On Sat, Sep 24, 2011 at 7:28 PM, Peter Gutmann <[email protected]> wrote: > Ben Laurie <[email protected]> writes: > >>So how about telling us what page X says. > > There's no single page X, it starts at page X and goes on to page Y, where > Y = X + 5-10. > > (I can send you a link in private if you want, but it's way too much to post > here).
Yes, please. >>So as to steal your password. > > Isn't that then a standard phishing site? What's the new attack here, and why > would it defeat the risk-based assessment? I'm just saying I think its hard to detect when a password is being asked for as part of the risk assessment. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
