Excellent questions, Dan. I'll sum up one particularly-easy
answer to number three in a single URL:
http://www.apple.com/switch/
My PowerBook is not perfect, but I regularly run anti-virus
and don't click where I shouldn't, and I've been very happy
with it. A cheaper option is a used iBook,
-BEGIN PGP SIGNED MESSAGE-
secure computing is kind of a way-of-life. there is no silver bullet that will
save the day - unless you are willing to give up the use of a computer ;)
here are some guidelines that may help you:
a) don't open email attachments
b) only enter sensitive
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Oct 07, 2002 at 10:08:22AM -0400, Jay W. wrote:
secure computing is kind of a way-of-life. there is no silver bullet that will
save the day - unless you are willing to give up the use of a computer ;)
here are some guidelines that may
Hi All,
patches are at http://www.microsoft.com/technet
Does anyone have the actual link to the patch? When I look for it @M$ I get
a headache...
Thank you,
Ed
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
Use
Hi Bryan,
I really appreciate this, although I do not presently use MS Outlook. I
have updated my PGP information page http://ao.com.au/pgp.htm to include
this hotfix, although I still have not updated the instructions for version
7.03, nor for the problem I know people have had implementing
Ken Griffith said:
2. Use ANTIVIRUS software to protect against trojans. The only problem is
that AV doesn't detect NEW trojans (or DIRT). And there are now worm kits
available on the net that allow any idiot to slap together a new trojan in
no time. This means a smart hacker who identifies
On 6 Jun 2001, at 13:06, [EMAIL PROTECTED] wrote:
regarding attacks that are only theoretical, i offer 2 grams to the
first person that contacts me with the name of the security related
organization that used the phrase making the theoretical practical
since 1992
L0pht Heavy Industries
If
In fact, the only REAL long term solution is to go completely over to
digital-bearer-instruments (digital cash) instead of book-entry
systems, but until then, here's how to protect your account:
How so? These instruments are like a leather wallet in your back
pocket. They can be stolen. You
The main difference with DBI's is that they are encrypted to your public key
whether you store them on your hard drive or on the net.
But they are still unlocked with your passphrase though, right? PGP,
Hushmail, Mark Twain Digicash, Digigold all require(d) a passphrase to
access the account,
If you don't have a secure computer, it doesn't matter how many layers of
external protection exist, your items of value with be taken from you.
Some famous quotes that come to mind...
One by P.T. Barnum, and the other by Ben Franklin
A fool and his money are soon parted. - P.T. Barnum
No
]
To: e-gold Discussion [EMAIL PROTECTED]
Sent: Wednesday, June 13, 2001 5:24 PM
Subject: [e-gold-list] Re: Security measures and DIRT
The main difference with DBI's is that they are encrypted to your public
key
whether you store them on your hard drive or on the net.
But they are still
i can't stand the dearth of replies!
see:
http://store.gemplus.com
select software solutions, possibly you could try the
Kit, GemSAFE Enterprise Workstation 2.21 Standard Cryptography Serial
Port Reader
though i haven't messed with that particular item.
what you fill find is that there are a
On 6 Jun 2001, at 8:30, Ken Griffith wrote:
Gold Money now allows security certificates that are installed in the
users browser to authenticate transactions.
My question is: how easy is it for someone who can gain access to the
users computer (either physically or through a trojan) to COPY
My question is: how easy is it for someone who can gain access to the
users computer (either physically or through a trojan) to COPY a
security certificate and install it on another browser? Does anyone
know?
Therefore, the likelyhood of a trojan being
able to steal the cert from the
My question is: how easy is it for someone who can gain access to the users
computer (either physically or through a trojan) to COPY a security
certificate and install it on another browser? Does anyone know?
i don't believe there are any scriptkiddie type tools out there
to do it - but in
Does anyone have any experience with commercially available smart cards for
storing private keys or certificates? What are the options?
Ken
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
At 12:20 AM -0400 on 5/25/01, CCS wrote:
this was not exactly true. The cryptocraphic protocols of digital
bearer instruments certainly make them more secure but there still
is vulnerability due to the need for communication with a central
clearing mechanism.
Actually, the double spend
R. A. Hettinga wrote:
At 12:20 AM -0400 on 5/25/01, CCS wrote:
this was not exactly true. The cryptocraphic protocols of digital
bearer instruments certainly make them more secure but there still
is vulnerability due to the need for communication with a central
clearing mechanism.
At 9:22 PM -0400 on 5/23/01, Craig Spencer wrote:
Unfortunately, this is not quite accurate. All digital bearer
instrument
schemes require a central clearing mechanism to prevent double
spending. This
amounts to an account based system.
Fortunately, :-), it doesn't. I've gone over this
Mondex presented that model a few years back. (It may still be on
www.mondex.com ?)I am still waiting for it, but it will take a major
corporation like that to get the computer manufacturers to do it.
Regards,
Ian Green
-Original Message-
SNIP
The catch is the card readers. If PC
Hettinga wrote:
At 9:22 PM -0400 on 5/23/01, Craig Spencer wrote:
Unfortunately, this is not quite accurate. All digital bearer
instrument schemes require a central clearing mechanism to
prevent double spending. This amounts to an account based system.
Fortunately, :-), it
On Wed, May 23, 2001 at 07:58:20PM -0400, [EMAIL PROTECTED] wrote:
Understandably, from a marketing perspective, the easier the system is to
use, the more people will use it. However, e-gold and others will have
difficulty attracting serious commercial customers until they provide a
truly
[EMAIL PROTECTED] wrote:
The technology is out there, but so far there hasn't been much
implementation of it. I wonder why?
Julian's law of security: nobody but spooks will pay for security that
calls them an idiot.
(Where pays is either in terms of money or of fuss-and-bother.)
---
You
Julian's law of security: nobody but spooks will pay for security that
calls them an idiot.
Good software makes the security virtually invisible. People don't mind
carrying cards around in their wallets. They already do. If someone
produced software and smartcards that were EASY to use it
Presently e-gold is
about equal to credit cards in terms of security, and somewhat better in
terms of non-repudiability. However, as Costa Gold and other examples have
shown, even e-gold isn't really non-repudiable. If they think a transaction
is fraudulent they will freeze it, so it isn't
The other long term solution is to completely abandon account based systems
and switch to digital bearer instruments or digital cash. These can be
stored on the users hard drive in an encrypted form, or stored on a smart
card, or stored on a zip disk, offline where hackers can't reach them.
[EMAIL PROTECTED] wrote:
Julian's law of security: nobody but spooks will pay for security that
calls them an idiot.
Good software makes the security virtually invisible. People don't mind
carrying cards around in their wallets. They already do. If someone
produced software and
For both types (smart cards):
- cost and hassle of getting cards
- hassle of guarding cards from pickpockets and burglars
- hassle of making sure you always have your card when and where you need
it
- hassle involved when you inevitably lose your card
This is arrayed against a plain
Unfortunately, this is not quite accurate. All digital bearer instrument
schemes require a central clearing mechanism to prevent double spending.
This
amounts to an account based system. Such systems can be PKI based and so
are more secure than e-gold. But they, also, can be spoofed and
[EMAIL PROTECTED] wrote:
Julian, for the average consumer there is no doubt you are correct. For a
business or bank moving thousands or millions of dollars, the risk of loss
is definitely worth the hassle of getting the smart card.
Of course. (And this is actually consistent with my law -
Julian, for the average consumer there is no doubt you are correct. For a
business or bank moving thousands or millions of dollars, the risk of loss
is definitely worth the hassle of getting the smart card.
So the logic here is that the average consumer is too stupid, unwilling to
learn,
31 matches
Mail list logo
