Passwords jump-started Fumo probe

2006-10-13 Thread Nick Owen
? nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 http://www.wikidsystems.com Commercial/Open Source Two-Factor Authentication https://www.linkedin.com/in/nickowen - The Cryptography Mailing List Unsubscribe by sending

Re: NSA knows who you've called.

2006-05-13 Thread Nick Owen
terrorism? Do you feel that way strongly or somewhat? Was instead: The NSA has been collecting the phone call records of tens of millions of Americans possibly in violation of the law. Would you consider it acceptable for the government to break the law to investigate terrorism? Nick -- Nick Owen

Re: HTTPS mutual authentication alpha release - please test

2005-11-07 Thread Nick Owen
- The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor

Re: HTTPS mutual authentication alpha release - please test

2005-11-04 Thread Nick Owen
cyphrpunk wrote: On 11/3/05, Nick Owen [EMAIL PROTECTED] wrote: The token client pulls down a hash of the certificate from the WiKID server. It pulls the certificate from the website and performs a hash on it. It compares the two hashes and if they match, presents the user with the OTP

Re: HTTPS mutual authentication alpha release - please test

2005-11-03 Thread Nick Owen
cyphrpunk wrote: On 10/31/05, Nick Owen [EMAIL PROTECTED] wrote: The system works this way: Each WiKID domain now can include a 'registered URL' field and a hash that website's SSL certificate. When a user wants to log onto a secure web site, they start the WiKID token and enter their PIN

Re: HTTPS mutual authentication alpha release - please test

2005-11-03 Thread Nick Owen
poisoning. In this case the token client will not be able to validate the certificate. nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net

HTTPS mutual authentication alpha release - please test

2005-10-31 Thread Nick Owen
. Any feedback is much appreciated. Sincerely, Nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without the hassle factor Now open source: http://sourceforge.net/projects/wikid-twofactor

Re: US Banks: Training the next generation of phishing victims

2005-10-12 Thread Nick Owen
to login? I suppose if you really wanted non-SSL logins, you could use a one-time passcodes system with variable length passcodes to prevent race attacks. -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com At last, two-factor authentication, without

update: GPL'd two-factor system

2005-10-04 Thread Nick Owen
would like to see WiKID-enabled. Work is progressing on C and Python network clients to add to the Java and COM objects and those listed above. Our focus is on adding network clients in new languages and implementing those into applications. Regards, Nick -- Nick Owen WiKID Systems, Inc

Re: ECC patents?

2005-09-15 Thread Nick Owen
assume, required by law. Nick -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http://www.wikidsystems.com https://sourceforge.net/projects/wikid-twofactor/ - The Cryptography Mailing List Unsubscribe

Re: Another entry in the internet security hall of shame....

2005-08-29 Thread Nick Owen
get clubbed to death... iang - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http

Re: the limits of crypto and authentication

2005-07-11 Thread Nick Owen
as protection for your privacy. I would think people would be much more receptive to it now. Little has changed, except the market's perception of the risk of using credit cards online. Amex actually pulled their program in 2004, IIRC. [EMAIL PROTECTED] wrote: Nick Owen writes: | I think

Re: the limits of crypto and authentication

2005-07-11 Thread Nick Owen
detection and prevention. Florian Weimer wrote: * Nick Owen: I think that the cost of two-factor authentication will plummet in the face of the volumes offered by e-banking. I doubt this is true. In Germany, we already use some form of two-factor authentication for Internet banking

Re: the limits of crypto and authentication

2005-07-09 Thread Nick Owen
grams of gold. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Nick Owen WiKID Systems, Inc

Re: the limits of crypto and authentication

2005-07-09 Thread Nick Owen
the user's private key, their PIN and the server's private key, correct? I know that if the PC is compromised anything is possible, but I think this raises the bar significantly - perhaps to an unprofitably level. Steven M. Bellovin wrote: In message [EMAIL PROTECTED], Nick Owen writes: It would

Re: the limits of crypto and authentication

2005-07-09 Thread Nick Owen
, and the form of token that is needed - a trusted device to put the application, display, keypad and net connection on - is even more expensive than the stop-gap two-factor authentication units commonly sold. iang -- Nick Owen WiKID Systems, Inc. 404.962.8983 (desk) 404.542.9453 (cell) http