[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CONTEST: Name That Program!
Excerpts from mail: 30-Jan-96 Re: CONTEST: Name That Pro.. David
Mazieres@amsterdam (1274)
> You are a liar.
And you have terrible manners.
> Your program does not undermine all known schemes for transmitting
> software-encrypted credit cards on the internet. You have no way of
> obtaining my credit card number, because I will not run your software.
Guess what? I don't care whether or not I can get onto your machine,
because I undermine the overall scheme statistically. That's because if
I were a criminal, I would be perfectly sanguine about the fact that the
average consumer doesn't have a clue how to protect himself from
untrusted programs such as this. In fact, I'd settle for getting onto
10% of the machines, although I suspect I could get onto more like 80%
without raising a sweat. Yes, David, your personal credit card is safe,
because you're a cypherpunk wizard. For that matter, mine is safe too.
But Grandma's isn't.
> Furthermore, because I use a Unix-like operating system (specifically
> OpenBSD) which I re-build from source code every week or so, you would
> need to hack my compiler to keep mis-compiling itself and compromise
> my kernel or netstat, ps, etc, for which you would need to be root.
Case closed. Your argument would hold a lot more weight if you could
convince me that the average Internet consumer was going to rebuild his
UNIX kernel every few weeks. Internet commerce is targeting the masses
of people for whom "cut and paste" is still a technical term.
> The first virtual protocol seems to have some real weeknesses.
> However, I do not feel like wading through all the pages of text to
> figure out what is going on. I challenge you to post a concise
> description of the protocol, using syntax such as:
> A -> B: {ID, xxx, ...}_Ks
> With short descriptions where necessary. If you do, I'm sure we can
> rip your protocol to shreds (which is why you won't).
This is one of the most outrageous statements I can imagine. Our
protocols have been published, both in summary and in excruciating
detail, for over a year. They've been scrutinized by all sorts of
people in the financial industry, most of whom immediately turned around
and asked if we were looking for investors. Just because you're too
lazy to read them (or probably even to go to our web site to look at
them), you assume that you can rip them to shreds. I'm very impressed.
Here's an equally meaningful counterclaim: "I've never met you in
person and have no idea what you look like, but I'm sure that I'm better
looking than you are." (And for the record, because our security isn't
based on mathematical/cryptographic assurances, but rather on systemic
checks and balances, mathematical notation is pretty darned useless.)
But anyway, there's no need for you to stop being lazy in order to "rip
them to shreds". We are happy to tell you (in
http://www.fv.com/pubdocs/fv-austin.txt) EXACTLY how to break our
security, and why the kind of attack to which we are vulnerable doesn't
matter nearly as much as the vulnerability we've exposed in the software
encryption of credit cards. What we're trying to do, with our most
recent announcements, is hold the competing systems to the same standard
of full-disclosure-of-risks that we've held ourselves to all along. - -
Nathaniel
--------
Nathaniel Borenstein <[email protected]>
Chief Scientist, First Virtual Holdings
FAQ & PGP key: [email protected]