At 08:51 AM 12/10/95 -0500, Nathaniel Borenstein <nsb@fv.com> (Tense Hot Alien In Barn) wrote:
In any event, I could write a virus that sits in front of the e-cash program and steals your keys when next you run the e-cash program. Software's just too easy to fool. That's why I regard the risk of catastrophe as being fairly large in software-based e-cash schemes.
How is this different for an ecash program vs. a First Virtual email acknowledgement program, where either a (really hairy) virus, or, more practically, an active email interloper could fake FV acks? While hardware may be the best encryption solution for the average user (as you say, and I think I agree with you), it needs to have some password interface such as a small keypad on the front of the smartcard, to prevent its usability after theft. Of course, there are problems with digicash as well; my Digicash play-money account thinks it's empty (in spite of having half a dozen coin-looking files), and doesn't recognize any of the half-dozen passwords I've guessed I might have used with it, so I'm not able to use Sameer's digicash-powered remailer. #-- # Thanks; Bill # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com # Phone +1-510-247-0663 Pager/Voicemail 1-408-787-1281