Financial identity is *dangerous*? (was re: Fake companies, real money)

Hal Finney hal at
Thu Oct 21 15:21:49 EDT 2004

James Donald writes:
> On 19 Oct 2004 at 21:30, Ian Grigg wrote:
> > we already have the answer, and have had it for a decade: 
> > store it on a trusted machine.  Just say no to Windows XP. 
> > It's easy, especially when he's storing a bearer bond worth a 
> > car.
> What machine, attached to a network, using a web browser, and 
> sending and receiving mail, would you trust? 

I would suggest pursuing work along the lines of a Virtual Machine Monitor
(VMM) like VMWare.  This way you can run a legacy OS, even Windows,
alongside a high security simplified OS which handles your transactions.
You run your regular buggy OS as usual, then hit a function key to
switch into secure mode, which enables access to your financial data.
The VMM does introduces some performance overhead but for typical web
browsing and email tasks it will not be significant.

This seems more promising than waiting for Windows to become secure,
or for everyone to switch to Linux.  I believe there are a number of
academic projects along these lines, for example the Terra project, , which uses
a hardware security chip to try to protect one VM's data from another.
I don't know if the extra complexity buys you much in this application

Hal Finney

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list