[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: HP announcement



At 1:26 PM -0600 11/18/96, Mike McNally wrote:

>A lot of the security (that is, "security" from the point of view of
>nervous Federales) seems to rely on certificates and tokens that are
>supposedly spoof-proof (I guess).  Looks to me as if application
>certificates will be rather difficult to protect from being "abused".
>It's also not clear to me how they'd prevent my flying to Luxembourg,
>getting a Policy token that allows any & all crypto functions, and
>then flying my butt back to Singapore for an encryption party.

Or using the method someone (Duncan?) suggested a few years ago: recruit a
bunch of derelicts and winos and other such "invisibles" to apply for
Official Permissions in their own True Names, pay them off with the bottle
of Thunderbird promised them, and, voila!, one has a unique Official
Permission (policy card, for example).

Absent biometric identification or other complicated verification (such as
geographic methods...I'm dubious), I can't see how this wouldn't work.

(And I think there will be dozens of other ways to subvert the H-P/Intel
system.)

--Tim May


"The government announcement is disastrous," said Jim Bidzos,.."We warned IBM
that the National Security Agency would try to twist their technology."
[NYT, 1996-10-02]
We got computers, we're tapping phone lines, I know that that ain't allowed.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1,257,787-1 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."