On Fri, 2004-12-03 at 15:04 -0700, Kenneth Burgener wrote: > This reminds me of the time I was curious if the bank even checked signatures > on the checks. I signed 6 of them as "Mickey Mouse". They all cleared, > except for one. That was a $20 lesson (rejected check bank fee).
My home bank told my dad once that they rarely scrutinize checks under $1000. We asked because I used to purchase things on my dad's behalf with his checkbook and I just used my own signature. I think that if the returned checks come back and the my dad had noticed something out of order, the bank would then investigate and probably return the money. Hoewever since a) electronic communications are easy to forge and b) easy to secure, securing them seems like a no brainer. Certainly I would never send an e-mail to my lawyer or even critical financial instructions to my family members without signing and possibly encrypting them. Now currently, none of my family members have an easy way to verify signatures, but hopefully as Thunderbird's support gets really good, I can tell them how to verify the signatures. Michael (who isn't currently signing any e-mails... I'll repent in the new year). > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Von Fugal > Sent: Friday, December 03, 2004 10:10 AM > To: [EMAIL PROTECTED] > Subject: Re: [uug] Free Pizza At UUG Meeting > > > * Josh Coates [Fri, 3 Dec 2004 at 09:06 -0700] > <quote> > > a three year old can subvert any security based on sealing an envelope and > > an ink signature is *trivially* forged by *anybody* - no education required. > > http://news.bbc.co.uk/2/hi/technology/3552132.stm > > Still think an ink signature is *trivially* forged? Sure it is for the > casual inspector, but if you *really* want to know for sure, you *can* > tell if it was forged. Case in point, my mom once forged my dad's > signature (for convenience, my dad wasn't available) and the bank called > the bluff. And it wasn't even some large amount that would raise > suspicion. > > And incedentally, you make the point that the digital signature is > *more* secure than an ink one, and it's just as easy as, if not easier > than, scribbling your John Hancock on a piece of paper. What I mean when > I say more secure is that the validation can be completely automatic and > validate it to the level of the holographic paper inspection of an ink > signature without all that fancy equipment. Therefore, the casual > inspector can know for a surety that the sig is good. > > Unfortunately, in the event that the private key *is* compromised, the > forgery is %100. No subtle overlay patterns to detect there. Hence the > paranoia about where one's private key is stored, and also the key > revoking feature. > > I think your primary argument is that the benefits don't outway the > trouble of doing it. To that, I'd just like to say, "Did you ever > practice a signature?" If not, fine. But I would say that a PGP > signature is comparable. You go through a little effort to create the > keys, set up your mailer, then after that, it's completely automatic. > e.g. When I complete this email, I will press :xpsy<passphrase> YMMV > (Your Mailer May Vary), it's become a habit. There's no extra thought > involved. Just like signing a letter. > > Von Fugal > > > > -------------------- > BYU Unix Users Group > http://uug.byu.edu/ > > The opinions expressed in this message are the responsibility of their > author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. > ___________________________________________________________________ > List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list -- -------------------- BYU Unix Users Group http://uug.byu.edu/ The opinions expressed in this message are the responsibility of their author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG. ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
