Re: Spoofing as the postmaster

From: "Trevor Talbot" <quension(at)gmail(dot)com>
To: "Andrew Sullivan" <ajs(at)crankycanuck(dot)ca>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Spoofing as the postmaster
Date: 2007-12-28 15:48:22
Message-ID: 90bce5730712280748t7cadc233qe6b4154c0f1efb71@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On 12/28/07, Andrew Sullivan <ajs(at)crankycanuck(dot)ca> wrote:
> On Sat, Dec 29, 2007 at 02:09:23AM +1100, Naz Gassiep wrote:

> > In the web world, it is the client's responsibility to ensure that they
> > check the SSL cert and don't do their banking at
> > www.bankofamerica.hax0r.ru and there is nothing that the real banking
> > site can do to stop them using their malware infested PC to connect to
> > the phishing site.

> The above security model is exactly how we got into the mess we're in:
> relying entirely on the good sense of a wide community of users is how
> compromises happen. Strong authentication authenticates both ways.

> For instance, the web world you describe is not the only one. Banks who
> take security seriously have multiple levels of authentication, have trained
> their users how to do this, and regularly provide scan tools to clients in
> an attempt (IMO possibly doomed) to reduce the chances of input-device
> sniffing.

I don't follow. What are banks doing on the web now to force clients
to authenticate them, and how is it any different from the model of
training users to check the SSL certificate?

There's a fundamental problem that you can't make someone else do
authentication if they don't want to, and that's exactly the situation
clients are in. I don't see how this can possibly be fixed anywhere
other than the client.

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2007-12-28 16:37:29 Re: Spoofing as the postmaster
Previous Message Andrew Sullivan 2007-12-28 15:26:31 Re: Spoofing as the postmaster