From: David Mazieres <dm@amsterdam.lcs.mit.edu>
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Message Hash: 3c80586728312f8b373e53f9a6c9aae8b5e7d40ccd54b4b656cd7913c23c98a9
Message ID: <199601301030.FAA03072@amsterdam.lcs.mit.edu>
Reply To: <sl3GafqMc50eQWYD0N@nsb.fv.com>
UTC Datetime: 1996-02-01 20:29:37 UTC
Raw Date: Fri, 2 Feb 1996 04:29:37 +0800
From: David Mazieres <dm@amsterdam.lcs.mit.edu>
Date: Fri, 2 Feb 1996 04:29:37 +0800
To: Nathaniel Borenstein <nsb@nsb.fv.com>
Subject: Re: CONTEST: Name That Program!
In-Reply-To: <sl3GafqMc50eQWYD0N@nsb.fv.com>
Message-ID: <199601301030.FAA03072@amsterdam.lcs.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain
In article <sl3GafqMc50eQWYD0N@nsb.fv.com> Nathaniel Borenstein <nsb@nsb.fv.com> writes:
> As you may have read in my previous message, First Virtual has developed
> and demonstrated a program that completely undermines all known schemes
> for using software-encrypted credit cards on the Internet. More details
> are avialable at http://www.fv.com/ccdanger.
You are a liar.
Your program does not undermine all known schemes for transmitting
software-encrypted credit cards on the internet. You have no way of
obtaining my credit card number, because I will not run your software.
Furthermore, because I use a Unix-like operating system (specifically
OpenBSD) which I re-build from source code every week or so, you would
need to hack my compiler to keep mis-compiling itself and compromise
my kernel or netstat, ps, etc, for which you would need to be root.
The first virtual protocol seems to have some real weeknesses.
However, I do not feel like wading through all the pages of text to
figure out what is going on. I challenge you to post a concise
description of the protocol, using syntax such as:
A -> B: {ID, xxx, ...}_Ks
With short descriptions where necessary. If you do, I'm sure we can
rip your protocol to shreds (which is why you won't).
David
Return to February 1996
Return to “Simon Spero <ses@tipper.oit.unc.edu>”