RE: Bad idea. Bad.

["Todd Towles" <toddtowles () brookshires com>]

Valdis
> A quick perusal indicates that they didn't consider the case 
> of a phish setting its own active cookie that would 
> authenticate the phish website.  Of course, I zipped through 
> it, so maybe I missed it....

I zipped thru it as well. Looking for new way to fight phishing is
good...but this idea is pretty rough about the edges. I guess it is good
that it was pushed at a Science conference instead of a Security
conference.

-Todd

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.