snake-oil voting?

1999-09-23 Thread Ed Gerck
List: Did any of you see this http://www.votehere.net/content/Products.asp#InternetVotingSystems that proposes to authenticate the voter by asking for his/her/its SSN#? And, by the contents of ... an email msg sent to him/her/it? Besides confusing authentication with identification, VoteHere a

Re: having source code for your CPU chip -- NOT

1999-09-23 Thread Martin Minow
At 9:26 AM -0700 9/22/99, Bill Frantz wrote: > >My own approach would be to audit the generated code. In KeyKOS/370, we >"solved" the problem by using an assembler which was written before KeyKOS >was designed. (N.B. KeyKOS/370 was written in 370 Assembler H). > Yeah, but 370 Assembler H had a

Re: having source code for your CPU chip -- NOT

1999-09-23 Thread Steven M. Bellovin
In message , Martin Minow writes: > > Yeah, but 370 Assembler H had a very extensive macro facility and > you could hide all kinds of wierd stuff in 370 code. Not too many > folk left around who can read it. And those of us who once could no longer rememb

Re: having source code for your CPU chip -- NOT

1999-09-23 Thread Arnold Reinhold
At 9:02 AM -0400 9/23/99, Steven M. Bellovin wrote: >In message , Martin Minow writes: > > > > > Yeah, but 370 Assembler H had a very extensive macro facility and > > you could hide all kinds of wierd stuff in 370 code. Not too many > > folk left around who

Re: having source code for your CPU chip -- NOT

1999-09-23 Thread Bill Frantz
At 10:26 PM -0700 9/22/99, Martin Minow wrote: >At 9:26 AM -0700 9/22/99, Bill Frantz wrote: >> >>My own approach would be to audit the generated code. In KeyKOS/370, we >>"solved" the problem by using an assembler which was written before KeyKOS >>was designed. (N.B. KeyKOS/370 was written in 3

Re: having source code for your CPU chip -- NOT

1999-09-23 Thread Martin Minow
"Steven M. Bellovin" wrote: "Steven M. Bellovin" <[EMAIL PROTECTED]> wrote: > > In message , Martin Minow writes: > > > > > Yeah, but 370 Assembler H had a very extensive macro facility and > > you could hide all kinds of wierd stuff in 370 code. Not too

Re: having source code for your CPU chip -- NOT

1999-09-23 Thread Eli Brandt
Arnold Reinhold wrote: > Perry, if you really believe that the question of whether a given > lump of object code contains a Thompson Trap is formally undecidable > I'd be interested in seeing a proof. Otherwise Herr Goedel has > nothing to do with this. That sure smells undecidable to me. Any

Re: Ecash without a mint, or - making anonymous payments practical

1999-09-23 Thread Anonymous
Amir Herzberg says, > Anonymous says, > > > It is still worth considering how to create anonymous payment systems > > which could be more compatible with other elements of present day society. > > I think we can do this, indeed, we can achieve an even stronger goal: > a payment mechanism that will

Re: snake-oil voting?

1999-09-23 Thread James Robertson
At 15:20 23/09/1999 , Ed Gerck wrote: >List: > >Did any of you see this >http://www.votehere.net/content/Products.asp#InternetVotingSystems > >that proposes to authenticate the voter by asking for his/her/its SSN#? >And, by the >contents of ... an email msg sent to him/her/it? What about the pr

Re: floppy drive SCRs (was IP: Smart Cards with Chips encouraged)

1999-09-23 Thread Rachel Willmer
> I predict the floppy smart card reader will be a dumb flop. Here's why: Here's another one. These things are driven from watch batteries, rather than from the computer's mains power. There is at least one digital cash smartcard which draws sufficient power that the battery life just isn't up

Re: Why smartcards? (was IP: Smart Cards with Chips encouraged)

1999-09-23 Thread Rachel Willmer
Arnold Reinhold wrote: > And what is the value proposition for the consumer? SSL works swell. This is true iff : (1) the consumer is an adult who has a credit card (2) the consumer is content that the transaction is traceable through their credit card statement (3) the consumer is happy to

Re: snake-oil voting?

1999-09-23 Thread Anonymous
>Did any of you see this >http://www.votehere.net/content/Products.asp#InternetVotingSystems > >that proposes to authenticate the voter by asking for his/her/its SSN#? It looked like the idea for this part was to prevent double voting, plus make sure that only authorized people could vote. It w

Thesis Announcement: "Rethinking public key infrastructures and digital certificates --- building in privacy"

1999-09-23 Thread Stefan Brands
A N N O U N C E M E N T Thesis title: "Rethinking public key infrastructures and digital certificates --- building in privacy" (ISBN 90-901-3059-4, 304 pages, September 1999) Author: Stefan Brands Thesis defense date and location: October