Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Comment: Re:Why the banks support a standard 2 factor syste (Score 1) 71

by silas_moeckel (#48660403) Attached to: JP Morgan Breach Tied To Two-Factor Authentication Slip

Use a soft token, store as many seeds and OTP's are you like. The a reason RSA tokens only have one seed is they get $$$ for each one adding some buttons to scroll up/down is a very minor security risk to make it much more functional. Modern phones are putting the seeds in hardware vaults, not quite as good but a decent trade off.

Comment: Re:Why the banks support a standard 2 factor syste (Score 2) 71

by silas_moeckel (#48659679) Attached to: JP Morgan Breach Tied To Two-Factor Authentication Slip

Do you understand that using a single RSA style dongle for multiple places is a huge risk? We have standards based ways of doing this, but that does not get RSA a massive paycheck or somebody else that is huge on the hook should it fail. Hell phones are actually getting better at this putting those keys in internally hardened hardware, it's not as secure as a hard token but prevents most we got the keys to the kingdom attacks.

Comment: Re:Or people could, you know, do their damn jobs.. (Score 1) 57

by silas_moeckel (#48587521) Attached to: BGP Hijacking Continues, Despite the Ability To Prevent It

Teirs of providers screwed up, Telecom Italia should have never accepted the routes. Considering that the whole AS has 84 ipv4 prefixes that could/should be summarized it's a pretty static list. They have one "client" bgp session to their own second AS. Telecom Italia is big enough where it looks like bigger fish dropped the ball filtering it's nearly 40k routes (possibly also hardware issues 40k long prefix lists can make routers unhappy).

Waste not, get your budget cut next year.

Working...