sic transit blix
http://www.newsday.com/news/nationworld/world/ny-woblix123329266jun12,0,3668966.story?coll=ny-worldnews-headlines June 12, 2003 London - Chief United Nations weapons inspector Hans Blix, in an interview published yesterday, accused U.S. officials of mounting a smear campaign against him. SNIP But toward the end, the [Bush] administration leaned on us. SNIP and more of the same here: http://www.newsday.com/news/nationworld/world/ny-woblix12q3329323jun12,0,2015635.story?coll=ny-worldnews-headlines Not that any of this is in any way unexpected. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net
Re: An attack on paypal -- secure UI for browsers
It's simple. It solves the problem that Microsoft Salesmen have. In order to sell shit, you have to make it look like gold. Cee Eee Ohs have heard it said that Microsoft software is insecure crap. Now the Microsoft Salesmen can do fancy demos with pretty colors and slick Operators Are standing By, Act Now, *New*, Don't Delay, Improved, Secure, Bells Whistles and Coolness demos and sign the suckers up. Just like the wonderful ads that peppered NYC when Ex-Pee came out saying Reliable, and Secure. --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Tue, 10 Jun 2003, Nomen Nescio wrote: I don't see how this is going to work. The concept seems to assume that there is a distinction between trusted and untrusted programs. But in the NGSCB architecture, Nexus Computing Agents (NCAs) can be written by anyone. If you've loaded a Trojan application onto your machine, it can create an NCA, which would presumably be eligible to put up a trusted window. So either you have to configure a different list of doggie names for every NCA (one for your banking program, one for Media Player, one for each online game you play, etc.), or else each NCA gets access to your Secret Master List of Doggie Names. The first possibility is unmanageable and the second means that the trustedness of the window is meaningless. So what good is this? What problem does it solve?
Re: Maybe It's Snake Oil All the Way Down
Depends on how it gets passed from the web servers to that computer. If it's encrypted with a public key on the web server that only the database has the private half, you're safe from someone sniffing that proprietary one-way interface. However, if somone's already broken into the web server, they can collect the cc:'s before they get sent to the secure db. So if you're an old Amazon customer and don't change your CC BEFORE someone hacks into their web server, you're safe. It's certainly better than storing all CC's on the web server. Now if those CC's are in raw text on the DB end, Amazon is up shit's creek if someone walks away with a db dump, backup tape, or whatever. I don't claim to know what they're using, but long, long time ago, in another galaxy, I used to work with a product from OpenMarket that worked similarly, but they held all credit cards encrypted in the DB making it much harder. (Of course if you have the key it's as good as cleartext, but it was at least another layer of protection.) Ultimately they'll need either a cybercash interface or some interface to a bank to charge your card. If the bad guy intercepts at that level or gets unencrypted access to the DB, or you change your CC while the web server is compromised, you are in for some interesting CC statements. However, this is in a lot of ways MORE secure than handing that waiter or store clerk your CC. Remember that nice yellow slip has your signature, CC number and expiration date on it. Very useful for an attacker. Infact, they likely had physical access to the CC and have that extra 3 digit # on the back too. Some stores even ask for your driver's license to prove that you are you, which at least in NY has your date of birth and address as well. Even more useful to the evildoer. If they can also get your SSN on top of that, you're at their mercy. Think about any credit application type transactions these days, buying (some) cell phones, or car, or signing up for satelite TV requires these. I feel safer with Amazon's use of my CC than the above, don't you? --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Tue, 3 Jun 2003, Jeroen van Gelderen wrote: To provide you with an additional layer of security, all credit card numbers provided to Amazon.com are stored on a computer that is not connected to the Internet. After you type or call it in, your complete credit card number is transferred to this secure machine across a proprietary one-way interface. This computer is not accessible by network or modem, and the number is not stored anywhere else. Now I'm not sure how they get to use the number during the billing process but hey... :) I don't know if I'd feel much better if Amazon didn't have my CC on file. The danger of a disgruntled sysadmin snarfing the numbers while they pass trough the system for one time use during a single billing cycle seems to real for me.
Re: The Streisand imagecriminal lives 2-3 parcels away from me
That's all nice and good, but why should it be on cypherpunks? Where's the relevance to this list? Why is Ken, or his addres or helipad an interest to the cypherpunks? Why is PGE's monopolistic's actions against him relevant to the topics of this list? What's next? The Cypherpunk Equirer? IMHO, neither he, nor the Streisand creature have any relevance here - there perhaps was some relevance in terms of that lawsuit the bitch started, but, who gives a shit who your neighbors are? Should I start spamming this list with details about my neighbors? --Kaos-Keraunos-Kybernetos--- + ^ + :25Kliters anthrax, 38K liters botulinum toxin, 500 tons of /|\ \|/ :sarin, mustard and VX gas, mobile bio-weapons labs, nukular /\|/\ --*--:weapons.. Reasons for war on Iraq - GWB 2003-01-28 speech. \/|\/ /|\ :Found to date: 0. Cost of war: $800,000,000,000 USD.\|/ + v + : The look on Sadam's face - priceless! [EMAIL PROTECTED] http://www.sunder.net On Sun, 1 Jun 2003, Tim May wrote: Ken Adelman, the retired gazillionaire who has gained new fame as a photographer of the California coastline, lives a couple of parcels from me, perhaps half a kilometer.