WebApp Sec mailing list archives

Re: (secure email) Proposal to anti-phishing

From: Michael Silk <michaelsilk () gmail com>
Date: Tue, 25 Jan 2005 09:37:26 +1100

Lyal said:

Phishing and fraud are synomymous is this thread, imho.


No they are not. Thats the whole purpose of having these terms - to be
able to differentiate threats and handle them individually.

Client side certificates are useless against fraud - imho its pointless to
deploy something against one problem while knowing that there are already
successful attacks against the so-called 'solution'.


So, because the clients computer can be broken into, don't deploy a
solution that can prevent phishing?

-- Michael

Current thread:

RE: (secure email) Proposal to anti-phishing Evans, Arian (Jan 19)
- RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 23)
- <Possible follow-ups>
- RE: (secure email) Proposal to anti-phishing Michael Silk (Jan 24)
  - RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 24)
    - Re: (secure email) Proposal to anti-phishing Michael Silk (Jan 24)
    - RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 24)
    - Re: (secure email) Proposal to anti-phishing Michael Silk (Jan 24)
    - RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 24)
    - RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 24)
    - Re: (secure email) Proposal to anti-phishing Michael Silk (Jan 24)
    - RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 27)
    - Re: (secure email) Proposal to anti-phishing Michael Silk (Jan 27)
  - RE: (secure email) Proposal to anti-phishing Lyal Collins (Jan 24)
- RE: (secure email) Proposal to anti-phishing Eric McCarty (Jan 24)