From: Nathaniel Borenstein <nsb@nsb.fv.com>
Date: Sat, 3 Feb 1996 07:17:56 +0800
To: weld@l0pht.com>
Subject: Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit Cards
In-Reply-To: <Pine.BSD/.3.91.960130094017.9580A-100000@l0pht.com>
Message-ID: <Il4cDhyMc50eR5gdEN@nsb.fv.com>
MIME-Version: 1.0
Content-Type: text/plain


Excerpts from mail.cypherpunks: 30-Jan-96 Re: FV Demonstrates Fatal F..
Weld Pond@l0pht.com (1503*)

> Here is an example of an imagemap for secure number entry.

> http://www.l0pht.com/~weld/numbers.html

I *really* like this example.  That's because it demonstrates so clearly
the security/usability tradeoff that I keep trying to hammer home to
people.

Yes, with something like this -- and a LOT of variation, so it wasn't
the same every time -- you could avoid an attack like ours.  But you'd
also have a user interface that was virtually unusable.  The focus of
the attack we outlined was one particular, naive approach to Internet
commerce that sacrificed a lot of security for usability.  If the net
result of what we've done is to force them to find a better balance, it
was well worth the effort.

Or, to put it another way, I'm not too worried about competing with
software-encrypted credit card numbers if they use an imagemap technique
like the one you've outlined.
--------
Nathaniel Borenstein <nsb@fv.com>
Chief Scientist, First Virtual Holdings
FAQ & PGP key: nsb+faq@nsb.fv.com