[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More FUD from First Virtual

To: Nathaniel Borenstein <[email protected]>
Subject: Re: More FUD from First Virtual
From: Bill Stewart <[email protected]>
Date: Sun, 10 Dec 1995 23:55:27 -0800
Cc: [email protected]
Sender: [email protected]

At 08:51 AM 12/10/95 -0500, Nathaniel Borenstein <[email protected]> (Tense Hot
Alien In Barn) wrote:

>In any event, I could write a virus that sits in
>front of the e-cash program and steals your keys when next you run the
>e-cash program.  Software's just too easy to fool.  That's why I regard
>the risk of catastrophe as being fairly large in software-based e-cash
>schemes.

How is this different for an ecash program vs. a First Virtual email
acknowledgement program, where either a (really hairy) virus, or, 
more practically, an active email interloper could fake FV acks?  

While hardware may be the best encryption solution for the average user
(as you say, and I think I agree with you), it needs to have some password
interface such as a small keypad on the front of the smartcard, to prevent
its usability after theft.

Of course, there are problems with digicash as well; my Digicash play-money
account thinks it's empty (in spite of having half a dozen coin-looking files),
and doesn't recognize any of the half-dozen passwords I've guessed I might have
used with it, so I'm not able to use Sameer's digicash-powered remailer.
#--
#				Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281

Follow-Ups:
- Re: More FUD from First Virtual
  - From: Nathaniel Borenstein <[email protected]>

Prev by Date: Time-based cryptanalysis: How to defeat it?
Next by Date: Re: GAK and self-incrimination?
Prev by thread: Re: More FUD from First Virtual
Next by thread: Re: More FUD from First Virtual
Index(es):
- Date
- Thread