WebApp Sec mailing list archives
RE: Proposal to anti-phishing
From: "Lyal Collins" <lyal.collins () key2it com au>
Date: Sun, 16 Jan 2005 18:03:07 +1100
-----Original Message----- From: Rogan Dawes [mailto:discard () dawes za net] Sent: Saturday, 15 January 2005 3:05 AM To: Rafael San Miguel Cc: webappsec () securityfocus com; Enrique.Diez () dvc es Subject: Re: Proposal to anti-phishing [snip] Please take a look at the thread that starts http://seclists.org/lists/webappsec/2004/Oct-Dec/0291.html and especially <http://seclists.org/lists/webappsec/2004/Oct-Dec/0347.html> where I explain why I believe SSL client certificates are really the only practical solution to preventing phishing. [snip] Well, there may be one other good option to stop phishing. If emails could be positively identified as coming from a customer's bank, then they could ignore those that don't authenticate as spam/phishing/fraud. Then if your bank doesn't provide this capability, you may decide to change to a bank that does provide authenticated, secured email comunications with its customers. Ltal
Current thread:
- Re: Proposal to anti-phishing, (continued)
- Re: Proposal to anti-phishing Rishi Pande (Jan 15)
- RE: Proposal to anti-phishing RSnake (Jan 15)
- RE: Proposal to anti-phishing Lyal Collins (Jan 16)
- RE: Proposal to anti-phishing Frank Knobbe (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 19)
- RE: Proposal to anti-phishing Sam Koh (Jan 23)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 19)
- RE: Proposal to anti-phishing WebAppSecurity [Technicalinfo.net] (Jan 15)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 15)
- RE: Proposal to anti-phishing Lyal Collins (Jan 16)
- Re: Proposal to anti-phishing Moksha Faced (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 19)
- Re: Proposal to anti-phishing Rogan Dawes (Jan 19)
- RE: Proposal to anti-phishing Lyal Collins (Jan 19)
- Re: Proposal to anti-phishing Cory Foy (Jan 23)
- Re: Data sanitization approaches in Java Jeff Williams (Jan 16)
- Re: Data sanitization approaches in Java Stephen de Vries (Jan 19)