[Cryptography] PRISM-Proofing and PRISM-Hardening

Jerry Leichter leichter at lrw.com
Tue Oct 1 11:36:13 EDT 2013


On Sep 30, 2013, at 9:01 PM, "d.nix" <d.nix at comcast.net> wrote:
> It's also worth pointing out that common browser ad blocking / script
> blocking / and site redirection add-on's and plugins (NoScript,
> AdBlockPlus, Ghostery, etc...) can interfere with the identification
> image display. My bank uses this sort of technology and it took me a
> while to identify exactly which plug-in was blocking the security
> image and then time to sort out an exception rule to not block it.
> 
> The point being - end users *will* install plug-ins and extensions
> that may interfere with your verification tools.
It goes beyond that.  A company named Iovation sells a service that's supposed to check a fingerprint of your machine against a database so that someone like a bank can determine if your login is supposed to come from this machine.  (It also leaves behind a cookie, and may blacklist some addresses).  Anyway, the result is a connection to "iesnare.something" when you go to your bank.  I run a Little Snitch on my Mac's; it reports and ask for approval for unknown connections.  So I see alerts pop up when I go to my bank and similar sites.  Sometimes I block the connection, sometimes I let it through.  (Actually, it doesn't seem to affect the site's behavior either way.)

                                                        -- Jerry



More information about the cryptography mailing list