Financial identity is *dangerous*? (was re: Fake companies, real money)

[Ian Grigg]

Hi John,

John Kelsey wrote:

> Today, most of what I'm trying to defend myself from online is done as either a kind of hobby (most viruses), or as fairly low-end scams that probably net the criminals reasonable amounts of money, but probably don't make them rich.  Imagine a world where there are a few hundred million dollars in untraceable assets waiting to be stolen, but only on Windows XP boxes with the latest patches, firewalls and scanners installed, and reasonable security settings.  IMO, that's a world where every day is day zero.  All bugs are shallow, given enough qualified eyeballs, and with that kind of money on the table, there would be plenty of eyeballs looking.  

We are way way past that point in security,
phishing is happening on an industrial scale, and
the virus, phish and spam people are united, or
at least working together.  Internet payment
systems are being DDOS/extorted on a regular
basis, and hack attempts are routine.

We literally already have that world.

> And once it's done, several thousand early adopters are out thousands of dollars each.  This isn't much of an advertisement for the payment system.  It's anonymous and based on bearer instruments, so there's no way to run the fraudulent transactions back.  The money's gone, and the attackers are richer, and the next, more demanding round of attacks has been capitalized.  

Again, we're well past that point.  There have been
hundreds and hundreds of payment systems out there,
and maybe order of a thousand have failed by now,
mostly due to business reasons.  Some simply due
to hacks and attacks, but it is rare, because:

What happens is that beyond a certain threshold, the
payment system delivers valuable payments.  At that
point, it starts getting attacked.  If those attacks
are survived, then it moves on to the next phase.
Which would be more attacks of a different nature...

(In fact, one seems to have failed in the last few
days - EvoCash -  and another is on the watch list
for failure - DMT/Alta.  Both of them suffered from
business style attacks it seemed, rather than what
we would call security hacks.)

The notion that suddenly it's all over isn't what
happens.  It's a trickle, then it builds up to a
flood.  Some small hacks come in, and people either
look at them or they don't.  Those that are diligent
and keep an eye on these things respond.  Those that
don't go out of business.  There are more dead
payment systems than people on this list, I'd guess,
we do have plenty of experience in this.

In practice, we've also seen what happens when
money that gets stolen can't be traced or stopped.
Even though not "bearer", systems like e-gold are
plenty anon enough, and they don't easily reverse.
I doubt bearer systems would necessarily face a
problem because of users losing their bearer tokens
(but there are plenty of other problems out there
like the rather hard insider theft problem).

> They also have to be able to do something about it.  What would you tell a reasonably bright computer programmer with no particular expertise in security about how to keep a bearer asset as valuable as his car stored securely on a networked computer?  If you can't give him an answer that will really work in a world where these bearer assets are  common, you're just not going to get a widespread bearer payment system working, for the same reason that there's probably nobody jogging with an iPod through random the streets of Sadr City, no matter how careful they're being.

When we get to that point, we will have an answer
for him.  I can assert that with a fair degree of
confidence, because a) we can't ever get to that
point until we have an answer, and b) we already
have the answer, and have had it for a decade:
store it on a trusted machine.  Just say no to
Windows XP.  It's easy, especially when he's
storing a bearer bond worth a car.

iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com