[Cryptography] PRISM-Proofing and PRISM-Hardening
Jerry Leichter
leichter at lrw.com
Tue Oct 1 11:36:13 EDT 2013
On Sep 30, 2013, at 9:01 PM, "d.nix" <d.nix at comcast.net> wrote:
> It's also worth pointing out that common browser ad blocking / script
> blocking / and site redirection add-on's and plugins (NoScript,
> AdBlockPlus, Ghostery, etc...) can interfere with the identification
> image display. My bank uses this sort of technology and it took me a
> while to identify exactly which plug-in was blocking the security
> image and then time to sort out an exception rule to not block it.
>
> The point being - end users *will* install plug-ins and extensions
> that may interfere with your verification tools.
It goes beyond that. A company named Iovation sells a service that's supposed to check a fingerprint of your machine against a database so that someone like a bank can determine if your login is supposed to come from this machine. (It also leaves behind a cookie, and may blacklist some addresses). Anyway, the result is a connection to "iesnare.something" when you go to your bank. I run a Little Snitch on my Mac's; it reports and ask for approval for unknown connections. So I see alerts pop up when I go to my bank and similar sites. Sometimes I block the connection, sometimes I let it through. (Actually, it doesn't seem to affect the site's behavior either way.)
-- Jerry
More information about the cryptography
mailing list