Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Top Links You Must Click On


TextKey's Two Factor Authentication Stops Zitmo Trojan Variant
MITM and MITB Attacks Are Only Possible If the Browser Is Used in the Authentication Process

SAN JUAN CAPISTRANO, CA -- (Marketwire) -- 12/11/12 -- TextPower, a leader in innovative text messaging software solutions for enterprises, today debunked a claim that the Zitmo Trojan Variant Eurograbber defeats all two-factor authentication citing the company's TextKey™ authentication service which uses a cell phone's unique identifier -- its "fingerprint" -- to authenticate a web site user through a simple text message instead of a web browser.

The Zitmo Trojan has cost online banking customers throughout Europe millions in stolen funds as this variant has infected Android and BlackBerry devices and is capable of defeating common forms of two-factor authentication. TextKey's patent-pending technology eliminates any browser interaction during the authentication process and thus won't allow man-in-the-middle (MITM) or man-in-the-browser (MITB) attacks affecting mobile device users.

"There are several two-factor authentication methods used to protect web sites, but those that allow any form of data entry on a web browser page are vulnerable to a MITB/MITM attack," said Scott Goldman, CEO, TextPower. "To eliminate this angle of attack, you must eliminate any method that involves the browser. A secure server-to-server connection between an authentication service and the web site is the simplest and most straightforward approach to do this. TextKey uses exactly that type of connection, completely circumventing any browser involvement to eliminate threats from any MITB/MITM attacks."

Unlike other two-factor authentication processes, TextKey's authentication code is displayed in clear text on the user's screen after they have successfully entered their ID and password. This code must be sent via SMS to the TextKey cloud-based authentication system from the cell phone preregistered to that user's ID. There is no open field for a hacker to monitor or trap information on the web site's page, nor is there any hardware or software required at the web site's server to implement TextKey authentication. Only the next-generation of two-factor authentication, like TextKey, combines the convenience of a soft token with the resistance to browser-based attacks.

Establishing an account with a TextKey installation on the web site side is fast and simple. The individual web site maintains the user's ID and password already and simply adds their cell phone number to the record. Then a simple plug-in, available in .NET, PHP and Java, is inserted into the web site's login page HTML. When the ID and password are successfully entered a modal dialog box appears showing the code that the user must text into the TextKey system from their cell phone. The code must be sent within the user-defined time frame from the correct phone to grant access. If the wrong code is sent, or if the correct code is sent from an unregistered phone, access is denied. It's simple, easy to install and the least-hackable method available.

The product, TextKey, has won two major industry awards and is patent-pending. Although the product is still in "slightly stealth" mode it has generated significant interest from some major financial institutions and is going to be publicly released within the next 90 days.

About TextPower, Inc.
TextPower, Inc. provides alerting and authentication solutions to a variety of industries worldwide using text messaging (SMS). The company's software and text messaging services help companies enhance their revenues, decrease costs and improve customer service. TextPower's authentication product, TextKey™, replaces the token or security fob previously needed to verify the identity of online users for password-protected applications. TextPower's mission-critical infrastructure employs geo-redundancy for the industry's highest reliability, providing delivery to virtual every cell phone in the United States and connections to most recognized wireless operators around the world. Visit http://www.TextPower.com, email Info@TextPower.com or call 888.818.1808 for more information.

Add to Digg Bookmark with del.icio.us Add to Newsvine

For more information contact:

Dan Chmielewski
Madison Alexander PR
714-832-8716
Email Contact

About Marketwired .
Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Enterprise Open Source Magazine Latest Stories . . .
IBM’s Blue Box Cloud, powered by OpenStack, is now available in any of IBM’s globally integrated cloud data centers running SoftLayer infrastructure. Less than 90 days after its acquisition of Blue Box, IBM has integrated its Blue Box Cloud Dedicated private-cloud-as-a-service into it...
Puppet Labs has announced the next major update to its flagship product: Puppet Enterprise 2015.2. This release includes new features providing DevOps teams with clarity, simplicity and additional management capabilities, including an all-new user interface, an interactive graph for vi...
I was experimenting with Java HashSet, which is a pretty expensive collection to create, but it has a benefit of the O(1) performance on the retrieval of elements from this collection. Based on my experiments performance of HashSet is improved over the last year. I’ve written a small ...
When I started exploring virtualization, like many folks, I was in awe of how much efficiency came with moving physical servers into VMs. To this day, the number of success stories about improved usage, reduced overhead costs and increased functionality makes virtualization a solid bus...
XebiaLabs has announced that XL Deploy, its Application Release Automation software, has received certification of its integration with ServiceNow. With XL Deploy from XebiaLabs, ServiceNow users can now easily automate the application deployment process so releases can occur in a re...
All enterprises, be they large or small, national or multinational, commercial or government agency, American or Chinese, Japanese or European, are carrying the dead weight of their history and almost certainly continuing to add unnecessary complexity and excessive cost that will progr...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE