Simon Willison’s Weblog

Subscribe
Atom feed for rsa

2 items tagged “rsa”

2008

CSRF presentation at RSA 2008. It terrifies me how few people understand CSRF, years after it was discovered. I’ll say it again: if you’re a web developer and you don’t know what that acronym means, go spend an hour reading about it—because the chances are your applications are vulnerable.

# 12th April 2008, 10:52 am / jeremiah-grossman, csrf, rsa, rsa2008, security

2007

E-Trade financial tried using a RSA fob as a second factor of authentication, but as of their 11/07/06 financial report their fraud losses continue to increase. That said, they considered this program a success because users indicated they feel safer and are more likely to provide assets.

Usable Security

# 20th July 2007, 10:31 am / usablesecurity, etrade, rsa, rsafob, security, usability, securitytheatre