Dermot Tynan writes:
>If you take something like SecurID, and their handheld time-based
>authentication units, if you knew the algorithm and serial number
>involved, you could possibly predict the next number.
Whoa! What a minute! Please don't drop something like this statement and
leave it without any clarification and supporting information. What serial
number are you referring to? What evidence do you have to prove this
I've heard vague rumors about this type of weakness in SecurID but everytime
I ask for specifics the person touting the exposure is unable to support it.
Please, if you know something for sure then I'm all ears.
Nick Di Giovanni
IS Audit Manager