Analysis of Department of Justice Prosecutions 1999-2006
Linked by Thom Holwerda on Mon 28th Aug 2006 18:12 UTC, submitted by anonymous
Privacy, Security, Encryption A landmark study on Department of Justice network crime prosecutions reveals most attacks used stolen IDs and passwords, resulting in far greater damages to affected organizations than previously thought: up to USD 10 million per occurrence and on average more than USD 1.5 million per occurrence. The report, "Network Attacks: Analysis of Department of Justice Prosecutions 1999-2006", concludes that 84% of attacks could have been prevented if, in addition to checking the user ID and password, the organization had verified the identity of the computer connecting to their networks and accounts.
E-mail Print r 0   2 Comment(s) http://osne.ws/c2m
Order by: Score:
Add Comment Post a Comment
What's one more lie to a thief??
by StychoKiller on Tue 29th Aug 2006 04:35 UTC
StychoKiller
Member since:
2005-09-20

If someone can send a false ID and password, what's to
prevent them from sending a false ID for their computer?
Computers just do what the User tells them to, they are no more honest than the User in front of the keyboard.
Perhaps some sort of biometric data, along with an ID and password, might make it harder to defraud others --
Unless someone is suggesting serializing all computer hardware ever made (good luck with that!).

Reply Score: 1

RE: What's one more lie to a thief??
by Morin on Tue 29th Aug 2006 19:38 UTC in reply to "What's one more lie to a thief??"
Morin Member since:
2005-12-31

> If someone can send a false ID and password, what's
> to prevent them from sending a false ID for their
> computer?

Public key encryption, digital signatures, and the fact that nobody but the owner of a private key ever gets access to it.

Edited 2006-08-29 19:40

Reply Score: 1

Add Comment Post a Comment