On Tue, Oct 01, 2013 at 10:28:48AM -0400, Greg wrote:
So, my password, iPoopInYourHat, is being sent to me in the clear by your
servers.
All mailman lists do this by default. It does tell you on the sign
up page that it will do so, and that you shouldn't use a 'valuable'
(e.g. used elsewhere)
Quoting from the New York Times:
David Lammy, Britain's intellectual property minister, also called
for a suspension of Blackberry's encrypted instant message service.
Many rioters, exploiting that service, had been able to organize mobs
and outrun the police, who were ill-equipped
?
nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983
http://www.wikidsystems.com
Commercial/Open Source Two-Factor Authentication
https://www.linkedin.com/in/nickowen
-
The Cryptography Mailing List
Unsubscribe by sending
terrorism? Do you feel that way strongly or
somewhat?
Was instead:
The NSA has been collecting the phone call records of tens of millions
of Americans possibly in violation of the law. Would you consider it
acceptable for the government to break the law to investigate terrorism?
Nick
--
Nick Owen
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor
cyphrpunk wrote:
On 11/3/05, Nick Owen [EMAIL PROTECTED] wrote:
The token client pulls down a hash of the certificate from the
WiKID server. It pulls the certificate from the website and performs a
hash on it. It compares the two hashes and if they match, presents the
user with the OTP
cyphrpunk wrote:
On 10/31/05, Nick Owen [EMAIL PROTECTED] wrote:
The system works this way: Each WiKID domain now can include a
'registered URL' field and a hash that website's SSL certificate. When
a user wants to log onto a secure web site, they start the WiKID token
and enter their PIN
poisoning. In this
case the token client will not be able to validate the certificate.
nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor authentication, without the hassle factor
Now open source: http://sourceforge.net
to login?
I suppose if you really wanted non-SSL logins, you could use a one-time
passcodes system with variable length passcodes to prevent race attacks.
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor authentication, without
would like to see WiKID-enabled.
Work is progressing on C and Python network clients to add to the Java
and COM objects and those listed above. Our focus is on adding network
clients in new languages and implementing those into applications.
Regards,
Nick
--
Nick Owen
WiKID Systems, Inc
assume, required by law.
Nick
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
https://sourceforge.net/projects/wikid-twofactor/
-
The Cryptography Mailing List
Unsubscribe
and documentation.
Comments and contributions are much appreciated.
tia,
Nick
Ian G wrote:
Anne Lynn Wheeler wrote:
the major ISPs are already starting to provide a lot of security
software to their customers.
a very straight forward one would be if they provided public key
software
as
protection for your privacy. I would think people would be much more
receptive to it now. Little has changed, except the market's perception
of the risk of using credit cards online. Amex actually pulled their
program in 2004, IIRC.
[EMAIL PROTECTED] wrote:
Nick Owen writes:
| I think
detection and prevention.
Florian Weimer wrote:
* Nick Owen:
I think that the cost of two-factor authentication will plummet in the
face of the volumes offered by e-banking.
I doubt this is true. In Germany, we already use some form of
two-factor authentication for Internet banking
grams of gold.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
--
Nick Owen
WiKID Systems, Inc
the user's private key, their
PIN and the server's private key, correct?
I know that if the PC is compromised anything is possible, but I think
this raises the bar significantly - perhaps to an unprofitably level.
Steven M. Bellovin wrote:
In message [EMAIL PROTECTED], Nick Owen writes:
It would
, and the form of token that is needed -
a trusted device to put the application, display, keypad
and net connection on - is even more expensive than
the stop-gap two-factor authentication units commonly
sold.
iang
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http
And now we see this when you go to the page...
very interesting.
nick
---begin---
NOTICE OF UNAUTHORIZED SOFTWARE
An unauthorized copy of Nullsoft's copyrighted software was briefly posted on this website on or about Wednesday May 28,
2003. The software was identified as WASTE (the Software
18 matches
Mail list logo