From: “Marcel van der Peijl” <bigmac@digicash.com>
To: ecm@ai.mit.edu
Message Hash: 6c4e33dbbe91e09fde029bd1d2c1e65b609ce37ea81e1ab86fd091c1709ecb33
Message ID: <199509271227.NAA14451@digicash.com>
Reply To: N/A
UTC Datetime: 1995-09-27 12:28:04 UTC
Raw Date: Wed, 27 Sep 95 05:28:04 PDT
From: "Marcel van der Peijl" <bigmac@digicash.com>
Date: Wed, 27 Sep 95 05:28:04 PDT
To: ecm@ai.mit.edu
Subject: NO weak links in DigiCash system!!!
Message-ID: <199509271227.NAA14451@digicash.com>
MIME-Version: 1.0
Content-Type: text/plain
> I have a couple of problems/complaints with your ecash project.
> When I was sent my Acct ID and Passwd they were sent to me plain text
> instead of being PGP-encrypted first. This means that some malicious
> hacker could have intercepted the e-mail message and stolen the
> free cyber-bucks you were so generous as to give me. Second, on the
> WWW-page where one downloads the software it does not seem to do a secure
> connection between my browser and your server (on netscape there is
> a small key in the lower-left hand corner that is supposed to show when
> one is securely connected to a secure server). So someone could sniff my
> password from the transaction when I GET the software. Also When I'm
> buying/selling things it would be smart for all parties involved to
> be using PGP, and I think you should stress this point more in your page.
> Otherwise this is another vulnerable point in your system IMHO.
Let's get this straight before spreading more of these vicious
rumours that can easily get misinterpreted.
DigiCash is an R&D company developing ecash. We license out our
technology to banks. We are running the trial, but only have limited
resources to do so. This may result in long waiting time for accounts
or no answer on a tech support mail. (We are of course trying to
prevent this).
In a real-money system, the password can of course not be sent out in
plain mail. Either it has to be transferred out-of-band (phone,
paper) or PGP'd. But that would require at least ten people answering
the phones, sending snailmail, etc. We do not have the resources to
do so, so we send out the password plain. A malicious hacker may
snatch the password and open the account for you and steal your
cb$100. This, however, is not related to the security of the
transactions once you open the account! The password is only for
starting up the account.
And of course downloading on a secure server is not relevant. The
software is the same for everyone! It is just not put out for public
downloading because it would mean a hundred times more people asking
for tech support. It would be more secure if we used different
passwords for downloading and for opening the accounts but again,
that would give a LOT more problems.
PGP does not add any security in the payment system. Ecash is already
secure.
Feel free to ask us the questions before publicly posting. It will
prevent misunderstandings and libel lawsuits.
// Marcel van der Peijl, DigiCash bv, http://www.digicash.com/~bigmac/
// "If you had to tell the Whole Truth, you'd never shut up."
Return to September 1995
Return to “Mats Bergstrom <asgaard@sos.sll.se>”