From: nobody@REPLAY.COM (Anonymous)
Date: Thu, 14 Dec 1995 11:00:15 +0800
To: cypherpunks@toad.com
Subject: Re: And the standard continues to lower...
Message-ID: <199512140038.BAA02939@utopia.hacktic.nl>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>If the misuse of "One Time Pad" wasn't enough for ya, check out this ad
that
>I was e-mailed.
>
>And the chair of a CS department, no less.
>
>- ------- start of forwarded message (RFC 934 encapsulation) -------
>Subject: Secure No-overhead Online Order System for Publishers
>Date: Wed, 13 Dec 1995 12:24:03 -0800 (PST)
>
>A secure no-overhead online title-ordering system is now available. It may
>be viewed in operation at the home page for Blue Water Publishing, a
>publisher, software developer and distribution company, at
>http://www.bluewaterp.com/~bcrissey/
>or from the online bookstore area of ISCNI, the Institute for the Study of
>Contact with Non-Human Intelligence at
>http://www.iscni.com
>
>Blue Water's innovative online ordering system is called SimplySafe. It is
>a needle-in-the-haystack approach to online security.  It requires no
>encryption or secure servers, yet the probability that a dedicated hacker
>scanning 100 internet messages a second will intercept a usable credit
>card number sent via SimplySafe is less than the probability of picking
>our Sun out of the Milky Way.  That is less than 1 in 200 billion.  Safe
>enough for most folks.  There are easier ways for a hacker to pick up
>credit card numbers than to waste time with SimplySafe transactions.  Try
>it out!
>
>SimplySafe currently supports secure online orders from Blue Water
>Publishing, Wild Flower Press, Swan-Raven & Co., and ISCNI.
>Direct inquiries to
>SimpleSafe@aol.com
>
>***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128
>(503)-434-2426 brianc@linfield.edu
>Professionals built the Titanic, amateurs built the Ark...

The scheme is to send 4 digits of the credit card at a time. The
"explanation" follows.

>In order to proceed with your SimplySafe(r) encryption of your credit card
>number, please enter the SECOND set of (4) digits of your credit card
number:
>
>In the 41 seconds since you sent your first packet of four digits,
>approximately 2869959 packets of information have passed across the
internet.
>Assuming that a hacker can scan 100 packets of information per second for
>credit card information, there is 1 chance in 699 that he has scanned your
>first packet of digits.
>He is unlikely to have found anything useful.

Sigh.

Wilhelm Busch

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMM9w94iUi5SQtQ3tAQENnAf6A2SdN+AZGryzJ/eCE/fj+YO71ngQXk8A
2tAomwUqAPmrCll+ucnDc/knsct2VYo4I9b+j84Ah+Gzz6rAu3LKY+joBrgDBmBY
j79BOxik6tz9GCdBYDxTQ1BJpwbDAxaQHpNJYgEFryB59yxo4gi9xZbKZnnQv571
uQfuk1rAJbI+ESJK1Wlw8YrT+q8PoW8m5Y1qjBhxczRNaYAENsrVqHsz8L8bEBkW
WEfi6wIQpRkB6Fo9hH2HAVamvUwJvDtPgll6U1zBgh/zEs1Jyot3XLV5UHrdL7oM
6FRPD1LW/cWGjUv2YNyv6a3vDFz9LdcCk9eX+gekODzaE+fgeQWI3g==
=2n1S
-----END PGP SIGNATURE-----