WebApp Sec: Re: keyloggers?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

WebApp Sec mailing list archives

Re: keyloggers? - dont doit

From: Kyle Maxwell <krmaxwell () gmail com>
Date: Wed, 6 Apr 2005 13:39:38 -0500

On Apr 6, 2005 7:23 AM, Alvin Oga
<alvin.sec () virtual linux-consulting com> wrote:

        - anything sent over the internet is sniffable from
        anywhere in the world


Delurking just to mention that this isn't correct. Online banking (and
other security-sensitive activities) aren't a good idea from shared
sites like a cybercafe for all the reasons others have mentioned, but
this isn't it. From my desktop here, I almost certainly have no way of
sniffing your traffic to your bank, unless I happen to be somewhere
along your path.

I'd also like to know about SSL being broken. I think you mean one of
the common ciphers is broken, which would be substantial news indeed.

Your conclusion is right but your reasoning is completely wrong AFAICT.

-- 
Kyle Maxwell
[krmaxwell () gmail com]

By Date By Thread

Current thread:

Re: keyloggers?, (continued)
- Re: keyloggers? Greg Stiavetti (Apr 06)
- Re: keyloggers? Yoanne LE MERCIER (Apr 06)
  - RE: keyloggers? P.B. Wagenaar (Apr 06)
    - Re: keyloggers? - dont doit Alvin Oga (Apr 06)
    - Re: keyloggers? - dont doit Kyle Maxwell (Apr 06)
    - Re: keyloggers? - dont doit Antoine Martin (Apr 06)
    - Re: keyloggers? Michael Silk (Apr 06)
    - Re: keyloggers? Antonio Fontes (Apr 06)
    - Re: keyloggers? Michael Silk (Apr 06)
    - RE: keyloggers? Mehmet Buyukozer (Apr 06)