Re: [fw-wiz] Username password VS hardware token plus PIN
From: Frank Knobbe (frank_at_knobbe.us)
Date: 02/23/05
- Previous message: ArkanoiD: "Re: [fw-wiz] Username password VS hardware token plus PIN"
- In reply to: ArkanoiD: "Re: [fw-wiz] Username password VS hardware token plus PIN"
- Next in thread: ArkanoiD: "Re: [fw-wiz] Username password VS hardware token plus PIN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: ark@eltex.net Date: Wed, 23 Feb 2005 08:27:03 -0600
On Wed, 2005-02-23 at 14:36 +0300, ArkanoiD wrote:
> sound great, my old 9110 just crashed when nmap'ed ;-)
That's ok. So do certain mainframes. ;)
> but - MMS and smart SMS are big risk, i am pretty sure there are some nasty
> buffer overruns ;-)
Yes, and as someone mentioned offline, you can do nasty things with SMS
messages. It ranges from locking the SIM to enabling BlueTooth. But I
guess all GSM phones are at risk there.
I didn't mean to proclaim that the 9500 is the most secure phone. As we
all know, the most secure phone is encased in concrete, welded shut in a
steel case at the bottom of the ocean, right?
Anyhow, I think we're drifting off topic. Though it raises the question
how tamper proof and attack resilient those cheap PDA style tokens are
that Marcus mentioned. Perhaps they are not as secure as a DigiPass, but
how secure do they need to be?
Regards,
Frank
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- application/pgp-signature attachment: This is a digitally signed message part
- Previous message: ArkanoiD: "Re: [fw-wiz] Username password VS hardware token plus PIN"
- In reply to: ArkanoiD: "Re: [fw-wiz] Username password VS hardware token plus PIN"
- Next in thread: ArkanoiD: "Re: [fw-wiz] Username password VS hardware token plus PIN"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
