On Mar 26, 2006, at 22:07, Joseph Ashwood wrote:

----- Original Message ----- From: "J. Bruce Fields" <[EMAIL PROTECTED]>
Subject: Re: Creativity and security

On Fri, Mar 24, 2006 at 06:47:07PM -0000, Dave Korn wrote:
IOW, unless we're talking about a corrupt employee with a photographic
memory and telescopic eyes,

Tiny cameras are pretty cheap these days, aren't they?  The employee
would be taking more of a risk at that point though, I guess.

The one I find scarier is the US restaurant method of handling cards. For those of you unfamiliar with it, I hand my card to the waiter/waitress, the card disappears behind a wall for a couple of minutes, and my receipt comes back for to sign along with my card. Just to see if anyone would notice I actually did this experiment with a (trusted) friend that works at a small upscale restaurant. I ate, she took my card in the back, without hiding anything or saying what she was doing she took out her cellphone, snapped a picture, then processes everything as usual. The transaction did not take noticably longer than usual, the picture was very clear, in short, if I hadn't known she was doing this back there I would never have known. Even at a high end restaurant where there are more employees than clients no one paid enough attention in the back to notice this. If it wasn't a trusted friend doing this I would've been very worried.

Heh, that's marvelous.

I touched briefly on the awfulness of restaurant payment protocols in my
2004 paper from the Cambridge Protocols Workshop, which you may enjoy:

   M. Blaze. "Toward a broader view of security protocols."
   12th Cambridge International Workshop on Security Protocols.
   Cambridge, UK. April 2004.



The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to