Excerpts from mail.cypherpunks: 1-Feb-96 Re: C'mon, How Hard is it t.. Jamie Zawinski@netscape. (2014*)
Is it your position that no systematic flaw in your security is real until someone has actually broken it?
Of course not. You don't have to actually break it to show that it's possible.
Of course, you *do* have to show the likelyhood of success and effort required to pull it off as well before it's interesting at all, whether it's theoretically possible or not.
OK, let's try this again: Is it your position that the hardest part of the attack we've outlined is the large-scale infection of consumer's machines with untrusted code, using a virus, Trojan Horse, or some other method? And that this attack is not serious because doing that is prohibitively difficult? If so, I agree with the first claim but not the second. But I'm really trying to get clear about your position here. -- Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com