once more, with feeling.
D. K. Smetters
smetters at parc.com
Tue Sep 23 17:20:43 EDT 2008
Peter Gutmann wrote:
>
> For existing apps with habituated users, so am I. So how about the following
> strawman: Take an existing browser (say Firefox), brand it as some special-
> case secure online banking browser, and use the "new developments" solution
> above, i.e. it only talks mutual-auth challenge-response crypto and nothing
> else. At that point you've reduced "Reformat user and reinstall browsing
> habits" to "Train users to only use safe-browser when they do their banking,
> i.e. 'Never enter banking details using anything other than safe-browser'".
> Even if you only get a subset of users doing this, it's still a massive attack
> surface reduction because you've raised the bar from any idiot who buys a
> phishing kit to having to perform a man-in-the-browser attack.
>
We did a version of this for CEAS this year (paper here:
http://www.parc.com/research/publications/details.php?id=6496).
I agree, I think it's not hard to come up with an
architecture that increases user security, while reducing
the amount they have to learn. Though, as per Perry's
comment, you do need to be able to say that *some* (not
all) of the software on your machine is not totally
borked... (an interesting question is: how much, and what).
--Diana
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list