It doesn't matter. The entire issue of end-user authentication is
dead, dead, dead thanks to 100+ million zombies with keystroke loggers.
It doesn't matter how clever the tech is, how slick the UI is, how
minimal the effort is.
(Incidentally, I note with interest the reported takedown yesterday of
the Bredolab botnet, whose size is reported as 30M. If that's accurate,
that is, if a single botnet has hit the 30M mark, then it's past time
to make the working guesstimate of bots something like 200+ million.
Not really surprising: we're still on a march toward the point in time
where an end-user system, chosen anywhere in the world at random,
will have a 50-50 chance of really belonging to someone else.)
---rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg