1997-07-21 - Re: mondex

Header Data

From: Martin Janzen <janzen@idacom.hp.com>
To: cypherpunks@cyberpass.net
Message Hash: affb04eb78771591dd8ab2121cc6cdec3a3f7346c905959c6b6ae015d71886a8
Message ID: <9707202357.AA17060@sabel.idacom.hp.com>
Reply To: N/A
UTC Datetime: 1997-07-21 00:02:43 UTC
Raw Date: Mon, 21 Jul 1997 08:02:43 +0800

Raw message

From: Martin Janzen <janzen@idacom.hp.com>
Date: Mon, 21 Jul 1997 08:02:43 +0800
To: cypherpunks@cyberpass.net
Subject: Re: mondex
Message-ID: <9707202357.AA17060@sabel.idacom.hp.com>
MIME-Version: 1.0
Content-Type: text/plain

Ryan Lackey wrote:
>Does anyone know how open the Mondex architecture is?  Is it in any way
>possible to set up a competing system with your own card manufacture
>and issuing bodies for currencies which can be used in deployed Mondex
>POS terminals without too much hassle?

Wesley Felter <wesf@mail.utexas.edu> wrote:
>As I understand it, Mondex is a completely closed system. Everything that
>you don't absolutely need to know is undocumented. Since you can settle
>offline, the potential for fraud is frightening; unless I'm getting the
>benefit of these, um, weaknesses in the system, I don't want there to be
>any. The lack of privacy seems to be somewhat of a smokescreen; since you
>can settle offline, they don't have a really accurate way of tracking
>transactions except at the interface between e$ and other forms of money
>or goods (like their POS terminals and ATMs).
>Can you hack Mondex? They say you can't...

David Jones,a computer science professor at McMaster University and
president of Electronic Frontier Canada, has written an interesting
article on the subject of Mondex security:

>Here's my latest article published online in "The Convergence".
>Please visit the web page version because it has lots of hyperlinks
>to related documents, including some never before published on the Net
>(e.g., Australian bank report on Mondex security)
>        http://theconvergence.com/columns/djones/07121997/

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

                Mondex: A House of Smart-Cards?

  With e-cash, privacy is illusory and security is questionable

by David Jones

Mondex International has already conceded that its electronic
'cash' isn't really as private as they once claimed.  Now critics
are questioning whether their security is all it's cracked up to be.
If crooks managed to create counterfeit cyber-cash, and if Mondex
failed to detect it quickly enough, the deposits backing up the
electronic currency could be drained dry, leaving customers out
of pocket -- unable to redeem the 'value' on their cards.
Do participating banks have any contingency plans for what
Mondex calls its 'meltdown scenario'?


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Martin Janzen           janzen@idacom.hp.com