On Tue, Sep 17, 2002 at 01:07:43PM -0700, [EMAIL PROTECTED] wrote: | >Now, lets say you don't tell the customer with known bad | >software to go away, because you value their business. Are you now | >culpable in some way? After all, you *knew* that client was | >comprimised... | | As far as I know, banks assume that a certain percentage of their | transactions will be bad and build that cost into their business | model. Credit and ATM cards and numbers are as far from secure as | could be, far less secure than somebody doing online transactions | from a Wintel machine on an unencrypted connection, let alone an | encrypted one. Until somebody takes full advantage of the current | system and steals a few trillion dollars in one day, the problems are | easier to deal with than a solution. Until that happens, there's no | reason for banks to go through the pain of dealing with or requiring | Pd.
And after that happens, and the Fed declares a roll-back of a day, there still won't be a reason. Here's a fun thought experiment: How much money could you steal and launder before you cause a catastophic melt-down of the financial privacy system, a la the way civil liberties have been set aside in the wake of 9/11? Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]