[cryptography] Nirvana

John Levine johnl at iecc.com
Fri Sep 23 14:06:27 EDT 2011


>> And further, you should have a client app on your computer for dealing with
>> shared secrets, which is only capable of attempting a visa payment with an
>> entity trusted by Visa.

I don't see how to do that in a useful way without non-programmable
hardware.  We've seen PC-based malware do pretty much any MITM attack
you can imagine.

R's,
John

PS: I was impressed by the malware that redrew images in which the
bank had put a text representation of the transaction to be approved.



More information about the cryptography mailing list