No, there is no guarantee that the user will not use a mobile phone to access his online banking (and the idiocy of some banks pushing out mobile apps for online banking doesn't actually improve security in that area either).

You can't make the user secure. You can only offer it to him and hope that he's intelligent enough to accept it.

I have never seen a set of traffic lights on a 70mph dual carriage way. Usually they have a reduced speed limit to 40 or 50 in the run up to the lights. Actually a hell of a lot of dual carriageways have a limit much lower than 70 even though that is the standard national speed limit for them.

And very few motorways have traffic light on the main bit of road where you can do 70mph. On the exit slip road you should actually be stationary or nearly stationary when you get to where the lights are so you can give way to traffic already on the roundabout.

The reason you are not supposed to run red lights, ever, is because if you could not stop in the UK then you must have been exceeding the speed limit in the approach. The duration of the amber light is tuned with this in mind.

So it's also the 80s movies to blame that women are not interested in careers like soldier, spy, pilot, policeman (apology, -woman), archaeologist, exorcist, karate fighter,...

Has anyone ever looked closer at the 80s? The 80s were not a geek decade. The only movie I can remember where geeks were not just the comic foil (ok, even in that one they were) was "Revenge of the nerds". The whole "engineering geeks" were no role model in 80s movies, and even less so in TV series. Whenever they were in some prominent role, they were the little sidekick of the actual hero. Be it Automan's creator Walter, who was mostly a comic sidekick (ok, the show wasn't that memorable, but the special effects were great for its time) or Street Hawk's Norman who was some timid, beancounter-ish scaredy-cat. The geek roles were at best meant to make the hero shine some more.

Actually, the only engineer role I can remember that was allowed to be superior in areas to the hero and be more than a nuisance to him was that of Bonnie in Knight Rider.

A woman.

The second channel will not secure a compromised channel, but it will make it easier to detect it.

There are various defenses against replay attacks, most of them relying on keys being tied to the current time and only being valid NOW but neither before nor after. But that is only good against a replay, it is quite useless when the attacker is manipulating your own communication. That has been the staple of attacks against banking software since the advent of the OTPs, and the only sensible defense against that is actually a two channel communication. Out of band one way transmission (i.e. sending a OTP to the customer to use in the transaction) doesn't help here.

There is very little you can do to combat malware infections unless you are willing to use a second channel. At some point in the communication the data is vulnerable to modifiction, no matter how well you try to shield it. It resides in memory, unencrypted, at some point in time. And if nothing else, this is where it will be manipulated.

And it's heaps easier to do if the interface used is a browser. You can literally pick and choose just where you want to mess with the data.

Ok, using what frequency? As far as I'm aware the whole spectrum that could be used by 3G is owned by some telcos and considering just how expensive using those freqs is they will hardly be so nice to let you use them for a little bit. They'll want to see money for that!

By promising him dancing pigs if he just presses it for me...

Seriously, don't overengineer it. You'll only hate yourself for investing too much brain power when you learn that all it took was the promise of cute kittens of bouncing boobs.

The system you describe has been implemented often. Most often I've seen it with online games and the like where the main threat is the use of credentials by a malicious third party (i.e. some account hijacker stealing username and password, logging into your account and doing nefarious things with it). For that, you don't need a dongle. You need two synchronized devices that output the same (usually numeric) key at the same time. Basically you get the same if you take a timestamp, sign it using PKI and have the other side verify it. If you have two synchronized clocks, transmitting the signature (or its hash) suffices. That doesn't really require plugging anything anywhere, although it probably gets a lot easier and faster to use if you don't have to type in some numbers and instead have a USB key transmit it at the push of a button.

But that's no silver bullet. All it does is verify that whoever sits in front of the computer is supposedly who they claim to be and entitled to do what they're doing. It does NOT verify what is being sent, or that the content being sent is actually what this user wanted to send.

If anything, it protects Google rather than the user. Because all that system does is making whatever is done by the user of the account non repudiable. Because whatever is done, it MUST have been you. Nobody else could have done it, nobody else has your dongle.

Technically, "real" two factor authentication, with two different channels involved, require an attacker to infect and hijack BOTH channels if he doesn't want the victim to notice it.

As an example, take what many banks did with text message as confirmation for orders. You place the order on your computer, then you get a text message to your cell phone stating what the order is and a confirmation code you should enter in your computer if the order you get as confirmation on your cellphone is correct. That way an attacker would have to manipulate both, browser output on the computer and text messages on the phone, to successfully attack the user.

In other words, it does of course not avoid the infection. It makes a successful attack just much harder and a detection of the attack (with the ability to avoid damage) much more likely.

The truth is that very few speed limit signs are hidden in the manner you describe. Lets be honest, the vast majority of the time us drivers exceed the speed limit we do so knowing we are doing it, we just do not think we will get caught. We know what the speed limit is on most roads we drive down, we just sometimes push them as we are in a hurry. We are probably driving in a generally safe manner, we are just doing it too quickly.

The thing is though, speed limits do exist for a reason. They are there to force us to account for the unknown: children running into the road, morons pulling out of side streets and not looking, us getting a blowout due to something to small to see in the road. The chances of these things happening are all pretty minuscule but since we all drive everywhere so much these small odds multiple so it always happens to someone in the end and the fallout can be catastrophic and expensive for the city to clean up afterwards.

Speed limits are also actually a way of us being more flexible with other driving rules, like paying attention to where you are going. Sometimes people do some really stupid crap on the roads. Like trying to find a CD to put on and veering on to the wrong side of the road, answering the phone in our pocket that is awkward to get to, looking at maps, turning round and shouting at the kids in the back, this list could go on for ever. As it is we can do this with a certain degree of impunity as the worst that would happen is we wrote off our car and someone else's the vast majority of the time. If everyone could drive everywhere as fast as they liked the police would have to be far more ruthless at enforcing other aspects of the traffic laws, maybe even down to banning persistant offenders until they got the message.

Sometimes I actually think this might be a better idea, then I catch myself doing some of the stupid crap I describe :)

It's a different grade of fighting, tho. Males fight until everyone settles out where they are in the social hierarchy, then it stops; this stable endpoint is disrupted when the goal is always promotion. Kinda like always adding a new male to the mix.

But the root difference is that males fight to secure their own status, while females fight to kill anyone they see as competition. Males beat each other up, then go have a beer. But when females see another female as a rival, it never ends til one is dead. Can't quite get away with murder in the office, but the virtual hairpulling just goes on and on.

Depends if the job requires physical strength.

My concern would be more along the lines of what I've observed in all-female offices. The social environment is a lot more likely to get ugly for those of lower status than when there's even one male present.

Incidentally this is nothing unique to humans; in most animals, an all-female group fights a lot, but add even one male and things calm down. All-male groups may fight at first but soon find equilibrium. All-female groups never give it up until all the "targets" are dead.

What keeps me (or my malware, respectively) from opening a google page in the background (i.e. not visible to the user by not rendering it but making Chrome consider it "open") and fool the dongle into recognizing it and the user into pressing the a-ok button?

A machine that is compromised is no longer your machine. If you want two factor, use two channels. There is no way to secure a single channel with two factors sensibly.

Something about wanting to influence politics by force or threat of force... something like that...

I was thinking more along the lines of torches and pitchforks.

Let's just hope you can filter for those legal sites.