[MUD-Dev] strong encryption for authentication

Jon Lambert tychomud at ix.netcom.com
Sat Jul 14 01:19:54 New Zealand Standard Time 2001

J C Lawrence wrote:
> The next problem is that all of this analysis is resting on
> quicksand.  The client is in the hands of the enemy.  It not only
> can't be trusted, we can implicitly assume that it has not only
> been compromised by the player, but also by any other party with
> even a mild interest.
The server is also in the hands of the enemy.  Just take one of the
compelling reasons for security; to prevent credit card fraud.  I
don't know if this is common knowledge or not, but by far most
credit card fraud is perpetrated by employees of the vendor
receiving the card number!

--* Jon A. Lambert - TychoMUD        Email:jlsysinc at ix.netcom.com *--
--* Mud Server Developer's Page <http://tychomud.home.netcom.com> *--
--* If I had known it was harmless, I would have killed it myself.*--

MUD-Dev mailing list
MUD-Dev at kanga.nu

More information about the MUD-Dev mailing list