Hacking Digicash (was: Article on Digital Cash in "Worth")

Ian Goldberg iagoldbe at csclub.uwaterloo.ca
Mon Oct 23 17:02:50 PDT 1995 

In article <acade6614d0210045f23@[205.199.118.202]>,
Timothy C. May <tcmay at got.net> wrote:
>Not that the issues aren't real, just that a lot of folks
>want to be the "next Goldberg and Wagners," or that they want to add their
>two cents about how Netscape is blowing it.

What about us "current" Goldbergs and Wagners? :-)
>
>I stay out of this, but I certainly don't want to see Digicash given the
>same treatment. Their current product may not be all that some of us desire
>(in terms of anonymity, for example), but it sure does beat the
>alternatives in essential ways.
>
>I don't want to see Netscape so trashed that people turn to lesser-tested
>alternatives without good reason (Microsoft Network being one example), and
>I don't want to see Digicash so trashed that people turn to some product
>like Mondex.

We should be keeping in mind that the goal here is to end up, in one way
or another, with a _secure_ way of transacting on the net.  To that end,
it may be necessary to demonstrate that some current products don't
provide that way.  We certainly don't want people to be scared away
from using one insecure product, only to use another, especially
if the latter is less secure than the former.

At least Netscape published their protocols, if not their implementation.
Digicash, AFAIK, hasn't even done that much.  There is absolutely zero
reason for me to believe that their client is safe.
<SARCASM>For all I know, it could be an essential part of the protocol
to send a dump of my harddrive to Digicash every time I deposit money
into my account.</SARCASM>

I do intend to attempt a reverse-engineer of the ecash protocol,
assuming no one points me to an online copy (no, a paper copy obtained
via a NDA doesn't count).  Donations of a Sparc client binary
and/or access to a real ecash account will be gratefully accepted.

If the reverse-engineer ends up showing a protocol misfeature or
(more likely) a bad implementation (such as a buffer overflow),
I'm not going to keep quiet about it.  Netscape reacted quite
commendably to the finding of bugs in their software (quick admission
of the problem, and timely bugfix).  Hopefully, Digicash will
be as good about it.

Everything would be _so_ much easier to check, though, if these
people would stop this "security through obscurity" garbage and
publish their protocols, if not their source.

   - Ian "Mr. Worf, activate targetting scanners."

More information about the cypherpunks-legacy mailing list