[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Backport of the integer overflow in the brk system call

On Wed, Dec 03, 2003 at 12:06:33PM +0100, Artur R. Czechowski wrote:
> > What is a "RSA token"?
> Device used in some internet banks. You have a device, which has only
> chipset, digital pad with on/off switch and display, all embedded in small
> case. Authentication is made using C/R algorithm: you receive a number
> from system, enter it into token, chipset signs it using stored RSA key, you
> get a number from display and use is as a password. 

Yeah, these are good: they're cheap and I think it would have been 
effective at preventing this particular incident.  That's an excellent 
idea.
Reply to: