once more, with feeling.
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Sep 24 02:03:07 EDT 2008
Combining several replies into one...
Nicolas Williams <Nicolas.Williams at sun.com> writes:
>On Mon, Sep 22, 2008 at 08:59:25PM -1000, James A. Donald wrote:
>> The major obstacle is that the government would want a strong binding
>> between sim cards and true names, which is no more practical than a
>> strong binding between physical keys and true names.
>
>I've a hard time believing that this is the major obstacle.
>[...]
>First, there's a business model problem. Every one wants in: the cell phone
>manufacturer, the software developer, the network operators, and the banks.
>With everyone wanting a cut of every transaction done through cell phones the
>result would likely be too expensive to compete with credit cards, even after
>accounting for the cost of credit card fraud.
In my experience that's the brontosaurus in the room. There are vendors out
there that'll do cellphone auth (basic SMS-based out-of-band transaction
authorisation), the technology's in place, the problem is that once everyone
has taken their cut it's no longer economical. To some extent the technology
still sucks quite a bit (e.g. RSA's SMS-based system takes the bank-side
information "Request authorisation for transfer of $10,000 from your bank
account to the bank account of J.Random Retailer" and turns it into "Enter the
following PIN to unlock all further debits from your account until it's
empty"), but we're getting there.
The killer is the cost involved. Access to the mobile networks is expensive
enough that I've seen solutions in some countries like buying SMS capacity in
bulk from foreign providers (it's cheaper to send the texts from a provider on
the other side of the world than to do it locally) to the extreme step of
setting up (or perhaps buying up) your own cellular network.
"James A. Donald" <jamesd at echeque.com> writes:
>There is always the give-your-password-over-the-phone attack, but the fact
>that phishers seeking WoW gold actually have to use the give-your-password-
>over-the-phone attack against WoW players shows the potency of a deliberately
>non standard, difficult to forge, user interface.
Can you describe the WoW interface? It sounds like they've taken advantage of
the greenfields approach and built something different that's secure from the
start, but I'm not familiar with how it works.
>We need a similarly concise yet precise statement of what is wrong with the
>sort of things we are now doing - a list of principles of cryptography that
>working systems exemplify, and failed systems violate.
It's already been done, in situation-specific ways:
Marcus Ranum's Six Dumbest Ideas in Computer Security,
http://www.ranum.com/security/computer_security/editorials/dumb/index.html
Microsoft/Scott Culp's Ten Immutable Laws of Security,
http://technet.microsoft.com/en-us/library/cc722487.aspx
My own Ten Inescapable Truths of Security UI,
http://www.cs.auckland.ac.nz/~pgut001/pubs/stupid.pdf (last three slides)
IanG <iang at systemics.com> writes:
>I think if there is a lot of money in it, there are some innovative solutions
>to making the obvious advice easier. I particularly like the Dutch central
>bank's approach here:
>
>https://financialcryptography.com/mt/archives/001059.html
... if you can stand the clickfest that's required to get there with FF3
(sigh).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list