1996-01-30 - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit
Header Data
From: Nathaniel Borenstein <nsb@nsb.fv.com>
To: trei@process.com
Message Hash: 34f930b03defd822d506d4348311fdc2f5a79e81332093e13895c0b94faff536
Message ID: <Al3Ie8GMc50e0WY6IN@nsb.fv.com>
Reply To: <9601292111.AA23738@toad.com>
UTC Datetime: 1996-01-30 09:25:16 UTC
Raw Date: Tue, 30 Jan 1996 17:25:16 +0800
Raw message
From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Tue, 30 Jan 1996 17:25:16 +0800
To: trei@process.com
Subject: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit
In-Reply-To: <9601292111.AA23738@toad.com>
Message-ID: <Al3Ie8GMc50e0WY6IN@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain
Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. "Peter
Trei"@acm.org (1233)
> I started reading this thinking it was actually something important. All
> it describes
> is a keyboard monitor, which greps for CC#s, and which could be spread by an
> (unspecified) virus, and sends the output to a crook over the net by
> some (unspecified)
> mechanism.
There are many ways to spread it besides a virus. Zillions of 'em. And
there are totally anonymous ways to redistribute it, some of which I've
never seen described publicly, which is why they were left unspecified.
> It's sort of interesting that "Nathaniel Borenstein" has a PGP key, but
> failed to
> clearsign this message, which loudly trumpets it's great import.
> Considering the
> lack of actual content, I feel compelled to warn readers that this may
> be a forgery,
> designed to make him look like he's scaremongering.
Do you have my key in your key ring? I rather doubt it. So what good
would it have done?
Have you downloaded my key from the net? Assume that you have. How do
you know it's mine?
I use PGP about 20 times per day. I use it in a manner that is
*meaningful*. Unless we have in some way or another verified each
others' keys, it is meaningless for me to sign a message to you.
Putting a PGP signature on a message to someone who has no way of
verifying your keys is a nice political statement, but is utterly
meaningless in terms of adding any proof of the sender's identity. --
Nathaniel
PS -- On the off chance that anyone really doubts this is me, I will
shortly send cypherpunks a message that has my own voice AND a PGP
signature thereupon. That way, you can check my identity if you either
recognize my voice OR have verified my fingerprint. Sheesh. -- NB
Thread
- Return to January 1996
Return to February 1996
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “Nathaniel Borenstein <nsb@nsb.fv.com>”
- Return to ““Paul M. Cardon” <pmarc@fnbc.com>”
- Return to ““Peter Trei” <ptrei@acm.org>”
Return to “roy@sendai.cybrspc.mn.org (Roy M. Silvernail)”
- 1996-01-30 (Tue, 30 Jan 1996 08:13:11 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Peter Trei” <ptrei@acm.org>
- 1996-01-30 (Tue, 30 Jan 1996 14:28:29 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-01-30 (Tue, 30 Jan 1996 17:25:16 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-31 (Wed, 31 Jan 1996 09:14:15 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - futplex@pseudonym.com (Futplex)
- 1996-01-30 (Wed, 31 Jan 1996 00:38:41 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-30 (Wed, 31 Jan 1996 02:13:17 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - Adam Shostack <adam@lighthouse.homeport.org>
- 1996-01-30 (Wed, 31 Jan 1996 00:38:41 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-31 (Wed, 31 Jan 1996 12:53:28 +0800) - On the value of signatures (was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - roy@sendai.cybrspc.mn.org (Roy M. Silvernail)
- 1996-01-31 (Wed, 31 Jan 1996 09:14:15 +0800) - Re: Signature use and key trust (Was: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit) - futplex@pseudonym.com (Futplex)
- 1996-01-30 (Tue, 30 Jan 1996 23:45:13 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-01-30 (Wed, 31 Jan 1996 02:13:48 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-02-02 (Sat, 3 Feb 1996 07:07:14 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
- 1996-02-02 (Sat, 3 Feb 1996 07:40:21 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-02-03 (Sat, 3 Feb 1996 22:26:59 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>