Financial identity is *dangerous*? (was re: Fake companies, real money)
Ian Grigg
iang at systemics.com
Mon Oct 25 17:31:48 EDT 2004
Alan Barrett wrote:
> On Sat, 23 Oct 2004, Aaron Whitehouse wrote:
>
>>>Oh, and make it small enough to fit in the pocket,
>>>put a display *and* a keypad on it, and tell the
>>>user not to lose it.
>>
>>How much difference is there, practically, between this and using a
>>smartcard credit card in an external reader with a keypad? Aside from
>>the weight of the 'computer' in your pocket...
>
>
> The risks of using *somebody else's keypad* to type passwords or
> instructions to your smartcard, or using *somebody else's display* to
> view output that is intended to be private, should be obvious.
:-)
It should be obvious. But it's not. A few billions
of investment in smart cards says that it is anything
but obvious.
To be fair, the smart card investments I've been
familiar with have been at least very well aware of
the problem. It didn't stop them proceeding with
papering over the symptoms, when they should have
gone for the underlying causes.
iang
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list