Excerpts from mail: 30-Jan-96 Re: CONTEST: Name That Pro.. David Mazieres@amsterdam (1274)
You are a liar.
And you have terrible manners.
Your program does not undermine all known schemes for transmitting software-encrypted credit cards on the internet. You have no way of obtaining my credit card number, because I will not run your software.
Guess what? I don't care whether or not I can get onto your machine, because I undermine the overall scheme statistically. That's because if I were a criminal, I would be perfectly sanguine about the fact that the average consumer doesn't have a clue how to protect himself from untrusted programs such as this. In fact, I'd settle for getting onto 10% of the machines, although I suspect I could get onto more like 80% without raising a sweat. Yes, David, your personal credit card is safe, because you're a cypherpunk wizard. For that matter, mine is safe too. But Grandma's isn't.
Furthermore, because I use a Unix-like operating system (specifically OpenBSD) which I re-build from source code every week or so, you would need to hack my compiler to keep mis-compiling itself and compromise my kernel or netstat, ps, etc, for which you would need to be root.
Case closed. Your argument would hold a lot more weight if you could convince me that the average Internet consumer was going to rebuild his UNIX kernel every few weeks. Internet commerce is targeting the masses of people for whom "cut and paste" is still a technical term.
The first virtual protocol seems to have some real weeknesses. However, I do not feel like wading through all the pages of text to figure out what is going on. I challenge you to post a concise description of the protocol, using syntax such as:
A -> B: {ID, xxx, ...}_Ks
With short descriptions where necessary. If you do, I'm sure we can rip your protocol to shreds (which is why you won't).
This is one of the most outrageous statements I can imagine. Our protocols have been published, both in summary and in excruciating detail, for over a year. They've been scrutinized by all sorts of people in the financial industry, most of whom immediately turned around and asked if we were looking for investors. Just because you're too lazy to read them (or probably even to go to our web site to look at them), you assume that you can rip them to shreds. I'm very impressed. Here's an equally meaningful counterclaim: "I've never met you in person and have no idea what you look like, but I'm sure that I'm better looking than you are." (And for the record, because our security isn't based on mathematical/cryptographic assurances, but rather on systemic checks and balances, mathematical notation is pretty darned useless.) But anyway, there's no need for you to stop being lazy in order to "rip them to shreds". We are happy to tell you (in http://www.fv.com/pubdocs/fv-austin.txt) EXACTLY how to break our security, and why the kind of attack to which we are vulnerable doesn't matter nearly as much as the vulnerability we've exposed in the software encryption of credit cards. What we're trying to do, with our most recent announcements, is hold the competing systems to the same standard of full-disclosure-of-risks that we've held ourselves to all along. - - Nathaniel -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com