Lionel Ferette wrote: > > Using crypto all the way from the web server to a smart-card (so all the > > compromised system can see is encrypted data it can't get the key for) can > > help yere. > Even then, you would need a card reader with integrated pinpad. Otherwise, > the > keylogger can still sniff the PIN code entry - and then generate any > signature it wants by accessing the PC/SC layer directly (been there, done > that).
I'm not entirely convinced of that. _Some part_ of displaying the transactions and accepting/rejecting the transactions has to occur "securely" (off the compromised machine), but I don't think it necessarily has to be the stage you suggest... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
