<snip> The question is what the threat model is. We all know that email can be intercepted over the wire. We also know that that's not very common or very easy, except for wireless hotspots. I assert that *most* email does not flow over such links, and that the probability of a successful interception by someone who's staked out a hotspot is quite low. Residential wireless? Sure, there's a lot of it, mostly unencrypted. If you're a bad guy, is there any reason you should be watching for that particular piece of email? You don't even know who the customers of that bank are. (Sure, there can be targeted attacks aimed at a given individual. Unless you're a member of the HP board of directors or a prominent technology journalist, that risk is low, too....)
Again -- the scheme isn't foolproof, but it's probably *good enough*. What is their threat? There are two obvious answers: phishing and keystroke loggers. </snip> The threat model that does not get enough attention (especially by purported anti-phishing security mechanisms) is that if a phisher can obtain your password, and most people use the same password all over the place, then the adversary can simply log into your email and read any sensitive information directly. They don't need to eavesdrop. They don't need to put spyware on your box to busy-poll your email inbox. Traditional phishing attacks _still work_, just with a level of indirection. Ultimately, these kinds of anti-phishing schemes that require sending secret information to your email inbox are no more secure than your email password. Presumably, the reason that these schemes are required is to combat password theft (phishing) and password guessing so at the end of the day, how much do they really buy you? One level of indirection? One minor change in tactics? -Jason --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]