Secret Key protection (was Re: PKI creed)

[John R T Brazier]

Carl Ellison/Brian Gladman said:

> If we plot such security measures versus time and look at the trend, we
> don't see computers becoming more secure over time -- they become less
> secure.  What market force will change that (especially since the market
> (the consumer) hates security(*) and wants nothing to get in the way
between
> him and his dancing pigs)?

I can only agree with you. In my view e-commerce will grow in spite of the
difficulties and my hope (maybe an unrealistic one) is that as fraud grows
with it, the 'group' carrying the cost of this fraud will push for improved
security.



Could I possibly suggest (with some evidence if you wish me to give it)
that, in fact, no-one really gives a toss about credit card fraud? We live
in a society where governments appropriate 40%+ of GNP to spend on their own
requirements (some useful to society, many not). Given the relatively high
efficiency of Western businesses in generating wealth, credit card fraud -
even if it is 40% on the Internet - is absorbable as long as the growth in
business is fast enough. To give a simple parallel, the attrition of British
slave ships was around 50%, yet the growth in the trade bankrolled the
British Empire.

Therefore, a lot of the wittering about security is actually misplaced: the
movement of large volumes of money is more important than insuring it all
gets to the right place.

Could my detractors please form an orderly queue ...

All the best,

John B