2 EPC Protocol Approved as ISO 18000-6C
aadsm25.htm#8 smart cards with displays - at last!
2006o.html#40 the personal data theft pandemic continues
2006o.html#47 the personal data theft pandemic continues
aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
2006p.html#7 SSL, Apache 2 and RSA key sizes
aadsm25.htm#25 RSA SecurID SID800 Token vulnerable by design
2006q.html#48 Smartcard reader with certificate inside the reader
aadsm25.htm#42 Why security training is really important (and it ain't anything to do with security!)
2006u.html#3 ssh - password control or key control?
2006u.html#4 ssh - password control or key control?
aadsm26.htm#5 ATMs hacked using MP3 player
2006v.html#45 On sci.crypt: New attacks on the financial PIN processing
2006v.html#49 Patent buster for a method that increases password security
2006w.html#4 Patent buster for a method that increases password security
aadsm26.htm#20 Tamperproof, yet playing Tetris
2007b.html#53 Forbidding Special characters in passwords
2007b.html#54 Forbidding Special characters in passwords
2007c.html#3 "New Universal Man-in-the-Middle Phishing Kit"
2007c.html#32 Securing financial transactions a high priority for 2007
aadsm26.htm#26 man in the middle, SSL
aadsm26.htm#27 man in the middle, SSL ... addenda
aadsm26.htm#28 man in the middle, SSL
2007d.html#26 Securing financial transactions a high priority for 2007
aadsm26.htm#30 man in the middle, SSL
2007d.html#31 man in the middle, SSL ... addenda 2
2007e.html#20 Securing financial transactions a high priority for 2007
2007e.html#24 Securing financial transactions a high priority for 2007
2007e.html#26 Securing financial transactions a high priority for 2007
2007f.html#31 Is that secure :
aadsm26.htm#47 SSL MITM-attacks make the news
aadsm26.htm#56 Threatwatch: MITB spotted: MITM over SSL from within the browser
2007i.html#74 public key password authentication
2007j.html#3 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#2 Threatwatch: Still searching for the economic MITM
2007k.html#79 John W. Backus, 82, Fortran developer, dies
2007n.html#71 Poll: oldest computer thing you still use <
aadsm27.htm#44 Threatwatch: how much to MITM, how quickly, how much lost
2007q.html#29 what does xp do when system is copying
2007q.html#31 what does xp do when system is copying
2007r.html#12 How to tell a fake SSL certificate from a real one
2007r.html#63 Translation of IBM Basic Assembler to C?
2007t.html#22 'Man in the browser' is new threat to online banking
2007u.html#55 folklore indeed
aadsm27.htm#65 MITM spotted in Tor
aadsm28.htm#36 Say it ain't so? MITM protection on SSH shows its paces
2008n.html#100 Wachovia Bank web site
2008o.html#9 Homebanking authentication methods: what's being used by your bank?
2008q.html#72 https question
2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
2008s.html#50 Perfect MITM Attacks With No-Check SSL
2008s.html#76 Boffins bust web authentication with game consoles
2009.html#35 Perfect MITM Attacks With No-Check SSL Certs
2009c.html#60 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009c.html#63 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009f.html#14 SSL: Broken Even More
2009j.html#57 How can we stop Credit card FRAUD?

top , by subject : technology , networking , public key , Boyd - home

postings mentioning (counterfeit) YES CARDS

aadsm15.htm#25 WYTM?
aadsm17.htm#13 A combined EMV and ID card
aadsm17.htm#25 Single Identity. Was: PKI International Consortium
aadsm17.htm#42 Article on passwords in Wired News
aadsm18.htm#20 RPOW - Reusable Proofs of Work
aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#29 Meccano Trojans coming to a desktop near you
aadsm22.htm#33 Meccano Trojans coming to a desktop near you
aadsm22.htm#34 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#20 Petrol firm suspends chip-and-pin
aadsm23.htm#25 Petrol firm suspends chip-and-pin
aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#30 Petrol firm suspends chip-and-pin
aadsm23.htm#43 Spring is here - that means Pressed Flowers
aadsm23.htm#55 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#0 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
aadsm24.htm#7 Naked Payments IV - let's all go naked
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm24.htm#9 Naked Payments IV - let's all go naked
aadsm24.htm#12 Naked Payments IV - let's all go naked
aadsm24.htm#14 Naked Payments IV - let's all go naked
aadsm24.htm#21 Use of TPM chip for RNG?
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#29 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#43 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#9 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
2003o.html#37 Security of Oyster Cards
2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
2004j.html#12 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#13 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
2004j.html#35 A quote from Crypto-Gram
2004j.html#39 Methods of payment
2004j.html#44 Methods of payment
2005u.html#13 AMD to leave x86 behind?
2006d.html#31 Caller ID "spoofing"
2006e.html#3 When *not* to sign an e-mail message?
2006k.html#0 Passwords for bank sites - change or not?
2006l.html#27 Google Architecture
2006l.html#32 Google Architecture
2006l.html#33 Google Architecture
2006o.html#40 the personal data theft pandemic continues
2006o.html#47 the personal data theft pandemic continues
2006p.html#32 OT - hand-held security
2006q.html#5 Materiel and graft
2006q.html#48 Smartcard reader with certificate inside the reader
2006r.html#28 Greatest Software Ever Written?
aadsm25.htm#33 Mozilla moves on security
2006r.html#38 Trying to underdtand 2-factor authentication
aadsm25.htm#42 Why security training is really important (and it ain't anything to do with security!)
2006u.html#12 Are there more stupid people in IT than there used to be?
aadsm26.htm#4 Citibank e-mail looks phishy
2006v.html#45 On sci.crypt: New attacks on the financial PIN processing
2006w.html#0 Patent buster for a method that increases password security
2006w.html#4 Patent buster for a method that increases password security
2006y.html#7 Securing financial transactions a high priority for 2007
2007.html#0 Securing financial transactions a high priority for 2007
2007.html#17 SSL info
aadsm26.htm#20 Tamperproof, yet playing Tetris
aadsm26.htm#21 FC07 Preliminary Programme - Leaving Room for the Bad Guys
aadsm26.htm#22 Tamperproof, yet playing Tetris
2007b.html#8 Special characters in passwords was Re: RACF - Password rules
aadsm26.htm#23 It's a Presidential Mandate, Feds use it. How come you are not using FDE?
2007b.html#64 Securing financial transactions a high priority for 2007
2007c.html#28 Securing financial transactions a high priority for 2007
2007c.html#36 Securing financial transactions a high priority for 2007
2007d.html#26 Securing financial transactions a high priority for 2007
2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
2007d.html#68 Securing financial transactions a high priority for 2007
2007d.html#70 Securing financial transactions a high priority for 2007
2007e.html#20 Securing financial transactions a high priority for 2007
2007e.html#24 Securing financial transactions a high priority for 2007
2007e.html#61 Securing financial transactions a high priority for 2007
2007f.html#75 Securing financial transactions a high priority for 2007
2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
2007l.html#35 My Dream PC -- Chip-Based
aadsm27.htm#38 The bank fraud blame game
aadsm27.htm#42 The bank fraud blame game
aadsm27.htm#52 more on firing your MBA-less CSO
2007q.html#34 what does xp do when system is copying
2007q.html#73 Value of SSL client certificates?
20074.html#34 Is the media letting banks off the hook on payment card security
2007s.html#10 Translation of IBM Basic Assembler to C?
2007s.html#11 Translation of IBM Basic Assembler to C?
2007u.html#15 Public Computers
2007u.html#51 folklore indeed
2007u.html#60 folklore indeed
aadsm28.htm#1 2008: The year of hack the vote?
2008c.html#59 Govt demands password to personal computer
2008d.html#84 The hands-free way to steal a credit card
2008e.html#34 The hands-free way to steal a credit card
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
2008e.html#69 independent appraisers
2008g.html#10 Hannaford case exposes holes in law, some say
2008j.html#33 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008m.html#0 Fraud due to stupid failure to test for negative
2008m.html#5 Fraud due to stupid failure to test for negative
2008n.html#45 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#48 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#90 Credit Card Security
2008o.html#2 Credit Card Security
2008o.html#40 Signposts on the US Government's Trail of IT Failures
2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
2008p.html#11 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2009.html#10 Swedish police warn of tampered credit card terminals
2009.html#11 Swedish police warn of tampered credit card terminals
2009.html#33 European Payments Council calls for action on counterfeit cards
2009.html#34 Swedish police warn of tampered credit card terminals
2009.html#72 Double authentification for internet payment
2009b.html#21 ICSF and VISA/MasterCard?amex reference list
2009b.html#61 Passport RFIDs cloned wholesale by $250 eBay auction spree
2009c.html#56 Why use RFID in personal documents & cards at all?
2009e.html#75 The Future Shape of Payments Is Anything But Flat
2009f.html#7 An interesting take on Verified by Visa Policy
2009f.html#61 Halifax faces legal challenge on chip-and-pin security
2009g.html#28 Halifax faces legal challenge on chip-and-pin security
2009j.html#29 Price Tag for End-to-End Encryption: $4.8 Billion, Mercator Says
2009l.html#61 Hacker charges also an indictment on PCI, expert says
2009l.html#64 Hacker charges also an indictment on PCI, expert says
2009l.html#68 Hacker charges also an indictment on PCI, expert says
2009m.html#21 The Art of Creating Strong Passwords
2009m.html#45 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009p.html#44 Nearly 500 People Fall Victim to ATM Skimming Scam
2009q.html#40 Crypto dongles to secure online transactions
2009q.html#54 Crypto dongles to secure online transactions
2009q.html#55 Crypto dongles to secure online transactions ... addenda
2009q.html#56 Crypto dongles to secure online transactions ... addenda
2009r.html#4 70 Years of ATM Innovation
2009r.html#41 While watching Biography about Bill Gates on CNBC last Night
2010.html#71 Korean bank Moves back to Mainframes (...no, not back)
2010.html#72 Korean bank Moves back to Mainframes (...no, not back)
2010.html#73 Korean bank Moves back to Mainframes (...no, not back)
2010.html#93 Korean bank Moves back to Mainframes (...no, not back)
2010.html#95 Korean bank Moves back to Mainframes (...no, not back)
2010.html#97 Korean bank Moves back to Mainframes (...no, not back)
2010c.html#79 Customers risk online banking fraud by reusing bank credentials

Naked Transaction Metaphor

https://financialcryptography.com/mt/archives/000745.html Naked Payments I - New ISO standard for payments security - the Emperor's new clothes?
https://financialcryptography.com/mt/archives/000744.html Naked Payments II - uncovering alternates, merchants v. issuers, Brits bungle the risk, and just what are MBAs good for?
https://financialcryptography.com/mt/archives/000747.html Naked Payments III - the well-dressed bank
https://financialcryptography.com/mt/archives/000749.html Naked Payments IV - let's all go naked
aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
aepay7.htm#netsecure some recent threads on netbanking & e-commerce security
aadsm6.htm#websecure merchant web server security
aadsm6.htm#pcards The end of P-Cards?
aadsm7.htm#rubberhose Rubber hose attack
aadsm8.htm#rhose17 [Fwd: Re: when a fraud is a sale, Re: Rubber hose attack]
aadsm9.htm#carnivore3 Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aepay10.htm#20 Security Proportional to Risk (was: IBM Mainframe at home)
aepay11.htm#50 Concern Grows About ID Theft
aepay12.htm#8 Know your security onions (or security proportional to risk)
aadsm10.htm#cfppki13 CFP: PKI research workshop
aadsm10.htm#cfppki16 CFP: PKI research workshop
aadsm10.htm#tamper Limitations of limitations on RE/tampering (was: Re: biometrics)
aadsm12.htm#14 Challenge to TCPA/Palladium detractors
aadsm12.htm#15 Challenge to TCPA/Palladium detractors
aadsm12.htm#18 Overcoming the potential downside of TCPA
aadsm12.htm#42 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm12.htm#57 eBay Customers Targetted by Credit Card Scam
aadsm12.htm#60 signing & authentication (was Credit Card Scam)
aadsm14.htm#3 Armoring websites
aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
aadsm14.htm#33 An attack on paypal
aadsm15.htm#5 Is cryptography where security took the wrong branch?
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm17.htm#22 secret hackers to aid war on internet fraud
aadsm17.htm#32 visa cards violated, BofA reissuing after hack attack
aadsm17.htm#38 Study: ID theft usually an inside job
aadsm17.htm#42 Article on passwords in Wired News
aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#35 Credit card leaks continue at a furious pace
aadsm18.htm#45 Banks Test ID Device for Online Security
aadsm18.htm#46 Banks Test ID Device for Online Security
aadsm19.htm#13 What happened with the session fixation bug?
aadsm19.htm#15 Loss Expectancy in NPV calculations
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#19 "SSL stops credit card sniffing" is a correlation/causality myth
aadsm19.htm#25 Digital signatures have a big problem with meaning
aadsm19.htm#45 payment system fraud, etc
aadsm19.htm#47 the limits of crypto and authentication
aadsm20.htm#12 the limits of crypto and authentication
aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket
aadsm21.htm#27 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#5 long-term GPG signing key
aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#36 Unforgeable Blinded Credentials
aadsm23.htm#9 PGP "master keys"
aadsm23.htm#26 Petrol firm suspends chip-and-pin
aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#31 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#54 Status of SRP
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
aadsm24.htm#7 Naked Payments IV - let's all go naked
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm24.htm#9 Naked Payments IV - let's all go naked
aadsm24.htm#10 Naked Payments IV - let's all go naked
aadsm24.htm#12 Naked Payments IV - let's all go naked
aadsm24.htm#14 Naked Payments IV - let's all go naked
aadsm24.htm#21 Use of TPM chip for RNG?
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm24.htm#26 Naked Payments IV - let's all go naked
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#37 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#38 Interesting bit of a quote
aadsm24.htm#41 Naked Payments IV - let's all go naked
aadsm24.htm#42 Naked Payments II - uncovering alternates, merchants v. issuers, Brits bungle the risk, and just what are MBAs good for?
aadsm24.htm#43 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#46 More Brittle Security -- Agriculture
aadsm25.htm#1 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#2 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#4 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#9 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#10 Crypto to defend chip IP: snake oil or good idea?
aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm25.htm#21 Identity v. anonymity -- that is not the question
aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#28 WESII - Programme - Economics of Securing the Information Infrastructure
aadsm25.htm#33 Mozilla moves on security
aadsm25.htm#38 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#39 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
aadsm26.htm#6 Citibank e-mail looks phishy
aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
aadsm26.htm#13 Who has a Core Competency in Security?
aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
aadsm26.htm#25 EV - what was the reason, again?
aadsm26.htm#54 What to do about responsible disclosure?
aadsm26.htm#58 Our security sucks. Why can't we change? What's wrong with us?
2001i.html#53 Credit Card # encryption
2001i.html#57 E-commerce security????
2001j.html#2 E-commerce security????
2001j.html#5 E-commerce security????
2001j.html#44 Does "Strong Security" Mean Anything?
2001k.html#55 I-net banking security
2001l.html#2 Why is UNIX semi-immune to viral infection?
2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
2002e.html#62 Computers in Science Fiction
2002f.html#10 Least folklorish period in computing (was Re: IBM Mainframe at home)
2002f.html#23 Computers in Science Fiction
2002f.html#28 Security Issues of using Internet Banking
2002f.html#35 Security and e-commerce
2002i.html#72 A Lesson In Security
2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
2002j.html#63 SSL integrity guarantees in abscense of client certificates
2002k.html#44 how to build tamper-proof unix server?
2002l.html#11 IEEE article on intelligence and security
2002l.html#20 Backdoor in AES ?
2002m.html#14 fingerprint authentication
2002m.html#19 A new e-commerce security proposal
2002m.html#55 Beware, Intel to embed digital certificates in Banias
2002n.html#14 So how does it work... (public/private key)
2002n.html#26 Help! Good protocol for national ID card?
2002o.html#56 Certificate Authority: Industry vs. Government
2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
2003m.html#11 AES-128 good enough for medical data?
2003m.html#51 public key vs passwd authentication?
2003n.html#25 Are there any authentication algorithms with runtime changeable
2004.html#29 passwords
2004b.html#25 Who is the most likely to use PK?
2004b.html#39 SSL certificates
2004b.html#48 Automating secure transactions
2004b.html#50 The SOB that helped IT jobs move to India is dead!
2004f.html#8 racf
2004f.html#36 MITM attacks
2004m.html#9 REVIEW: "Biometrics for Network Security", Paul Reid
2004m.html#28 Shipwrecks
2005f.html#60 Where should the type information be: in tags and descriptors
2005g.html#51 Security via hardware?
2005g.html#54 Security via hardware?
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#36 Improving Authentication on the Internet
2005j.html#53 Banks
2005k.html#23 More on garbage
2005k.html#26 More on garbage
2005l.html#22 The Worth of Verisign's Brand
2005o.html#2 X509 digital certificate for offline solution
2005p.html#6 Innovative password security
2005p.html#24 Hi-tech no panacea for ID theft woes
2005r.html#7 DDJ Article on "Secure" Dongle
2005t.html#34 RSA SecurID product
2005u.html#3 PGP Lame question
2005u.html#33 PGP Lame question
2005v.html#4 ABN Tape - Found
2006c.html#34 X.509 and ssh
2006d.html#26 Caller ID "spoofing"
2006e.html#26 Debit Cards HACKED now
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
2006h.html#15 Security
2006k.html#4 Passwords for bank sites - change or not?
2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
2006l.html#57 DEC's Hudson fab
2006m.html#15 OpenSSL Hacks
2006n.html#32 The System/360 Model 20 Wasn't As Bad As All That
2006o.html#16 Gen 2 EPC Protocol Approved as ISO 18000-6C
2006o.html#35 the personal data theft pandemic continues
2006p.html#8 SSL, Apache 2 and RSA key sizes
2006p.html#9 New airline security measures in Europe
2006p.html#18 19,000 Accounts Compromised
2006q.html#5 Materiel and graft
2006r.html#1 Greatest Software Ever Written?
2006r.html#29 Intel abandons USEnet news
2006s.html#5 Why not 2048 or 4096 bit RSA key issuance?
2006t.html#5 Are there more stupid people in IT than there used to be?
2006t.html#40 Encryption and authentication
2006u.html#43 New attacks on the financial PIN processing
2006v.html#2 New attacks on the financial PIN processing
2006v.html#39 On sci.crypt: New attacks on the financial PIN processing
2006v.html#49 Patent buster for a method that increases password security
2006y.html#8 Securing financial transactions a high priority for 2007
2006y.html#25 "The Elements of Programming Style"
2007b.html#8 Special characters in passwords was Re: RACF - Password rules
2007b.html#33 security engineering versus information security
2007b.html#60 Securing financial transactions a high priority for 2007
2007c.html#6 Securing financial transactions a high priority for 2007
2007c.html#8 Securing financial transactions a high priority for 2007
2007c.html#9 Decoding the encryption puzzle
2007c.html#10 Securing financial transactions a high priority for 2007
2007c.html#11 Decoding the encryption puzzle
2007c.html#26 Securing financial transactions a high priority for 2007
2007c.html#27 Securing financial transactions a high priority for 2007
2007c.html#37 Securing financial transactions a high priority for 2007
2007c.html#38 Securing financial transactions a high priority for 2007
2007c.html#40 Point-of-Sale security
2007c.html#44 Securing financial transactions a high priority for 2007
2007d.html#57 Which is the Fastest (Secure) Way to Exchange 256-bit Keys?
2007e.html#2 Securing financial transactions a high priority for 2007
2007e.html#26 Securing financial transactions a high priority for 2007
2007f.html#31 Is that secure : 2007f.html#36 Silly beginner questions
2007f.html#68 Securing financial transactions a high priority for 2007
2007f.html#75 Securing financial transactions a high priority for 2007
2007g.html#20 T.J. Maxx data theft worse than first reported
2007h.html#22 sizeof() was: The Perfect Computer - 36 bits?
2007i.html#74 public key password authentication
aadsm26.htm#65 Public key encrypt-then-sign or sign-then-encrypt?
aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach
aadsm27.htm#15 307 digit number factored
aadsm27.htm#15 307 digit number factored
2007k.html#76 My Dream PC -- Chip-Based
2007l.html#35 My Dream PC -- Chip-Based
2007m.html#9 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#29 A secure Internet requires a secure network protocol
2007n.html#9 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#31 The bank fraud blame game
2007n.html#50 WindowsMonitor or CUSP?
2007n.html#70 Poll: oldest computer thing you still use
aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
aadsm27.htm#52 more on firing your MBA-less CSO
2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
2007q.html#11 what does xp do when system is copying
2007q.html#73 Value of SSL client certificates?
2007r.html#21 Is the media letting banks off the hook on payment card security
2007r.html#32 Is the media letting banks off the hook on payment card security
20074.html#34 Is the media letting banks off the hook on payment card security
2007r.html#35 Is the media letting banks off the hook on payment card security
2007s.html#16 The new urgency to fix online privacy
2007t.html#6 Translation of IBM Basic Assembler to C?
2007t.html#20 UK Retail Giant Breached by Insider
2007t.html#22 'Man in the browser' is new threat to online banking
2007t.html#28 'Man in the browser' is new threat to online banking
2007t.html#61 Crypto Related Posts
2007u.html#67 folklore indeed
2007u.html#71 folklore indeed
2007u.html#76 folklore indeed
2007v.html#74 folklore indeed
2007v.html#97 folklore indeed
2008.html#8 folklore indeed
2008.html#9 folklore indeed
aadsm28.htm#5 Why Security Modelling doesn't work -- the OODA loop of today's battle
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
2008e.html#66 independent appraisers
aadsm28.htm#41 Trojan with Everything, To Go!
aadsm28.htm#42 Trojan with Everything, To Go!
2008g.html#17 Hannaford breach illustrates dangerous compliance mentality
2008g.html#28 Hannaford case exposes holes in law, some say
2008h.html#4 You won't guess who's the bad guy of ID theft
aadsm28.htm#56 Signs of Liability: 'Zero Day Threat' blames IT and Security industry
aadsm28.htm#71 Paypal -- Practical Approaches to Phishing -- open white paper
2008i.html#24 Credit Card Fraud
2008j.html#33 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#39 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
2008o.html#70 What happened in security over the last 10 years?
2008o.html#76 Blinkenlights
2008p.html#5 Privacy, Identity theft, account fraud
2008r.html#53 21 million German bank account details on black market
2008s.html#10 Data leakage - practical measures to improve Information Governance
2009e.html#21 ATMs At Risk
2009r.html#29 Data Breaches Show PCI DSS Ineffective
2009s.html#47 Audits VII: the future of the Audit is in your hands
2010b.html#12 Korean bank Moves back to Mainframes (...no, not back)
2010b.html#15 security and online banking

(other) Postings by various subjects

360/370 m'code
First 360 PCM/OEM Controller
Misc. 545 Tech Sq and Cambridge Science Center
Disk Engineering
Performance and/or Scheduling
Cluster, High Availability and/or Loosely-Coupled
APL and/or HONE
Memory Mapping & File System
Multiprocessor, tightly-coupled, SMP, compare&swap
Working Set, LRU, WSClock Page Replacement Algorithm
Misc. subthreads
801 &/or ROMP
Backup, storage management
Benchmarking, workload profile, capacity planning
Future system
Problem determination, zombies, dump readers
System/R, SQL/DS, misc RDBMS
Location/address independent code
Misc. commercial time-sharing
peer-coupled shared data
GML origin at science center
continuous availability, disaster survivability, geographic survivabilitymisc VAMPS and/or bounce lock
mentioning HASP
IBM DASD, CKD, FBA, vtocs, multi-track search, etc
BDAM and/or CICS posts
Unbundling and charging for software
Misc. Bitnet, Earn
HSDT, HYPERChannel
Misc. ARPANET, NSFNET, Internet
OSI and High Speed Protocol
Misc. Interop '88 references
Misc. Internal Network references
RFC1044 Implementation
Various Terminal Emulation issues
Computer Mediated Conversation
3 tier, middle layer, saa
Client and Radius Authentication
SSL Domain Name Server Certificates
X9.59, Identity, Authentication, and Privacy
Misc. Relying Party Certificates
Kerberos and/or pk-init
certificate-less operation
Coining the term certificate manufacturing to differentiate from PKI
Electronic Signature legislation, human signature, intent
Discussion of real-time public key distribution with DNS
Digital Certificate Payload Bloat
Boyd
other Boyd references from around the web

top , by subject : technology , networking , public key , integrity , Boyd - home