Jun 29 2010
The Network Security Podcast, Episode 203
New show. Zach late. Show still good. Martin’s birthday. Mongo like.
Network Security Podcast, Episode 203, June 29, 2010
Time: 32:57
Show Notes:
- The National Strategy for Trusted Identities in Cyberspace.
- Sen. Bond says DHS shouldn’t oversee cybersecurity.
- Why the disclosure debate doesn’t matter.
- Disclosure via court.
- Tonight’s music: All India Radio with Endless Night
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}
Blizzard Entertainment came out with something called the “Authenticator” for World of Warcraft. It’s a device that is suppose to protect an account from unauthorized access. Unfortunately, hackers figure out a way to get around it. (Links to info below)
While I think NTI is a great idea, the technology just needs one compromise like the Authenticator to bring the whole thing down like a house of cards. NTI is just one piece of a major security puzzle. Without complete end-to-end assured security on both ends (server/desktop), there is always the possibility that a system like this will fail.
Authenticator FAQ:
http://us.blizzard.com/support/article.xml?locale=en_US&articleId=24660
Information about the device:
http://www.vasco.com/products/digipass/digipass_go_range/digipass_go6.aspx
And the story of how hackers were able to exploiting a weakness in the technology:
http://www.mmocrunch.com/2010/02/28/world-of-warcraft-authenticator-hacked/