1996-01-31 - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards

Header Data

From: David Mazieres <dm@amsterdam.lcs.mit.edu>
To: Nathaniel Borenstein <cypherpunks@toad.com
Message Hash: c76a04c796b58c94b7b553beaa1ca4664119a31f4097669d23cdd91b26197fd8
Message ID: <199601300934.EAA02798@amsterdam.lcs.mit.edu>
Reply To: <Al3GYGSMc50eQWYAdR@nsb.fv.com>
UTC Datetime: 1996-01-31 10:09:38 UTC
Raw Date: Wed, 31 Jan 1996 18:09:38 +0800

Raw message

From: David Mazieres <dm@amsterdam.lcs.mit.edu>
Date: Wed, 31 Jan 1996 18:09:38 +0800
To: Nathaniel Borenstein <cypherpunks@toad.com
Subject: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
In-Reply-To: <Al3GYGSMc50eQWYAdR@nsb.fv.com>
Message-ID: <199601300934.EAA02798@amsterdam.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


This sounds like nothing but a glorified keystroke sniffer like xkey.

More importantly, however, if my system did get compromised, I would
have bigger worries than my credit card number.  I give my credit card
number out to people every day, but no one knows my PGP or ssh
passphrases, for example.

You may argue that many people don't have source code to their OS's,
so that viruses can spread more easily to them than to me.  Well, many
people don't do backups, either.  Ask most people if they would rather
divulge their credit card numbers or loose the entire contents of
their hard drives, and I think the answer will most likely be the
credit card number disclosure.

This article looks like a cheap attention getting device for FV to get
some free publicity.  I am not impressed.

David





Thread