Feature or Flaw?
Florian Weimer
fw at deneb.enyo.de
Tue Jul 5 12:48:14 EDT 2005
* Lance James:
> And as stated above, reverse the effect and it would be the banks in
> scenarios such as XSS.
In case of XSS or CSRF, you have lost anyway. The web was not
designed as a presentation service for transaction processing,
especially if the transactions involve significant value. If you use
the web for this purpose, it's always a tradeoff.
Maybe it's time to realize that all these web applications together
form a huge monoculture, and to move on and diversify again.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list