Archived posting to the Leica Users Group, 2000/12/19
[Author Prev] [Author Next] [Thread Prev] [Thread Next] [Author Index] [Topic Index] [Home] [Search]Brian Reid writes: >My profession is internet engineer. I've designed, built, and operated >internet email systems for a long time. [...] Just to play devil's advocate, since it seems like Brian wants to talk about this: Brian, what is being discussed here is the likelihood of a credit card number being recovered by tapping, which is a lot different than wholesale reconstruction of email messages --- this is a 16 digit number, possibly with spaces delimiting groups of 4 digits. So it is no more than 19 characters long. Given that the MTUs in use are likely to be much larger than this, surely the probality of intercepting a single packet with an intact credit card number embedded in it, as opposed to a number fragment, is quite high. (My probability theory is rusty, but it must be something like (MTU-19)/MTU. For an MTU of 1500 that's about 98% probability.) This being said, I don't worry unduly about sending my credit card number in the clear precisely because of the protections afforded by the card companies themselves. There is a great Dilbert cartoon strip where as Dilbert pays for a meal in a restaurant he asserts to his date that he NEVER gives his number over the internet. The waitress returns with his card, wearing a mink coat, and says "will that be all, sir?" Byron.