Trojan horse attack involving many major Israeli
Richard Stiennon
richard at stiennon.com
Thu Jun 2 07:54:04 PDT 2005
...while having close to zero impact on US and EU security practises.
-RS
At 07:05 AM 6/1/2005, Amir Herzberg wrote:
>J.A. Terranson wrote:
>
>>So, how long before someone, possibly even me, points out that all
>>Checkpoint software is built in Israel?
>
>Nicely put, but I think not quite fair. From friends in financial and
>other companies in the states and otherwise, I hear that Trojans are very
>common there as well. In fact, based on my biased judgement and limited
>exposure, my impression is that security practice is much better in
>Israeli companies - both providers and users of IT - than in comparable
>companies in most countries. For example, in my `hall of shame` (link
>below) you'll find many US and multinational companies which don't protect
>their login pages properly with SSL (PayPal, Chase, MS, ...). I've found
>very few Israeli companies, and of the few I've found, two actually acted
>quickly to fix the problem - which is rare! Most ignored my warning, and
>few sent me coupons :-) [seriously]
>
>Could it be that such problems are more often covered-up in other
>countries? Or maybe that the stronger awareness in Israel also implies
>more attackers? I think both conclusions are likely. I also think that
>this exposure will further increase awareness among Israeli IT managers
>and developers, and hence improve the security of their systems.
>--
>Best regards,
>
>Amir Herzberg
>
>Associate Professor
>Department of Computer Science
>Bar Ilan University
>http://AmirHerzberg.com
>
>New: see my Hall Of Shame of Unprotected Login pages:
>http://AmirHerzberg.com/shame.html
>
>---------------------------------------------------------------------
>The Cryptography Mailing List
>Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>
Richard Stiennon
The blog: http://www.threatchaos.com
More information about the cypherpunks-legacy
mailing list