once more, with feeling.
Steven M. Bellovin
smb at cs.columbia.edu
Sat Sep 20 15:55:12 EDT 2008
On Thu, 18 Sep 2008 17:18:00 +1200
pgut001 at cs.auckland.ac.nz (Peter Gutmann) wrote:
> - Use TLS-PSK, which performs mutual auth of client and server
> without ever communicating the password. This vastly complicated
> phishing since the phisher has to prove advance knowledge of your
> credentials in order to obtain your credentials (there are a pile of
> nitpicks that people will come up with for this, I can send you a
> link to a longer writeup that addresses them if you insist, I just
> don't want to type in pages of stuff here).
>
Once upon a time, this would have been possible, I think. Today,
though, the problem is the user entering their key in a box that is (a)
not remotely forgeable by a web site that isn't using the browser's
TLS-PSK mechanism; and (b) will *always* be recognized by users, even
dumb ones. Today, sites want *pretty* login screens, with *friendly*
ways to recover your (or Palin's) password, and not just generic grey
boxes. Then imagine the phishing page that displays an artistic but
purely imaginary "login" screen, with a message about "NEW! Better
naviation on our login page!"
If this had been done in the beginning, before users -- and web site
designers, and browser vendors -- were mistrained, it might have
worked. Now, though? I'm skeptical.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list