[clug] St.George Browser Based Banking Feedback
David Collett
david.collett at dart.net.au
Mon Jun 28 00:45:19 GMT 2004
Fellow Clugger Michael Cohen wrote a plug proxy which should be able to
do this, I know it can do SSL MitM. You can find it here:
http://sourceforge.net/projects/reapoff
I might have a play with that idea myself.
Dave
On Mon, 2004-06-28 at 10:32, Peter Barker wrote:
> On Sun, 27 Jun 2004, Chris Henman wrote:
>
> > Thank you for your email.
> >
> > Unfortunately, we do not support Linux/ Unix.
> >
> > The incompatibility of Linux/ Unix is an issue, which has been made
> > highest priority. We are currently working on a fix, so that we can
>
> ..
>
> This is the same canned-response which I got back last time this came
up
> on the list. I'm not even sure a human saw my message; they may just
match
> "linux" and send the canned response :)
>
> One thing which worries me here. Here St George are claiming that this
is
> their "highest priority". This either means that St George are
absolutely
> bloody lying about their priorities, or that they are completely
> incompetent (6+ months to get something working where it was before?).
> Either way, if I were an investor in St George, I'd be worrying about
> their management for making false claims or not fulfilling customer
> expectations.
>
> I had a play with getting this working a while back. It isn't terribly
> difficult to get ahold of bbbSmall.jar. I tried playing with
classpaths
> etc to get the applet running - and I did that, played around with the
> security model a bit etc etc... but then got tripped up with a
meaningless
> error.
>
> What I might try to do next is MitM attack against myself. That is,
use an
> SSL proxy which substitutes JUST for the bbbSmall.jar URL. Does
anybody
> here know if I can use squid to do just that - or should I play around
> with my own proxy to do this?
>
> > Chris Henman
>
> Yours,
> --
> Peter Barker | N _--_|\ /---- Barham,
Vic
> Programmer,Sysadmin,Geek | W + E / /\
> pbarker at barker.dropbear.id.au | S \_,--?_*<-- Canberra
> You need a bigger hammer. | v [35S, 149E]
> "They'll need a whole new Orwellian pseudo-crime-name for that... I
> suggest "digital molestation of kittens". - Jeremi (14640) from
Slashdot
More information about the linux
mailing list