Creativity and security

Steven M. Bellovin smb at cs.columbia.edu
Mon Mar 27 20:06:17 EST 2006


On Sun, 26 Mar 2006 19:07:07 -0800, "Joseph Ashwood" <ashwood at msn.com>
wrote:

> ----- Original Message ----- 
> From: "J. Bruce Fields" <bfields at fieldses.org>
> Subject: Re: Creativity and security
> 
> 
> > On Fri, Mar 24, 2006 at 06:47:07PM -0000, Dave Korn wrote:
> >>   IOW, unless we're talking about a corrupt employee with a photographic
> >> memory and telescopic eyes,
> >
> > Tiny cameras are pretty cheap these days, aren't they?  The employee
> > would be taking more of a risk at that point though, I guess.
> 
> The one I find scarier is the US restaurant method of handling cards. For 
> those of you unfamiliar with it, I hand my card to the waiter/waitress, the 
> card disappears behind a wall for a couple of minutes, and my receipt comes 
> back for to sign along with my card. Just to see if anyone would notice I 
> actually did this experiment with a (trusted) friend that works at a small 
> upscale restaurant. I ate, she took my card in the back, without hiding 
> anything or saying what she was doing she took out her cellphone, snapped a 
> picture, then processes everything as usual. The transaction did not take 
> noticably longer than usual, the picture was very clear, in short, if I 
> hadn't known she was doing this back there I would never have known. Even at 
> a high end restaurant where there are more employees than clients no one 
> paid enough attention in the back to notice this. If it wasn't a trusted 
> friend doing this I would've been very worried.
>
There was a Dilbert strip on that about 10 years ago.  (Jan 11, 1996,
according to my saved copy, but it doesn't seem to be available via
their web archive.)  It shows Dilbert saying that he'd never buy
anything online because he doesn't want his credit card number floating
around the net.  He then hands his credit card to a waitress, who comes
back wearing a fur coat.


		--Steven M. Bellovin, http://www.cs.columbia.edu/~smb

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list