Ralf-P. Weinmann wrote: This is *NOT* the interesting part. The interesting part is the payload it is to deliver. The claim This enables the software to spy on the user and remain hidden to the operating system. rather interests me. How do they achieve this in an OS-agnostic fashion? They
At 10:58 PM -0500 10/14/03, Bruce Schneier wrote: The Future of Surveillance At a gas station in Coquitlam, British Columbia, two employees installed a camera in the ceiling in front of an ATM machine. They recorded thousands of people as they typed in their PIN numbers.
Jerrold Leichter [EMAIL PROTECTED] writes: There was also an effort in England that produced a verified chip. Quite impressive, actually - but I don't know if anyone actually wanted the chip they (designed and) verified. The Viper. Because it needed to be formally verifiable, they had to leave
On Mon, Oct 13, 2003 at 10:27:45PM -0400, Ian Grigg wrote: The situation is so ludicrously unbalanced, that if one really wanted to be serious about this issue, instead of dismissing certs out of hand (which would be the engineering approach c.f., SSH), one would run ADH across the net and
Jon Snader wrote: On Mon, Oct 13, 2003 at 06:49:30PM -0400, Ian Grigg wrote: Yet others say to be sure we are talking to the merchant. Sorry, that's not a good answer either because in my email box today there are about 10 different attacks on the secure sites that I care about. And
Hopefully everyone realizes this, but just for the record, I didn't write the lines apparently attributed to me below -- I was quoting Bruce Schneier. By the way, I strongly agree with David Honig's point that the wrong entities are doing the signing. Regards, Bryce O'Whielacronx David