[Cryptography] threat models, was quantum computers & crypto
John Levine
johnl at iecc.com
Sun Oct 31 18:37:40 EDT 2021
It appears that Bill Frantz <frantz at pwpconsult.com> said:
>On 10/29/21 at 3:00 PM, ron at flownet.com (Ron Garret) wrote:
>
>>Paper checks are still in use 2000 years after they were first
>>invented. The financial industry moves very, very slowly,
>>mostly with good reason.
>
>And I am planning an $80 purchase. Should I send a paper check
>or send my CC info in unencrypted email? (No, they don't have a
>full ecommerce setup.)
As always, it depends on your threat model, and in both cases people's
mental threat models are often not very realistic.
Many people assume the account numbers on a check are secret-ish, but
of course they are not. Everyone to whom you have ever written a check
has a copy of them. Banks' security model for checks depends on auditing
and reversing bogus transactions, so even if someone were to use the
account info to make a fake check, or more likely an unauthorized ACH
withdrawal, you tell the bank when you get your statement and they
reverse it.
For e-mail, the mental model is often that bad people will snoop on
your mail, but that is as far as I can tell a vestige of the 1980s
when universities ran coax Ethernet around each department and you
actually could snoop on someone else's traffic. These days the
chances of a third party intercepting mail in transit is pretty
low, with the main risk being that the merchant's database is
compromised.
The bank security model for plastic is a mix of prevention and audit.
They usually check that the shipping address matches the
cardholder's address and have sophisticated models to flag usage that
doesn't match prior behavior. But you can also challenge bogus charges
and they generally just go away.
I'd use a credit card since the challenge process is slightly easier
and in case of a bogus charge, you still have the money while you are
disputing it. If you're feeling particularly paranoid, get a card from
Capital One who have an app that generates disposable card numbers,
make a number good for three days, and send them that.
R's,
John
More information about the cryptography
mailing list