How phishers killed the password (and why that's a good thing)

Discussion in 'other security issues & news' started by ronjor, Aug 3, 2005.

Thread Status:
Not open for further replies.
  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Article
     
  2. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    In stead of username/password, I want my computer to scan my pointing finger and after comparing the scan with the fingerprint database of the bank, I get access to my bankaccount.

    The scanner can be a part of the left mouse button (just a free tip for the engineers :D ).
     
  3. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,875
    Location:
    New England
    I'm not sure I want a body part to identify me... Having seen too many of those movies where they cut off you finger or hand to get your identity has me concerned. Let them steal my trash, not my hand, if they want to accomplish identity theft. :blink:

    I'm mostly joking.... But, I'm also partially serious.
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    It is a sad state of affairs when we might in the future have to rely on biometrics for security. It reminds me of the movie Blade Runner.
     
  5. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Yes but I also saw movies, where a man was tortured in order to get his password. He couldn't even type his password anymore after that.
     
  6. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    What about a retina scan then? An eye for an eye.
     
  7. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Well any unique body part is good, except ...
     
  8. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    A tattooed bar code on the right arm :)
     
  9. meoff

    meoff Guest

    or on the forehead of those who type with their left hand!
     
  10. se7engreen

    se7engreen Registered Member

    Joined:
    Feb 6, 2004
    Posts:
    369
    Location:
    USA
    Fujitsu has a unique idea for handling biometric authentication.

    Link
     
  11. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    A chip nailed in your backbone, that gives you access to your bankaccount via a signal.
    The chip has a lifetime battery and a mini turbine in one of your veins, driven by your own blood circulation to recharge the battery day and night.
    The battery can also be connected to your pacemaker.
    The chip can also be used to track you down via satellite, when you are kidnapped or a fugitive.
    Lots of possibilities if you use your imagination.
     
  12. Rico

    Rico Registered Member

    Joined:
    Aug 19, 2004
    Posts:
    1,699
    Location:
    Texas
    How about a password match of your DNA. Place a little DNA on the scanner, if you match. Would need multilpe scanners, or wipes for other user accounts. The only flaw with this system is, it would not work for OJ Simpson.

    rico
     
  13. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    LOL @ Rico. Good idea and possible, except for O.J. Simpson :D

    One thing is sure, user names and passwords and any other system based on that, like mentioned in the first link
    are OUT-OF-DATE. Period.
    We just need another kind of verification, based on the new actual technical possibilities.
    It's up to the security industry to make it cheaper and acceptable for the average man.
     
  14. AnthonyG

    AnthonyG Registered Member

    Joined:
    Aug 3, 2004
    Posts:
    614
    What about a thing where the username and password are valid but they can only be authenticated by the site if typed in by specific computers you assign when you join. I assume each computer has something unique about them like machine hardware code or something.

    So then when you give those. Only those computers you choose can use the passwords and access the site.

    If you try to add another computer to the authenticate list, it emails you to ask if you agree with the change where you have to then email back to authenticate the change.

    When you log into your acount you see the amount of computers that have access so you can immediately see if ones fishely been added to your user list. If so you will have the unique hardware code for that machine in the list so it can easily be traced back to the culprit. So i would make all new computers with a unspoofable hardware code on each and every machine if it does not already occur. As i dont know why but im sure ive seen an individual code for my computer somewhere while browsing windows.

    Thats what id do with my internet company.
     
  15. AnthonyG

    AnthonyG Registered Member

    Joined:
    Aug 3, 2004
    Posts:
    614
    Or simpler how about with shops and banks the use of a second password that only comes into place if you try to transfer or buy items worth more than say £100 in a 48 hour period online. And say if over £50 has been transferred in 48 hours the bank emails you. Not to authenticate it but just to say. By the way did you know £50 left your account today.

    The fraudsters would virtually never get this second password and the first together. So the account is safe from people stealing large amounts of money from you. As the second password will only ever be needed for moving large amounts of money.

    Very simple but effective.

    But id put money on people getting those emails saying please log onto your account by typing in both your first and second password and pin number and credit card number and sort code and main branch bank address. And some people would actually do it.

    But those people that actually do enter that deserve to be ripped off in my (unforgiving) opinion.
     
  16. Vikorr

    Vikorr Registered Member

    Joined:
    May 1, 2005
    Posts:
    662
    Just as a bit of trivia

    Retina scans are 1/100 (or was it 1/60) inaccurate....which when there's 100,000,000 people using it, means that about 1,000,000 people will match the same retina scan (ie not reliable by themselves).

    Of course there will probably be about 1,000,000,000 people using the internet in the future (if there isn't already - not sure).

    --------------------------------------------------------------------------

    Dunno that I like the idea of microchips implanted in people....if you know the algorithm, then it's too easy to scan, you can duplicate someone elses code.

    The IP address verification is already used by some banks, if large anomolies occur from another IP address it's usually flagged.

    I like the thumbprint idea, although it would mean more costs to set up an internet banking account....and if you had your thumbprint stolen...
     
    Last edited: Aug 4, 2005
  17. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    It looks like a good idea, but as you already said : thumbprints can be stolen and duplicated on a suitable surface that can be used to immitate the thumbprint.
    The trouble with thumbprints is, that you can get them any where and very easily, because nobody wears gloves all the time.

    Nevertheless the thread was funny and imaginative. I like brainstorming.
     
  18. right-on

    right-on Guest

    Not to mention, that is Biblical type, Nosttadomus type, prophecy type stuff! The day this happens means man has officially lost his freedom, and sadly, those wanting security will likely trade it for freedom.

    What's the old saying about trading freedom for security, but losing BOTH in the process?
     
  19. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    Implanting RFID tags is already a fact : animals, children, criminals, adults.
    If you search on the net you will find enough websites about that.
     
  20. right-on

    right-on Guest

    And you support this?

    There are people like you, ErikAlbert, that apparently are ENABLERS of this sort of "big brother" BS! I can't believe you would support this kind of inhuman intrusion, simply because you want internet "safety" and "security" so badly. You're willing to go so far as to allow basic human freedoms to be stripped away in the form of government intrusion into people's lives for this? That ultimately means, as I said...that you will trade freedoms for security, and in the end, you'll wind up with neither.

    This is prophetic type stuff - I suggest researching historical predictions a little bit to see what the long term implications of this type of intrusive, big brother government activity will ultimately lead to.
     
  21. ErikAlbert

    ErikAlbert Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    9,455
    right-on,
    Jesus man, why acting like this. I'm not an ENABLER of anything.
    My first post about chips was a joke and the last post are FACTS.
    I never expressed my opinion about chips in this thread.
    If you can't talk about it in an objective way, just don't post.
     
  22. bellgamin

    bellgamin Very Frequent Poster

    Joined:
    Aug 1, 2002
    Posts:
    5,648
    Location:
    Hawaii
    My sympathies Erik -- there's a prolix libertarian aboard. Good grief!

    By the way, I have it on good authority that The Beast WILL put an absolute end to identity theft...
     
  23. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hi,
    Solution - no online money transfer!
    Or:
    Full 3D CT-scan, biopsy, autopsy, barbitol-mercury colonoscopy, dna sampling from mouth epithel and colon, blood and urine test, chips aforementioned, implanted in skull, earlobe, inside of the nose (Total Recall), scrotum, and in your forearm (glowing iodine-filled diodes like in Beautiful Mind), fingerprint, toothprint, footprint scan, volumetric scan, voice identification, 3 passwords, eye scan, sample of signature, radio transmitter implanted in one of the tooth plombs, sodium penthanol examination in front of 3 military profilers / psychologists + polygraph machine...
    All this because you wanted to buy an Adam Ant disc on Amazon...
    Cheers,
    Mrk
     
Loading...
Thread Status:
Not open for further replies.