Comments
yourfanat wrote: I am using another tool for Oracle developers - dbForge Studio for Oracle. This IDE has lots of usefull features, among them: oracle designer, code competion and formatter, query builder, debugger, profiler, erxport/import, reports and many others. The latest version supports Oracle 12C. More information here.
Cloud Expo on Google News

2008 West
DIAMOND SPONSOR:
Data Direct
SOA, WOA and Cloud Computing: The New Frontier for Data Services
PLATINUM SPONSORS:
Red Hat
The Opening of Virtualization
GOLD SPONSORS:
Appsense
User Environment Management – The Third Layer of the Desktop
Cordys
Cloud Computing for Business Agility
EMC
CMIS: A Multi-Vendor Proposal for a Service-Based Content Management Interoperability Standard
Freedom OSS
Practical SOA” Max Yankelevich
Intel
Architecting an Enterprise Service Router (ESR) – A Cost-Effective Way to Scale SOA Across the Enterprise
Sensedia
Return on Assests: Bringing Visibility to your SOA Strategy
Symantec
Managing Hybrid Endpoint Environments
VMWare
Game-Changing Technology for Enterprise Clouds and Applications
Click For 2008 West
Event Webcasts

2008 West
PLATINUM SPONSORS:
Appcelerator
Get ‘Rich’ Quick: Rapid Prototyping for RIA with ZERO Server Code
Keynote Systems
Designing for and Managing Performance in the New Frontier of Rich Internet Applications
GOLD SPONSORS:
ICEsoft
How Can AJAX Improve Homeland Security?
Isomorphic
Beyond Widgets: What a RIA Platform Should Offer
Oracle
REAs: Rich Enterprise Applications
Click For 2008 Event Webcasts
SYS-CON.TV
Top Links You Must Click On


TextKey's Two Factor Authentication Stops Zitmo Trojan Variant
MITM and MITB Attacks Are Only Possible If the Browser Is Used in the Authentication Process

SAN JUAN CAPISTRANO, CA -- (Marketwire) -- 12/11/12 -- TextPower, a leader in innovative text messaging software solutions for enterprises, today debunked a claim that the Zitmo Trojan Variant Eurograbber defeats all two-factor authentication citing the company's TextKey™ authentication service which uses a cell phone's unique identifier -- its "fingerprint" -- to authenticate a web site user through a simple text message instead of a web browser.

The Zitmo Trojan has cost online banking customers throughout Europe millions in stolen funds as this variant has infected Android and BlackBerry devices and is capable of defeating common forms of two-factor authentication. TextKey's patent-pending technology eliminates any browser interaction during the authentication process and thus won't allow man-in-the-middle (MITM) or man-in-the-browser (MITB) attacks affecting mobile device users.

"There are several two-factor authentication methods used to protect web sites, but those that allow any form of data entry on a web browser page are vulnerable to a MITB/MITM attack," said Scott Goldman, CEO, TextPower. "To eliminate this angle of attack, you must eliminate any method that involves the browser. A secure server-to-server connection between an authentication service and the web site is the simplest and most straightforward approach to do this. TextKey uses exactly that type of connection, completely circumventing any browser involvement to eliminate threats from any MITB/MITM attacks."

Unlike other two-factor authentication processes, TextKey's authentication code is displayed in clear text on the user's screen after they have successfully entered their ID and password. This code must be sent via SMS to the TextKey cloud-based authentication system from the cell phone preregistered to that user's ID. There is no open field for a hacker to monitor or trap information on the web site's page, nor is there any hardware or software required at the web site's server to implement TextKey authentication. Only the next-generation of two-factor authentication, like TextKey, combines the convenience of a soft token with the resistance to browser-based attacks.

Establishing an account with a TextKey installation on the web site side is fast and simple. The individual web site maintains the user's ID and password already and simply adds their cell phone number to the record. Then a simple plug-in, available in .NET, PHP and Java, is inserted into the web site's login page HTML. When the ID and password are successfully entered a modal dialog box appears showing the code that the user must text into the TextKey system from their cell phone. The code must be sent within the user-defined time frame from the correct phone to grant access. If the wrong code is sent, or if the correct code is sent from an unregistered phone, access is denied. It's simple, easy to install and the least-hackable method available.

The product, TextKey, has won two major industry awards and is patent-pending. Although the product is still in "slightly stealth" mode it has generated significant interest from some major financial institutions and is going to be publicly released within the next 90 days.

About TextPower, Inc.
TextPower, Inc. provides alerting and authentication solutions to a variety of industries worldwide using text messaging (SMS). The company's software and text messaging services help companies enhance their revenues, decrease costs and improve customer service. TextPower's authentication product, TextKey™, replaces the token or security fob previously needed to verify the identity of online users for password-protected applications. TextPower's mission-critical infrastructure employs geo-redundancy for the industry's highest reliability, providing delivery to virtual every cell phone in the United States and connections to most recognized wireless operators around the world. Visit http://www.TextPower.com, email Info@TextPower.com or call 888.818.1808 for more information.

Add to Digg Bookmark with del.icio.us Add to Newsvine

For more information contact:

Dan Chmielewski
Madison Alexander PR
714-832-8716
Email Contact

About Marketwired .
Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Enterprise Open Source Magazine Latest Stories . . .
Silver shows that predictions in areas such as economics have been less successful, e.g. he examines why many economists missed the recession, and why supposedly expert forecasters get election predictions wrong so often. For example, before the recession of 2008, the assumption was ma...
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is ob...
You can then easily piece together full transaction traces by ordering all method calls by sequence number. Further analysis can be applied to this information for a number of purposes. For example, by analysing the transactions, developers can easily construct design diagrams that can...
Every day and every second, the system administrator gets tones of information on the network operation, network devices’ operation, and messages from users; he sets dozens of challenges, which must help to avoid the existing and possible problems in the future. Often, it is rather dif...
With the increasing complexity of software, organizations are more cognizant than ever about the potential pitfalls of including open source code in their products. Below are some quick tips to continue leveraging open source code, while keeping your manager and legal department happy.
The industry is heated with debates on whether adopting private or public cloud is the smartest, best, cheapest, you name it choice. But this debate is missing the mark. Businesses shouldn’t be discussing public vs. private, but rather how can they make the two work together to their g...
Subscribe to the World's Most Powerful Newsletters
Subscribe to Our Rss Feeds & Get Your SYS-CON News Live!
Click to Add our RSS Feeds to the Service of Your Choice:
Google Reader or Homepage Add to My Yahoo! Subscribe with Bloglines Subscribe in NewsGator Online
myFeedster Add to My AOL Subscribe in Rojo Add 'Hugg' to Newsburst from CNET News.com Kinja Digest View Additional SYS-CON Feeds
Publish Your Article! Please send it to editorial(at)sys-con.com!

Advertise on this site! Contact advertising(at)sys-con.com! 201 802-3021




SYS-CON Featured Whitepapers
ADS BY GOOGLE