-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mon, Oct 07, 2002 at 10:08:22AM -0400, Jay W. wrote:
> secure computing is kind of a way-of-life. there is no silver bullet that will
> save the day - unless you are willing to give up the use of a computer ;)
>
> here are some guidelines that m
-BEGIN PGP SIGNED MESSAGE-
secure computing is kind of a way-of-life. there is no silver bullet that will
save the day - unless you are willing to give up the use of a computer ;)
here are some guidelines that may help you:
a) don't open email attachments
b) only enter sensitive inform
Excellent questions, Dan. I'll sum up one particularly-easy
answer to number three in a single URL:
http://www.apple.com/switch/
My PowerBook is not perfect, but I regularly run anti-virus
and don't click where I shouldn't, and I've been very happy
with it. A cheaper option is a used iBook, yo
Hi All,
>
> patches are at http://www.microsoft.com/technet
>
Does anyone have the actual link to the patch? When I look for it @M$ I get
a headache...
Thank you,
Ed
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
Use e
Hi Bryan,
I really appreciate this, although I do not presently use MS Outlook. I
have updated my PGP information page http://ao.com.au/pgp.htm to include
this hotfix, although I still have not updated the instructions for version
7.03, nor for the problem I know people have had implementing P
-BEGIN PGP SIGNED MESSAGE-
hi gary -
yup, N consecutive incorrect passphrase entries on an
account gets it locked out for Y minutes.
N and Y have not changed for quite some time. possibly this
person was using an account on some other system?
jay w.
[EMAIL PROTECTED]
> Does e-gold
Ken Griffith said:
>2. Use ANTIVIRUS software to protect against trojans. The only problem is
>that AV doesn't detect NEW trojans (or DIRT). And there are now "worm kits"
>available on the net that allow any idiot to slap together a new trojan in
>no time. This means a smart hacker who identif
On 6 Jun 2001, at 13:06, [EMAIL PROTECTED] wrote:
> regarding attacks that are only theoretical, i offer 2 grams to the
> first person that contacts me with the name of the security related
> organization that used the phrase "making the theoretical practical
> since 1992"
L0pht Heavy Industries
uot;Viking Coder" <[EMAIL PROTECTED]>
To: "e-gold Discussion" <[EMAIL PROTECTED]>
Sent: Wednesday, June 13, 2001 5:24 PM
Subject: [e-gold-list] Re: Security measures and DIRT
> > The main difference with DBI's is that they are encrypted to your public
key
> >
> If you don't have a secure computer, it doesn't matter how many layers of
> external protection exist, your items of value with be taken from you.
Some famous quotes that come to mind...
One by P.T. Barnum, and the other by Ben Franklin
"A fool and his money are soon parted." - P.T. Barnum
No
> The main difference with DBI's is that they are encrypted to your public key
> whether you store them on your hard drive or on the net.
But they are still unlocked with your passphrase though, right? PGP,
Hushmail, Mark Twain Digicash, Digigold all require(d) a passphrase to
access the account,
The main difference with DBI's is that they are encrypted to your public key
whether you store them on your hard drive or on the net. So as long as you
keep your private key secure, your money is secure. There is no single
account number and password that gives the thief access to all of your
mo
> In fact, the only REAL long term solution is to go completely over to
> digital-bearer-instruments (digital cash) instead of book-entry
> systems, but until then, here's how to protect your account:
How so? These instruments are like a leather wallet in your back
pocket. They can be stolen. Y
i can't stand the dearth of replies!
see:
http://store.gemplus.com
select software solutions, possibly you could try the
"Kit, GemSAFE Enterprise Workstation 2.21 Standard Cryptography Serial
Port Reader"
though i haven't messed with that particular item.
what you fill find is that there are a
Does anyone have any experience with commercially available smart cards for
storing private keys or certificates? What are the options?
Ken
---
You are currently subscribed to e-gold-list as: archive@jab.org
To unsubscribe send a blank email to [EMAIL PROTECTED]
> My question is: how easy is it for someone who can gain access to the users
> computer (either physically or through a trojan) to COPY a security
> certificate and install it on another browser? Does anyone know?
i don't believe there are any scriptkiddie type tools out there
to do it - but in
>> My question is: how easy is it for someone who can gain access to the
>> users computer (either physically or through a trojan) to COPY a
>> security certificate and install it on another browser? Does anyone
>> know?
>
Therefore, the likelyhood of a trojan being
>able to steal the cert
On 6 Jun 2001, at 8:30, Ken Griffith wrote:
> Gold Money now allows security certificates that are installed in the
> users browser to authenticate transactions.
>
> My question is: how easy is it for someone who can gain access to the
> users computer (either physically or through a trojan) to
"R. A. Hettinga" wrote:
>
> At 12:20 AM -0400 on 5/25/01, CCS wrote:
>
> > this was not exactly true. The cryptocraphic protocols of digital
> > bearer instruments certainly make them more secure but there still
> > is vulnerability due to the need for communication with a central
> > clearing
At 12:20 AM -0400 on 5/25/01, CCS wrote:
> this was not exactly true. The cryptocraphic protocols of digital
> bearer instruments certainly make them more secure but there still
> is vulnerability due to the need for communication with a central
> clearing mechanism.
Actually, the double spend
Hettinga wrote:
> At 9:22 PM -0400 on 5/23/01, Craig Spencer wrote:
>
> > Unfortunately, this is not quite accurate. All "digital bearer
> > instrument" schemes require a central clearing mechanism to
> > prevent double spending. This amounts to an account based system.
>
> Fortunately, :-
Mondex presented that model a few years back. (It may still be on
www.mondex.com ?)I am still waiting for it, but it will take a major
corporation like that to get the computer manufacturers to do it.
Regards,
Ian Green
> -Original Message-
> The catch is the card readers. If PC and
At 9:22 PM -0400 on 5/23/01, Craig Spencer wrote:
> Unfortunately, this is not quite accurate. All "digital bearer
> instrument"
> schemes require a central clearing mechanism to prevent double
> spending. This
> amounts to an account based system.
Fortunately, :-), it doesn't. I've gone ove
> Julian, for the average consumer there is no doubt you are correct. For a
> business or bank moving thousands or millions of dollars, the risk of loss
> is definitely worth the hassle of getting the smart card.
So the logic here is that the average consumer is too stupid, unwilling to
learn, a
[EMAIL PROTECTED] wrote:
>
> Julian, for the average consumer there is no doubt you are correct. For a
> business or bank moving thousands or millions of dollars, the risk of loss
> is definitely worth the hassle of getting the smart card.
Of course. (And this is actually consistent with my "la
"Unfortunately, this is not quite accurate. All "digital bearer instrument"
schemes require a central clearing mechanism to prevent double spending.
This
amounts to an account based system. Such systems can be PKI based and so
are more secure than e-gold. But they, also, can be spoofed and ha
" For both types (smart cards):
- cost and hassle of getting cards
- hassle of guarding cards from pickpockets and burglars
- hassle of making sure you always have your card when and where you need
it
- hassle involved when you inevitably lose your card
This is arrayed against a plain passwor
[EMAIL PROTECTED] wrote:
>
> "Julian's law of security: nobody but spooks will pay for security that
> calls them an idiot."
>
> Good software makes the security virtually invisible. People don't mind
> carrying cards around in their wallets. They already do. If someone
> produced software an
> The other long term solution is to completely abandon account based systems
> and switch to digital bearer instruments or "digital cash". These can be
> stored on the users hard drive in an encrypted form, or stored on a smart
> card, or stored on a zip disk, offline where hackers can't reach
> Presently e-gold is
>about equal to credit cards in terms of security, and somewhat better in
>terms of non-repudiability. However, as Costa Gold and other examples have
>shown, even e-gold isn't really non-repudiable. If they think a transaction
>is fraudulent they will freeze it, so it isn'
"Julian's law of security: nobody but spooks will pay for security that
calls them an idiot."
Good software makes the security virtually invisible. People don't mind
carrying cards around in their wallets. They already do. If someone
produced software and smartcards that were EASY to use it wo
[EMAIL PROTECTED] wrote:
>
> The technology is out there, but so far there hasn't been much
> implementation of it. I wonder why?
Julian's law of security: nobody but spooks will pay for security that
calls them an idiot.
(Where "pays" is either in terms of money or of fuss-and-bother.)
---
Y
On Wed, May 23, 2001 at 07:58:20PM -0400, [EMAIL PROTECTED] wrote:
> Understandably, from a marketing perspective, the easier the system is to
> use, the more people will use it. However, e-gold and others will have
> difficulty attracting serious commercial customers until they provide a
> truly
33 matches
Mail list logo