Re: PayPal Plans Payments Via Text Message?

[security curmudgeon <jericho () attrition org>]

: On Wed, Mar 22, 2006 at 10:24:33PM -0500, Valdis.Kletnieks () vt edu wrote:
: > On Thu, 23 Mar 2006 02:22:25 GMT, Fergie said:
: > > Despite the frustrating lack of details here, the article goes on
: > > to say that "Users will first have to register their mobile devices
: > > with PayPal?s Web site and select a code to protect them against
: > > unauthorized users."
: > > 
: > > Wow. Does this sound like a potential avenue for abuse, or what? ;-)
: > 
: > "Accidents happen, ya know?  It would really be a shame if we forgot your
: > secret code that protected you against unauthorized users...."
: > 
: > I'm not sure if I'm more scared of hackers, or money-grubbing malevolence
: > on PayPal's part.....
: 
: Huh?  Please explain your email.
: 
: 1. "We forgot your secret code"... ?  I'm confused.  Does PayPal have a history
:    of forgetting things?  As a Principal Software Engineer at PayPal, I may be
:    able to help do something about that, if you think so.
: 
: 2. "Money-grubbing malevolence"?  I'd like to think that you're merely frustrated
:    about one thing or another, and not actually trying to suggest that PayPal or
:    its policies are truly malevolent for its own profit.

Perhaps he meant 'indifference'? Not much better.

http://attrition.org/~squido/paypal/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.