[Fwd: Re: new opensource security system product launched]

--- Begin Message ---

Subject:	Re: new opensource security system product launched
Date:	Tue, 05 Oct 2004 23:33:29 +0530

all existing systems make sure that the computer has the control over the authenication process,

let me take this a bit bit further.

lets say the user says to the website that he registers or signs up for

user:"i want you to ask me ( put your no here) questions and answers for ( put ur no here) times ."
website " ok will do "

that means that the process instead of giving it 1 or 2 data it makes it more and more complex.

and to compensate for resetting the password i also have another solution ( a idea ) called login less browsing.

there are 2 versions of login less browsing
1 - the software
2- the protocol or system that powers the net

for reasons best left to me

i would rather not discuss about those 2 here until i develop them

some security companies would be wracking thier brains for a solution to resetting the password.

its so easy i wont reveal it ,

let someone find it before me and i will agree that he /she is a real champion.

Harrison Gladden wrote:

This is an interesting concept, but for somreason i think this would
lower the overal security of any system implementing it, simply
because users are stupid.  They will choose something they can easily
remember which also happens to be something anyone could figure out
about them.???Dunno just my 2 cents...

~Harrison

On Mon, 04 Oct 2004 12:28:25 +0530, arun balaji <randover@randover.com> wrote:

dear sir

- ---
about me
- --------------
i am arun balaji

i am 21 years old and i am from india.
- --------
where the idea came from
- --------------------
i and a friend( mark herbert- www.niimki.com) of mine from us developed
a data authentication method for use in credit card transactions as a
payment gateway.

my friend didnt want any money for this authentication system.

but i wanted to give it a full shot and i got a us provisional patent in
july of this year.

now after a lot of thinking i have decided to make it open source.
- ---------------
the application- randover
- --------------
its very very simple

normally all that a hacker needs to know about a user is 3 or 4 fields
of data

1st is user id
2nd is password

what i and my friend were trying to do was use a field which can be
universal and all pervasive..

that led to us thinking of using all the fields in the database

we then thought what if we can ask a random question from all the fields
in the database.

this makes our system the worlds first user configurable security system
for use in the web.

its very simple easy to use and develop and can be used as a standalone
system or along with existing applications

see http://sourceforge.net/projects/randover/
and http://www.randover.com for more details

would love to know about what you and the security community thinks of
my idea as a whole.

bye
arun balaji
founder inventor and owner (randover.com)

--- End Message ---