Financial identity is *dangerous*? (was re: Fake companies, real money)
Ben Laurie
ben at algroup.co.uk
Mon Nov 1 09:13:08 EST 2004
Ian Grigg wrote:
>
>
> Alan Barrett wrote:
>
>> On Sat, 23 Oct 2004, Aaron Whitehouse wrote:
>>
>>>> Oh, and make it small enough to fit in the pocket,
>>>> put a display *and* a keypad on it, and tell the
>>>> user not to lose it.
>>>
>>>
>>> How much difference is there, practically, between this and using a
>>> smartcard credit card in an external reader with a keypad? Aside from
>>> the weight of the 'computer' in your pocket...
>>
>>
>>
>> The risks of using *somebody else's keypad* to type passwords or
>> instructions to your smartcard, or using *somebody else's display* to
>> view output that is intended to be private, should be obvious.
>
>
> :-)
>
> It should be obvious. But it's not. A few billions
> of investment in smart cards says that it is anything
> but obvious.
That assumes that the goal of smartcards is to increase security instead
of to decrease liability.
--
ApacheCon! 13-17 November! http://www.apachecon.com/
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list