[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
URG_ent
11-02-96.
"Transaction Records Urged for Smart Cards"
Electronic money systems must generate transaction records
to help law enforcement agencies track money launderers, a
senior Justice Department official said last week. "In a
paper environment ... we can get bank records, we can get
credit card records. Our goal is only to preserve this ability."
"Internet insecurity "
Jeff Schiller: The Web has a lot of potential vulnerabilities.
There's plenty I know about that I don't want to talk about.
People who know about the vulnerabilities are reluctant to talk
about them because if we disclose what we know to the public,
the bad guys will take advantage. And if we address them with
the vendor community, they don't do anything about them.
There's a lot of hooey out there. Never trust the advice of
someone selling you a product, especially if the sales pitch
is, "My product makes your problem go away."
"RSA offers kit for secure credit-card transactions"
RSA Data Security, Inc. will announce today a tool kit for
developing secure applications that support credit-card
transactions on the Internet called S/Pay in support of
SET.
"Medcom introduces a "Super Cafe" data encryption product"
Medcom's latest data encryption product, the Secure Socket
Relay (SSR), features strong encryption with full key length
(56-bits DES). A demo version can be downloaded at
http://www.medcom.se/.
"On Technology's Security White Paper"
"Taking The Threat Out Of Network Security," will stimulate
the industry into discussing some of the issues of security
that face the Internet industry and its users. Copies of
the paper are available on request from On Technology. The
company's Web site is at http://www.ontech.co.uk .
-----
http://jya.com/urgent.txt (21 kb)
URG_ent
----------
In another story on gov-spooked insecurity:
NEC announced that it successfully demonstrated country-to-
country virtual private networking (VPN). During the tests,
privacy and security was maintained between the two sites by
deploying DES and triple-DES encryption. Since DES
encryption technology cannot be exported from the United
States, a Japanese version of DES, developed outside the
U.S., was used.