Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.programming > #477
| From | "System" <system@vert.synchro.net.remove-r6y-this> |
|---|---|
| Newsgroups | comp.programming |
| Subject | Hacking banks and the defense |
| Date | 2011-06-16 07:15 -0700 |
| Organization | Vertrauen |
| Message-ID | <4DFA1010.109494.usenet_compprog@vert.synchro.net> (permalink) |
Even using the public cyphers and SSH2 (which is completely open source) https over compounded ssh2 cyphers would require millions of packets to crack and their wouldn't be anywhere near that many between server and client. Almost anyone could make an easy to use sniffer and ssl/https cracker.. using the open source of ssh, public cyphers, and the packets themselves.. you don't need more than a single transmission. How difficult would building a distributed sniff and hack bank attack be? It would be very easy. Client <=> SSL/HTTPS <=> SSH2 (cypher 1) <=> SSH2 (cypher 2) <=> SSH3 (cypher 3) <=> SSL/HTTPS <=> Server is what should be immediately implimented. Client <=> SSL/HTTPS <=> Server is what the banks currently use for online banking. Securecom 1.2 is up... uptime not %100 magizian.hopto.org ssh -2C -p 20022 -l user magizian2.dyndns.org password is freeaccess Magizian Underground --- Synchronet 3.15a-Win32 NewsLink 1.92 * Vertrauen - Riverside County, California - telnet://vert.synchro.net
Back to comp.programming | Previous | Next — Next in thread | Find similar | Unroll thread
Hacking banks and the defense "System" <system@vert.synchro.net.remove-r6y-this> - 2011-06-16 07:15 -0700 Re: Hacking banks and the defense JJ <jaejunks@googlemail.com> - 2011-06-17 16:55 +0700
csiph-web