[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How's the list?

Phil Fraering writes:
> I thought I'd ask how the list is going... it seems to have gone
> downhill; there are now totally gratoitous insults to tcmay that
> don't seem to serve any purpose besides making sure the archive
> (if there is one) isn't fit for family viewing.

Mail filters are now virtually mandatory for reading cypherpunks.

> * I take it SSL still hasn't been strengthened?

SSLv3 has no known weakneses, other than the government-mandated
ones.  Of course there's always new ideas in breaking
crypto protocols, or new people working on it.

> * I'm now working part of the time at a company that has a lot of
> mail-order sales; are any of you aware of how much credit card fraud is
> going on out there right now?

No, how much?

> Might some of this actually be from unsecure SSL transactions?

Some of it might, however since there's about a zillion ways
to steal CC numbers that are even easier than brute-forcing GAKware
"export" SSL, I'd guess that the vast majority of CC fraud is
from other causes.  It's just so easy to go dumpster-diving
for credit slips behind Macys, or snoop in on people
phone-ordering goods over cellular or "portable" phones.
Why bother breaking SSL?  Why, that requires a computer!

Eric Murray  [email protected]  [email protected]  http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03  92 E8 AC E6 7E 27 29 AF