Phil Fraering writes:
I thought I'd ask how the list is going... it seems to have gone downhill; there are now totally gratoitous insults to tcmay that don't seem to serve any purpose besides making sure the archive (if there is one) isn't fit for family viewing.
Mail filters are now virtually mandatory for reading cypherpunks.
* I take it SSL still hasn't been strengthened?
SSLv3 has no known weakneses, other than the government-mandated ones. Of course there's always new ideas in breaking crypto protocols, or new people working on it.
* I'm now working part of the time at a company that has a lot of mail-order sales; are any of you aware of how much credit card fraud is going on out there right now?
No, how much?
Might some of this actually be from unsecure SSL transactions?
Some of it might, however since there's about a zillion ways to steal CC numbers that are even easier than brute-forcing GAKware "export" SSL, I'd guess that the vast majority of CC fraud is from other causes. It's just so easy to go dumpster-diving for credit slips behind Macys, or snoop in on people phone-ordering goods over cellular or "portable" phones. Why bother breaking SSL? Why, that requires a computer! -- Eric Murray ericm@lne.com ericm@motorcycle.com http://www.lne.com/ericm PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF