Rubber hose attack

Rick Smith at Secure Computing rick_smith at securecomputing.com
Fri Nov 2 15:13:08 EST 2001


>Rick Smith at Secure Computing writes:

>  > While I would feel compassion for consumers
>  > who are hurt or inconvenienced by some huge scam that exploited a poor
>  > Microsoft security implementation, such a scenario would be 
> entertaining to
>  > watch.

At 11:49 AM 11/2/2001, pasward at big.uwaterloo.ca wrote:

>What makes you believe that you will not be that consumer?

I might be. And maybe I'll have a terrific story to tell when it's all 
over. But I'm not daunted by the inconvenience of providing my contact 
information when I order something on-line, so I'm less likely to be drawn 
to one of their 'wallet' initiatives. Besides, this isn't the first time 
Microsoft has proposed a leaky wallet for use by the surfing public. So I'm 
more likely to suffer a more conventional (and less interesting) type of 
card fraud. It's happened before.

As I've said before, I think the security community plays an essential role 
when picking apart commercial security technologies, especially when they 
turn out to be as flawed as Microsoft's latest balloon.


Rick.
smith at securecomputing.com            roseville, minnesota
"Authentication" in bookstores http://www.visi.com/crypto/




---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com




More information about the cryptography mailing list