WebApp Sec mailing list archives
[Fwd: Re: new opensource security system product launched]
From: arun balaji <randover () randover com>
Date: Tue, 05 Oct 2004 23:35:25 +0530
--- Begin Message --- From: arun balaji <randover () randover com>
Date: Tue, 05 Oct 2004 23:33:29 +0530
all existing systems make sure that the computer has the control over the authenication process,let me take this a bit bit further. lets say the user says to the website that he registers or signs up foruser:"i want you to ask me ( put your no here) questions and answers for ( put ur no here) times ."website " ok will do "that means that the process instead of giving it 1 or 2 data it makes it more and more complex.and to compensate for resetting the password i also have another solution ( a idea ) called login less browsing.there are 2 versions of login less browsing 1 - the software 2- the protocol or system that powers the net for reasons best left to me i would rather not discuss about those 2 here until i develop themsome security companies would be wracking thier brains for a solution to resetting the password.its so easy i wont reveal it ,let someone find it before me and i will agree that he /she is a real champion.Harrison Gladden wrote:This is an interesting concept, but for somreason i think this would lower the overal security of any system implementing it, simply because users are stupid. They will choose something they can easily remember which also happens to be something anyone could figure out about them.???Dunno just my 2 cents... ~Harrison On Mon, 04 Oct 2004 12:28:25 +0530, arun balaji <randover () randover com> wrote:dear sir - --- about me - -------------- i am arun balaji i am 21 years old and i am from india. - -------- where the idea came from - -------------------- i and a friend( mark herbert- www.niimki.com) of mine from us developed a data authentication method for use in credit card transactions as a payment gateway. my friend didnt want any money for this authentication system. but i wanted to give it a full shot and i got a us provisional patent in july of this year. now after a lot of thinking i have decided to make it open source. - --------------- the application- randover - -------------- its very very simple normally all that a hacker needs to know about a user is 3 or 4 fields of data 1st is user id 2nd is password what i and my friend were trying to do was use a field which can be universal and all pervasive.. that led to us thinking of using all the fields in the database we then thought what if we can ask a random question from all the fields in the database. this makes our system the worlds first user configurable security system for use in the web. its very simple easy to use and develop and can be used as a standalone system or along with existing applications see http://sourceforge.net/projects/randover/ and http://www.randover.com for more details would love to know about what you and the security community thinks of my idea as a whole. bye arun balaji founder inventor and owner (randover.com)
--- End Message ---
Current thread:
- [Fwd: Re: new opensource security system product launched] arun balaji (Oct 05)
- Re: [Fwd: Re: new opensource security system product launched] rohit (Oct 06)
- Re: [Fwd: Re: new opensource security system product launched] arun balaji (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] rohit (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] arun balaji (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] exon (Oct 09)
- Re: [Fwd: Re: new opensource security system product launched] Paul Johnston (Oct 15)
- Re: [Fwd: Re: new opensource security system product launched] David Wall @ Yozons, Inc. (Oct 09)
- Re: [Fwd: Re: new opensource security system product launched] Matt Fisher (Oct 09)
- Re: [Fwd: Re: new opensource security system product launched] arun balaji (Oct 07)
- Re: [Fwd: Re: new opensource security system product launched] rohit (Oct 06)
- <Possible follow-ups>
- Re: [Fwd: Re: new opensource security system product launched] Simon (Oct 12)
- RE: [Fwd: Re: new opensource security system product launched] Michael Silk (Oct 12)