[cap-talk] Re: First point of consensus

David Hopwood david.nospam.hopwood at blueyonder.co.uk
Wed Feb 9 19:09:19 EST 2005


Tyler Close wrote:
> On Feb 9, 2005, at 1:48 PM, Ian G wrote:
>>Tyler Close wrote:
>>
>>I am claiming:
>>
>>>1. The petname toolbar conveniently presents all the information 
>>>needed to avoid a phishing attack.
>>>2. An attacker cannot trick the petname toolbar into assisting the
>>>deception.
>>
>>Sure he can.  He sticks a virus into your
>>computer, rewrites your pet name database,
>>and then inserts the email into inbox.  Now,
>>you're probably going to say you assumed
>>viruses away, but they are already out there,
>>infecting user's DNS files.
> 
> Ian, did you read David Hopwood's email quoting Dijkstra's
> "integralism"? If not, I think you should. The phenomenon is highly
> applicable.
> 
> I think the petname toolbar is a solution to the phishing problem, not
> to the virus problem.

Exactly. The arguments for pet names don't "assume away" viruses, they
treat separate problems separately.

("separate" is not the same thing as "totally independent". In fact
security improvements that address phishing will help to close one
vector for viruses.)

-- 
David Hopwood <david.nospam.hopwood at blueyonder.co.uk>



More information about the cap-talk mailing list