>Now, lets say you don't tell the customer with known bad >software to go away, because you value their business. Are you now >culpable in some way? After all, you *knew* that client was >comprimised...
As far as I know, banks assume that a certain percentage of their transactions will be bad and build that cost into their business model. Credit and ATM cards and numbers are as far from secure as could be, far less secure than somebody doing online transactions from a Wintel machine on an unencrypted connection, let alone an encrypted one. Until somebody takes full advantage of the current system and steals a few trillion dollars in one day, the problems are easier to deal with than a solution. Until that happens, there's no reason for banks to go through the pain of dealing with or requiring Pd. -Jon Simon --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]