Concerning the Software Token for the Smartphone.

[Thegreatmonkey]

no, it's not just a popularity thing. Smart phones are more limited in certain ways what you can do with them but these limitations also make them less vulnerable to attacks. There is also usually less to gain from attacking someone's phone, because there is generally less data stored on them. Attacking smartphones is not as easy as attacking a Windows PC- script kiddies and creators of malicious software generally take the path of least resistance. Why waste more time hacking something that's less likely to prove useful to the attacker when they can more easily get into something that's more likely to be a treasure trove of stealable information?

Window computers are attack a lot more because Windows it is on like 95% of the computers around the world, making them more profitable to attackers. I will agree that Windows makes it easy for attackers but lets switch it up. Lets say Macintosh was run on most of the computers around the world vs Windows only having say 10%. Who do you think hackers would go after, Windows or Macintosh? Answer Macintosh because it would be more of a profit to the attackers.

Also being that phones and other small devices are easily lost / stolen, it is much, much more common (and much easier) to steal someone's actual phone and break into it directly, rather than trying to attack it remotely. And this type of attack, known as "man in the middle," works equally with both the phone app and the physical token.

Man in the middle attack is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker.
MITM Attack

Man in the middle attack dose not invade the attacker stealing the devices itself.

[Alhanelem]

Window computers are attack a lot more because Windows it is on like 95% of the computers around the world, making them more profitable to attackers. I will agree that Windows makes it easy for attackers but lets switch it up. Lets say Macintosh was run on most of the computers around the world vs Windows only having say 10%. Who do you think hackers would go after, Windows or Macintosh?

Popularity is one factor, but it's not the only factor. Windows is genuinely much easier to attack remotely than IOS or android or any other desktop OS.

http://en.wikipedia.org/wiki/Security_token

I was reading here and misread the meaning of MITM, which refers to theft of the PW in transit upon entering it, rather than stealing the generated password from the token/app itself.

[Thegreatmonkey]

Popularity is one factor, but it's not the only factor. Windows is genuinely much easier to attack remotely than IOS or android or any other desktop OS

Population is the main factor. Windows is really only easier because out of the box, everything is unlocked. Most people will not take the time to lock down there system after getting a new one or reinstalling Windows. I'm not saying Windows is the best OS for security but if people took the time or had someone look at it to lock down the system, they would be more save when using the Internet. Of course that also would giving them a basic understanding of how to browse the Internet safely.

[JackDaniels]

Android emulator http://developer.android.com/tools/help/emulator.html

[Alhanelem]

Population is the main factor. Windows is really only easier because out of the box, everything is unlocked. Most people will not take the time to lock down there system after getting a new one or reinstalling Windows. I'm not saying Windows is the best OS for security but if people took the time or had someone look at it to lock down the system, they would be more save when using the Internet. Of course that also would giving them a basic understanding of how to browse the Internet safely.

Most people dont' like security because they see it as an inconvenience, that's why people dont do it, and when what security windows does have out of the box annoys them (UAC) people turn it off. So yes, windows can be made more secure, but the vast majority of people do not, thereby making their phone almost guaranteed to be more secure out of the box and without any effort on the user's part.

Keeping your security device seperate from your PC decreases the risk of said security device being compromised.

But really, the real reason this thread exists is someone doesn't have a phone and is too cheap to drop $10 on a security token (and probably just wants the mog satchel and not the extra security)

[Thegreatmonkey]

Most people dont' like security because they see it as an inconvenience, that's why people dont do it, and when what security windows does have out of the box annoys them (UAC) people turn it off. So yes, windows can be made more secure, but the vast majority of people do not, thereby making their phone almost guaranteed to be more secure out of the box and without any effort on the user's part.

Well the UAC dose give some protection and the way MS implied it is sloppy. They should of just copy the way Linux dose it...95% of what Windows is, has been copy from other people. As for making Windows more secure, I was talking about disabling unneeded services, like telnet.

Keeping your security device seperate from your PC decreases the risk of said security device being compromised.

Yes, the only real security you get is the fact that FFXI is not be ran on the same system as the software token.

But really, the real reason this thread exists is someone doesn't have a phone and is too cheap to drop $10 on a security token (and probably just wants the mog satchel and not the extra security)

LOL, I agree with that. I for one like the Token, however I have some friends who do not like it and have all ready disable it.

[Krashport]

It begins... Software token please check it!
hacked iPhone