1996-02-01 - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit

Header Data

From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
To: cypherpunks@toad.com
Message Hash: 5b07c0234ff58c1e0e5bfafb2ef45d8651762d011a96658b48096d47725fc987
Message ID: <mRwHiD104w165w@bwalk.dm.com>
Reply To: <9601300015.AA15891@sulphur.osf.org>
UTC Datetime: 1996-02-01 18:16:15 UTC
Raw Date: Fri, 2 Feb 1996 02:16:15 +0800

Raw message

From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Fri, 2 Feb 1996 02:16:15 +0800
To: cypherpunks@toad.com
Subject: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit
In-Reply-To: <9601300015.AA15891@sulphur.osf.org>
Message-ID: <mRwHiD104w165w@bwalk.dm.com>
MIME-Version: 1.0
Content-Type: text/plain


Rich Salz <rsalz@osf.org> writes:
> >There are many ways to spread it besides a virus.  Zillions of 'em.  And
>
> There are zillions (what, more than one thousand?) ways to get someone
> to run a random piece of software that will capture their keystrokes?
>
> I don't believe you.  Name six.

I think I'll go on a tangent:

Many, many, many years ago, when I was a little kid, I wrote several "cool"
games that I uploaded to various BBS's. The games kept track of high scores
and saved them in a file. At that time there were a few popular BBS programs
for PC DOS (Fido, PC Board, RBBS, et al) which stored their passwords in
fairly standard locations. When the games saved the high scores, they also
looked in these standard locations. Invariably, when I downloaded the same
games a few days later, I would discover that the BBS's sysops played the
game, and made the archive with their high scores available for downloading.

ObCrypto: the high scores were encrypted together with the shell passwords.

---

Dr. Dimitri Vulis
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

Thread

• Return to January 1996

• Return to February 1996

• Return to “dlv@bwalk.dm.com (Dr. Dimitri Vulis)”
• Return to ““Ed Carp, KHIJOL SysAdmin” <erc@dal1820.computek.net>”
• Return to “futplex@pseudonym.com (Futplex)”
• Return to “Jon Lasser <jlasser@rwd.goucher.edu>”
• Return to “m5@dev.tivoli.com (Mike McNally)”
• Return to “Mike Fletcher <fletch@ain.bls.com>”
• Return to “Nathaniel Borenstein <nsb@nsb.fv.com>”
• Return to “Paul Foley <paul@mycroft.actrix.gen.nz>”
• Return to ““Paul M. Cardon” <pmarc@fnbc.com>”
• Return to “Rich Graves <llurch@networking.stanford.edu>”
• Return to “Rich Salz <rsalz@osf.org>”
• Return to ““Richard Martin” <rmartin@aw.sgi.com>”

• Return to “Tim Philp <bplib@wat.hookup.net>”

• 1996-01-30 (Tue, 30 Jan 1996 17:12:29 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Rich Salz <rsalz@osf.org>
  • 1996-01-30 (Tue, 30 Jan 1996 19:42:59 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
    • 1996-01-31 (Wed, 31 Jan 1996 12:22:49 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Paul Foley <paul@mycroft.actrix.gen.nz>
      • 1996-02-01 (Thu, 1 Feb 1996 10:16:17 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
        • 1996-02-04 (Mon, 5 Feb 1996 02:34:33 +0800) - XMAS Exec - Nathaniel Borenstein <nsb@nsb.fv.com>
          • 1996-02-04 (Mon, 5 Feb 1996 04:23:18 +0800) - Re: XMAS Exec - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
  • 1996-01-30 (Tue, 30 Jan 1996 21:08:44 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
  • 1996-02-01 (Fri, 2 Feb 1996 02:16:15 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
  • 1996-02-01 (Fri, 2 Feb 1996 02:19:42 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Tim Philp <bplib@wat.hookup.net>
    • 1996-01-30 (Tue, 30 Jan 1996 13:45:13 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Ed Carp, KHIJOL SysAdmin” <erc@dal1820.computek.net>
      • 1996-02-01 (Fri, 2 Feb 1996 01:59:49 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - futplex@pseudonym.com (Futplex)
        • 1996-01-30 (Tue, 30 Jan 1996 23:03:11 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - m5@dev.tivoli.com (Mike McNally)
          • 1996-01-30 (Wed, 31 Jan 1996 01:48:05 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - Jon Lasser <jlasser@rwd.goucher.edu>
          • 1996-01-30 (Wed, 31 Jan 1996 02:29:00 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - m5@dev.tivoli.com (Mike McNally)
            • 1996-01-31 (Wed, 31 Jan 1996 11:40:37 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - futplex@pseudonym.com (Futplex)
            • 1996-01-31 (Thu, 1 Feb 1996 03:47:19 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - m5@dev.tivoli.com (Mike McNally)
        • 1996-01-30 (Tue, 30 Jan 1996 23:42:02 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - “Richard Martin” <rmartin@aw.sgi.com>
        • 1996-01-30 (Wed, 31 Jan 1996 00:49:47 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - Mike Fletcher <fletch@ain.bls.com>
        • 1996-01-31 (Wed, 31 Jan 1996 16:55:46 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - Rich Graves <llurch@networking.stanford.edu>
    • 1996-01-30 (Tue, 30 Jan 1996 23:10:58 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - m5@dev.tivoli.com (Mike McNally)