Archived posting to the Leica Users Group, 2000/12/19

[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]

Subject: [Leica] Re: what would you do ?
From: Byron Rakitzis <leica@rakitzis.com>
Date: Tue, 19 Dec 2000 00:47:27 -0800

Brian Reid writes:

>My profession is internet engineer. I've designed, built, and operated
>internet email systems for a long time.
[...]

Just to play devil's advocate, since it seems like Brian wants to talk
about this:

Brian, what is being discussed here is the likelihood of a credit card
number being recovered by tapping, which is a lot different than wholesale
reconstruction of email messages --- this is a 16 digit number, possibly
with spaces delimiting groups of 4 digits. So it is no more than 19
characters long. Given that the MTUs in use are likely to be much larger
than this, surely the probality of intercepting a single packet with an
intact credit card number embedded in it, as opposed to a number fragment,
is quite high. (My probability theory is rusty, but it must be something
like (MTU-19)/MTU. For an MTU of 1500 that's about 98% probability.)

This being said, I don't worry unduly about sending my credit card number
in the clear precisely because of the protections afforded by the card
companies themselves.

There is a great Dilbert cartoon strip where as Dilbert pays for a meal
in a restaurant he asserts to his date that he NEVER gives his number
over the internet. The waitress returns with his card, wearing a mink
coat, and says "will that be all, sir?"

Byron.