diff options
Diffstat (limited to 'financial-news/2014-09-10.inc')
-rw-r--r-- | financial-news/2014-09-10.inc | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/financial-news/2014-09-10.inc b/financial-news/2014-09-10.inc new file mode 100644 index 00000000..2b886bc9 --- /dev/null +++ b/financial-news/2014-09-10.inc | |||
@@ -0,0 +1,17 @@ | |||
1 | <h3>10-9-2014: PayPal accounts hacked with a click</h3> | ||
2 | <p>Yasser Ali reports a now patched vulnerability in PayPal that would | ||
3 | have allowed him to reset other user's passwords and take over their | ||
4 | accounts. This is unlikely to be the last vulnerability found in | ||
5 | account-based payment systems.<br> | ||
6 | In Taler, customers do not have accounts with usernames, passwords | ||
7 | or associated e-mail addresses. Instead, Taler uses reserves which | ||
8 | are represented by a private key on the owner's computer. Users | ||
9 | create a reserve by depositing currency at a Taler exchange, and can then | ||
10 | withdraw digital coins from that reserve using the respective private | ||
11 | key. There is no limit on the number of reserves a user can have, and | ||
12 | even hacking the Taler exchange would not provide an adversary with access to | ||
13 | user's reserves (as the Taler exchange does not have the private keys). | ||
14 | Stealing in Taler requires breaking into each customer's computer to | ||
15 | extract the reserve keys or the coins from the digital wallet. | ||
16 | </p> | ||
17 | <p><a class="btn btn-info" href="http://yasserali.com/hacking-paypal-accounts-with-one-click/" role="button">Source</a></p> | ||