From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Wed, 31 Jan 1996 23:45:28 +0800
To: Rich Salz <rsalz@osf.org>
Subject: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
In-Reply-To: <9601300006.AA15845@sulphur.osf.org>
Message-ID: <sl3SprmMc50eAWY4U=@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail: 29-Jan-96 Re: FV Demonstrates Fatal F.. Rich
Salz@osf.org (1188)

> You must trust something.  You folks trust the telephone (never gets
> tapped, right) the postal service (of course mail never gets stolen) banks
> or credit card companies (which never have problems).  And then, on top
> of that foundation of sand you build a commerce system with MIME and
> SMTP (sendmail is the most bugfree program ever written).

I certainly don't trust the telephone not to be tapped on an individual basis.

I used to trust the telephone not to be tapped in a selective way based
on keyword recognition, but in recent years, with the improvement in
voice recognition technology, I have stopped trusting it that way, and I
know plenty of other people have too -- if you say "NSA" into a cellular
call, you are probably inviting an eavesdropper.

The Internet environment is EVEN LESS trustable.  Installing the kind of
general phone tap I just mentioned is very hard to do, and requires a
level of access that is almost impossible unless you're the phone
company or the government.  The level of software needed to recognize
spoken keywords is quite sophisticated.  On the Internet, almost anyone
can tap data streams, and almost anyone can install keyboard sniffers on
user machines, and the level of software needed to recognize keywords in
ASCII is very simple.  The risk models are very different.

Similarly, we trust the postal service and certain uses of email not to
be free of any insecurities, but to be hard to defeat in a large scale
automated way.  That kind of statistical risk is the foundation of the
security of the credit card system -- not perfect security, but bounding
of individual risks and preclusion of large-scale attacks.

> Stef's blatant attempts
> to ensure MIME's use in IETF-PAY was not an exception, but the first
> salvo.

I have no idea what you're talking about here.  

> You make me sorry I invented safe-tcl and made FV possible.

I *really* have no idea what you're talking about here.  There are two
ideas here that strike me as delusional: that you invented safe-tcl and
that safe-tcl made FV possible.  To the best of my knowledge, neither of
these is true.  -- Nathaniel
--------
Nathaniel Borenstein <nsb@fv.com>
Chief Scientist, First Virtual Holdings
FAQ & PGP key: nsb+faq@nsb.fv.com