The "keyboard sniffer" of FV is really troublesome, and the extension of this threat will hamper the Internet Commerce tremendously, I believe. The thing that might have made it hard to accept the threat for cypherpunkers is that it was presented together with a plug for the FV scheme, (which may or may not be valid btw.) But more generally, I see the following happening. The factors that now are "harmonizing" are; * the tremendous growth of Inet commerce; Digicash, encrypted CardNo's etc. Many of the now proposed schemes have no independant "evidence" mechanism, whereby you can settle a disputed transaction fairly. You will have to choose to believe one of the parts, and that is very often the service provider/bank/card company. * The decline of the "ordinary" card fraud market, VISA/Europay/Mastercard is rapidly finishing their forthcoming smart card systems. I'd guess this "market" is gone within 2-3 years. Some "big organisations" might start to move into the new "fraud markets" soon. * The fact that the PC are such an extremely used platform, and that the need for back compatibility will make it almost impossibe to add substantial security to it now. * The fact that anti-virus tools haven't been able to eradicate the virii problem even before the "forthcoming surge" in virus writing that I believe will come. According to a survey by Information Week (Nov 27 -95) 67% of the companies had been hit by a virus the last year, and 12% of the companies had suffered financial loss caused of it. (1293 companies surveyed). Admittedly there are social problems behind the continued spread of virii too, but that alone doesn't make them go away. Take a look at the article "Virus Authors strike Back" by Alan Solomon in "Computers and Security" 11 (1992) 602-606. The state of anti-virus tools seemed to be in a rather sad state back then, and I really wonder whether they are any better now. * The knowledge about how to write virii has been spread rather far - a college kid can get his hands on one of the polymorphic virus generators, and start to output new self-encrypting virii with the same action routine regularly. Also, note that this new kind of virii ("virii with a mission") would start to cost immediately, in contrast with the "old kind" that only cost when you have to clean them out, or if they wipe un-backuped data. (your fault - core dumped) * All PC's will be net-connected... Embed a public key in the virus, let it encrypt the loot and post it to Usenet in the group junk.erotica. You can then harvest the group with the secret key anywhere in the world. (Be generous, let the virus go away automatically if it has "contributed" enough money.) The pay-off of continously updating your virus to cope with new protection mechanisms would be enormous. Lets assume that I employ 10 programmers 2 years from now, that writes new action routines and develop new virus types... I bet I could get a decent living quite soon. Also assume I settle down in a suitable country with lax enough laws, do you believe that I would be a criminal then? What is the legal status of virii, and what is this concept of "electronic money" anyway? :-) I promise, I wont do that. It's not a bet.