1996-01-30 - RE: FV’s Borenstein discovers keystroke capture programs! (pictures at 11!)

Header Data

From: Tim Oerting <timo@microsoft.com>
To: “nsb@nsb.fv.com>
Message Hash: ad44b4abd6b9ad23349afc2142fcae9252b5e8d2746d3b9c7e2cc231e5a45b06
Message ID: <c=US%a=%p=msft%l=RED-66-MSG960129190324HH007C00@red-02-imc.itg.microsoft.com>
Reply To: _N/A

UTC Datetime: 1996-01-30 05:27:48 UTC
Raw Date: Tue, 30 Jan 1996 13:27:48 +0800

Raw message

From: Tim Oerting <timo@microsoft.com>
Date: Tue, 30 Jan 1996 13:27:48 +0800
To: "nsb@nsb.fv.com>
Subject: RE: FV's Borenstein discovers keystroke capture programs! (pictures at 11!)
Message-ID: <c=US%a=_%p=msft%l=RED-66-MSG960129190324HH007C00@red-02-imc.itg.microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain


no doubt all the responses to the cypherpunk list are unnecessary as we all
agree this is a load of PR nonsense. But I just can't believe that he thinks 
that
the telephone is more secure on average than a keyboard.  I can tell pretty 
easily
if something is running on my system that I didn't intend..it is much less 
probably to say that I know that someone isn't listening with a scanner if 
I'm on
a cordless or just plain tapping my line if I'm on a standard phone. 
 Admittedly I
think cell phones may take more effort on the part of the eavesdropper but 
are
still doable.

I'm certain that none of first virtual customers use a cordless phone, 
indeed 
since you feel the telephone is such a secure device you no doubt require
that all of your customers use STUIII phones to communicate. 


----------
From: 	Nathaniel Borenstein[SMTP:nsb@nsb.fv.com]
Sent: 	Monday, January 29, 1996 12:07 PM
To: 	cypherpunks@toad.com
Subject: 	FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards


First Virtual's Internet Payment Systems never places the consumer's
credit card number on the Internet.  Instead, the consumer provides it
      to us by telephone when the account is opened.  
----------
From: 	Nathaniel Borenstein[SMTP:nsb@nsb.fv.com]
Sent: 	Monday, January 29, 1996 1:39 PM
To: 	cypherpunks@toad.com; dmacfarlane@zip.sbi.com
Subject: 	Re: FV's Borenstein discovers keystroke capture programs! 
(pictures at 11!)

Well, the mis-conceptions are flying fast and furious.

You're twisting our words.  We believe it is a truly fatal flaw in those
internet commerce schemes that are based on software encryption of
credit card numbers.  There are several schemes for Internet commerce
that are unaffected:

	-- First Virtual (of course)







Thread