Links

Two Factor Authentication

/ Links / Leave a Comment

Bruce Schneier on The Failure of Two-Factor Authentication. Two factor authentication replaces passwords with two things: something you have (e.g. a security token that changes numbers every minute) and something you know (e.g. password). Bruce says this won’t help against two new kinds of attacks we’re seeing:

Man-in-the-Middle attack. An attacker puts up a fake bank website and entices user to that website. User types in his password, and the attacker in turn uses it to access the bank’s real website. Done right, the user will never realize that he isn’t at the bank’s website. Then the attacker either disconnects the user and makes any fraudulent transactions he wants, or passes along the user’s banking transactions while making his own transactions at the same time.

Trojan attack. Attacker gets Trojan installed on user’s computer. When user logs into his bank’s website, the attacker piggybacks on that session via the Trojan to make any fraudulent transaction he wants.

Two Factor Authentication Read More »

Long tail of software

/ Links / 3 Comments

The long tail of software.

The most interesting statistic however, was that while the top 10 searches were thousands of times more popular than the average search, these top-10 searches represented only 3% of our total volume. 97% of our traffic came from the long tail: queries asked a little over once a day.

Search is a long tail business and that is the source of its power and profit. Read Chris Anderson’s Wired article

Long tail of software Read More »