[9761] in cryptography@c2.net mail archive
Re: Rubber hose attack
daemon@ATHENA.MIT.EDU (Rick Smith at Secure Computing)
Fri Nov 2 17:42:04 2001
Message-Id: <5.1.0.14.0.20011102133328.02830b58@STPNTMX03.sctc.com>
Date: Fri, 02 Nov 2001 14:13:08 -0600
To: <pasward@big.uwaterloo.ca>
From: Rick Smith at Secure Computing <rick_smith@securecomputing.com>
Cc: vertigo <vertigo@panix.com>, JohnE37179@aol.com,
Jason.Gruber@btinternet.com, cryptography@wasabisystems.com
In-Reply-To: <15330.56483.827507.254020@sandrock.uwaterloo.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
>Rick Smith at Secure Computing writes:
> > While I would feel compassion for consumers
> > who are hurt or inconvenienced by some huge scam that exploited a poor
> > Microsoft security implementation, such a scenario would be
> entertaining to
> > watch.
At 11:49 AM 11/2/2001, pasward@big.uwaterloo.ca wrote:
>What makes you believe that you will not be that consumer?
I might be. And maybe I'll have a terrific story to tell when it's all
over. But I'm not daunted by the inconvenience of providing my contact
information when I order something on-line, so I'm less likely to be drawn
to one of their 'wallet' initiatives. Besides, this isn't the first time
Microsoft has proposed a leaky wallet for use by the surfing public. So I'm
more likely to suffer a more conventional (and less interesting) type of
card fraud. It's happened before.
As I've said before, I think the security community plays an essential role
when picking apart commercial security technologies, especially when they
turn out to be as flawed as Microsoft's latest balloon.
Rick.
smith@securecomputing.com roseville, minnesota
"Authentication" in bookstores http://www.visi.com/crypto/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
