URG_ent

John Young jya at pipeline.com
Mon Nov 4 06:26:59 PST 1996 

 11-02-96.

 "Transaction Records Urged for Smart Cards"

    Electronic money systems must generate transaction records 
    to help law enforcement agencies track money launderers, a 
    senior Justice Department official said last week. "In a 
    paper environment ... we can get bank records, we can get
    credit card records. Our goal is only to preserve this ability."


 "Internet insecurity "

    Jeff Schiller: The Web has a lot of potential vulnerabilities.
    There's plenty I know about that I don't want to talk about. 
    People who know about the vulnerabilities are reluctant to talk 
    about them because if we disclose what we know to the public, 
    the bad guys will take advantage. And if we address them with 
    the vendor community, they don't do anything about them. 
    There's a lot of hooey out there. Never trust the advice of 
    someone selling you a product, especially if the sales pitch 
    is, "My product makes your problem go away."


 "RSA offers kit for secure credit-card transactions"

    RSA Data Security, Inc. will announce today a tool kit for 
    developing secure applications that support credit-card 
    transactions on the Internet called S/Pay in support of
    SET.


 "Medcom introduces a "Super Cafe" data encryption product"

    Medcom's latest data encryption product, the Secure Socket 
    Relay (SSR), features strong encryption with full key length 
    (56-bits DES). A demo version can be downloaded at
    http://www.medcom.se/.


 "On Technology's Security White Paper" 

    "Taking The Threat Out Of Network Security," will stimulate 
    the industry into discussing some of the issues of security 
    that face the Internet industry and its users. Copies of 
    the paper are available on request from On Technology. The 
    company's Web site is at http://www.ontech.co.uk .

-----

 http://jya.com/urgent.txt  (21 kb)

 URG_ent

----------

In another story on gov-spooked insecurity:

 NEC announced that it successfully demonstrated country-to-
 country virtual private networking (VPN). During the tests, 
 privacy and security was maintained between the two sites by 
 deploying DES and triple-DES encryption. Since DES 
 encryption technology cannot be exported from the United 
 States, a Japanese version of DES, developed outside the 
 U.S., was used.

More information about the cypherpunks-legacy mailing list