Friday, 13 April 2007

Man-in-the-middle attack against "personal seal" protection

Source: slight paranoia
Presenting a customised image to the user during the login process is not effective against phishing for two reasons: first, most users are unobservant easy victims; second, a man in the middle attack, such as the one demonstrated in this article, can subvert the system.

No comments: