At 05:17 PM 12/13/95 -0600, you wrote:
Dr. Brian L. Crissey includes in his .sig, courtesy of cactus@hks.net
[ much WRT YetAnotherSecureInternetCreditCardPaymentSystem(*tm) deleted ] ***Dr. Brian L. Crissey, Chair CS Dpt, Linfield Col., McMinnville, OR 97128 (503)-434-2426 brianc@linfield.edu Professionals built the Titanic, amateurs built the Ark...
However, the Ark was *designed* by GOD (if you believe the story). Can Dr. Brian L. Crissey say the same thing about his payment system?
This guy's home page is a hoot - he's into UFO contacts and dolphin communication. After writing to him and getting back a description of his system, it's clear that he's clueless. He seems to think that info sent to a vendor using his system can't be sorted out from the gazillion other packets on the Net. I described to him sniffer attacks, subverted routers, etal, and reccomended some basic reading (Cheswick & Bellovin, Kaufmann, Perlman, & Speciner, and Schneier). He said he'd look into it. (Yes, I know there's plenty of other attacks, such as OSPF spoofing, but I didn't describe them). I think we can educate this guy. speaking only for myself, Peter Trei