From: "R. A. Hettinga" <rah@shipwright.com> Sent: Oct 8, 2004 7:14 PM To: cryptography@metzdowd.com, cypherpunks@al-qaeda.net Subject: Financial identity is *dangerous*? (was re: Fake companies, real money)
Okay. So I'm coming to the conclusion that book-entry settlement, with its absolute requirement for both "identity" and float between transactions, is becoming more and more *un*-safe to use as internet ubiquity increases.
Hmmm. I guess I don't see why this story supports that argument all that well. Clearly, book entry systems where I can do transactions in your name and you are held liable for them are bad, but that's like looking at Windows 98's security flaws and deciding that x86 processors can't support good OS security. The aspect of this that's generally spooky is not the existence of book entry payment systems, it's the ease with which someone can get credit (in one form or another) in your name, based on information they got from public records and maybe a bit of dumpster diving, some spyware installed on your machine, or a phishing expedition. How the payment systems are cleared isn't going to change that, right? (I know you've thought about this stuff a lot more than I have, so maybe I'm missing something....)
Anyone want to pick up the other side of this and tell me why not?
No bugbears or horsemen need apply...
Cheers, RAH
--John Kelsey