[Previous] [Next] [Index]
[Thread]
Re: Java and trojans: any last words before Netscape 2.0 is out?
At 12:43 PM 9/20/95, Chuck McManis wrote:
> Dave wrote:
> ... it would be easier to root through garbage and collect receipts.
> Plus the rooter would get a sample of the signature.
>
> This argument is specious. The difference is that if you live in the
> San Francisco Bay Area _maybe_ you can find my home address and _maybe_
> you can find a credit card receipt in it. If I'm using the Internet to
> buy things with my credit card you can literally be anywhere in the
> world and find it. Further, if the attack is simply to steal any
> credit card numbers that is one thing, but if you wanted to steal
> Bill Gates' credit card number you probably couldn't get anywhere
> near his garbage can, but you can see his packets on the Internet.
What a peculiar argument. Are you suggesting that the biggest risk is from
people who want to get you personally but who don't know where you live?
Somehow I think the more likely situation is that they merely want to get
anybody's credit card number. (i.e., the situation that you dismiss so
quickly.) In fact, I would suspect that the successful credit card
criminal doesn't use any one credit card number for very long. After all,
you can't keep using Bill Gates' credit cards forever, but if you instead
make one charge on each card number you dig up in the dumpster near a large
apartment complex; you can probably keep doing this for quite a while
before you're caught.
And as someone else pointed out; merchant fraud is fairly common as well.
I suspect that fairly soon credit card transactions on the internet will be
*more* secure than any other way that you use your card.
Chris
Chris Garrigues cwg@DeepEddy.Com
Deep Eddy Internet Consulting +1 512 432 4046
609 Deep Eddy Avenue
Austin, TX 78703-4513 USA http://www.DeepEddy.Com/~cwg/