Re: @CHECK Re: Re: Article - A solution to phishing

["Dennis W. Kennedy" <ckennedy9 () wi rr com>]

----- Original Message ----- 
From: "RSnake" <rsnake () shocking com>
To: <jcjhilvfgvqcf () mailinator com>
Cc: <webappsec () securityfocus com>
Sent: Sunday, July 17, 2005 9:00 PM
Subject: @CHECK Re: Re: Article - A solution to phishing


>  I threw together a paper further explaining how vulnerable this
>  is to brute force.  Using statistical analysis of clusters this
>  is highly vulnerable to brute force:
>  http://ha.ckers.org/acutrust/
>
> On Thu, 14 Jul 2005 jcjhilvfgvqcf () mailinator com wrote:
>
> > I have found a product that looks better then passmark.
> >
> > It is called ACUTrust (www.acutrust.com) and it uses a visualized token 
> > to authenticate the website.  it does not use cookies and does not 
> > require any client based software.  I also think that this would help a 
> > non technical person identify the sight.
>
> -R http://ha.ckers.org/xss.html
>
> The information in this email is confidential and may be legally
> privileged.  It is intended solely for the addressee.  Access to
> this email by anyone else is unauthorized.  If you are not the
> intended recipient, any disclosure, copying, distribution or any
> action taken or omitted to be taken in reliance on it is expressly 
> prohibited and may be unlawful.