From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: 1f3b8e48fdce3ec3eb89c451a6cab5da0aa2c4e3363081df0ca85c110c4c34ca
Message ID: <199602030951.BAA12309@ix2.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1996-02-03 10:19:06 UTC
Raw Date: Sat, 3 Feb 1996 18:19:06 +0800
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 3 Feb 1996 18:19:06 +0800
To: cypherpunks@toad.com
Subject: Re: FV's Borenstein discovers keystroke capture programs! (gifs at 11!)
Message-ID: <199602030951.BAA12309@ix2.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 09:24 AM 1/30/96 -0500, Nathaniel Borenstein <nsb@nsb.fv.com> wrote:
>> But I just can't believe that he thinks that
>the telephone is more secure on average than a keyboard.
>
>We have a few pages of C code that scan everything you type on a
>keyboard, and selects only the credit card numbers. How easy is that to
>do with credit card numbers spoken over a telephone?
>The key is large-scale automated attacks, not one-time interceptions.
Speaker-independent recognition of digits is a done deal.
For large-scale automated attacks, you obviously don't wiretap the customer;
you hire The Dread Pirate Mitnick* to wiretap the 800 number for the
Home Shopping Channel, and hoover down the CC numbers of a large
number of known frequent-shopping cardholders. (Actually, hitting on them
might be a bit tough, since they've presumably got direct T1s or T3s from
one or more carriers, which are harder to tap than the average residence line.)
(*Not the original Kevin "Dread Pirate" Mitnick, who's retired,
but Fred Bargle, who's got the current Dread Pirate Mitnick franchise.... :-)
#--
# Thanks; Bill
# Bill Stewart, stewarts@ix.netcom.com, Pager/Voicemail 1-408-787-1281
# http://www.idiom.com/~wcs
Return to February 1996
Return to “Bill Stewart <stewarts@ix.netcom.com>”
1996-02-03 (Sat, 3 Feb 1996 18:19:06 +0800) - Re: FV’s Borenstein discovers keystroke capture programs! (gifs at 11!) - Bill Stewart <stewarts@ix.netcom.com>