1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <boydb@midnightdesign.ws>) id 1WmNmd-0008Dk-P4
for bitcoin-development@lists.sourceforge.net;
Mon, 19 May 2014 13:39:15 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of
midnightdesign.ws designates 50.87.144.70 as permitted sender)
client-ip=50.87.144.70; envelope-from=boydb@midnightdesign.ws;
helo=gator3054.hostgator.com;
Received: from gator3054.hostgator.com ([50.87.144.70])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.76) id 1WmNmc-0004d1-3G
for bitcoin-development@lists.sourceforge.net;
Mon, 19 May 2014 13:39:15 +0000
Received: from [209.85.215.45] (port=60577 helo=mail-la0-f45.google.com)
by gator3054.hostgator.com with esmtpsa (TLSv1:RC4-SHA:128)
(Exim 4.82) (envelope-from <boydb@midnightdesign.ws>)
id 1WmNH9-0007H7-IA for bitcoin-development@lists.sourceforge.net;
Mon, 19 May 2014 08:06:43 -0500
Received: by mail-la0-f45.google.com with SMTP id gl10so4088520lab.32
for <bitcoin-development@lists.sourceforge.net>;
Mon, 19 May 2014 06:06:40 -0700 (PDT)
X-Gm-Message-State: ALoCoQmAJ1GyRVDQyEx5AEINfCT2VRoMm1CcK6eTH/bpUwOweBhGzeXzbgJS/+nhpdp+0H86UHmE
MIME-Version: 1.0
X-Received: by 10.152.87.52 with SMTP id u20mr2307035laz.52.1400504800881;
Mon, 19 May 2014 06:06:40 -0700 (PDT)
Received: by 10.152.47.50 with HTTP; Mon, 19 May 2014 06:06:40 -0700 (PDT)
In-Reply-To: <CALDj+BaQ5sn9_=KAmNUUbmDva2g3mabm_wmcL_gibLyci5zFUQ@mail.gmail.com>
References: <BAY173-W1475F72C70BC089A82C20FCC300@phx.gbl>
<5377892C.8080402@gmail.com>
<CAAS2fgS-Ewj3T0-d=h7ET9dCz3+NPPYVOLDWd7T7oYY95x-sUA@mail.gmail.com>
<CALDj+Bbsb6JiLabTBx21k02dDvnmZZDCXmJ2mnh7DngBon202w@mail.gmail.com>
<lla87r$l7j$1@ger.gmane.org>
<CALDj+BaQ5sn9_=KAmNUUbmDva2g3mabm_wmcL_gibLyci5zFUQ@mail.gmail.com>
Date: Mon, 19 May 2014 08:06:40 -0500
Message-ID: <CANg-TZAFdmPBj_+U=jbhP_t9Gb-yZ-8LMtGzj+6ub=qWcLP0UQ@mail.gmail.com>
From: Brooks Boyd <boydb@midnightdesign.ws>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Content-Type: text/plain; charset=ISO-8859-1
X-AntiAbuse: This header was added to track abuse,
please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3054.hostgator.com
X-AntiAbuse: Original Domain - lists.sourceforge.net
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - midnightdesign.ws
X-BWhitelist: no
X-Source-IP: 209.85.215.45
X-Exim-ID: 1WmNH9-0007H7-IA
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (mail-la0-f45.google.com) [209.85.215.45]:60577
X-Source-Auth: midnight
X-Email-Count: 1
X-Source-Cap: bWlkbmlnaHQ7bWlkbmlnaHQ7Z2F0b3IzMDU0Lmhvc3RnYXRvci5jb20=
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_HELO_PASS SPF: HELO matches SPF record
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1WmNmc-0004d1-3G
Subject: Re: [Bitcoin-development] Paper Currency
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Mon, 19 May 2014 13:39:16 -0000
>> 2014-05-18 13:14 GMT+01:00 Andreas Schildbach <andreas@schildbach.de>:
>> One problem we couldn't figure out here though - how to protect the
>> notes from unauthorized redeem. Like if someone else tries to reach your
>> wallet with his own NFC - how can we distinguish between deliberate
>> redeem by owner and fraudulent redeem by anybody else with custom built
>> long range NFC antenna? Any ideas?
>>
>> I think you'd need multiple factors to protect against that attack. Like
>> encrypting with a key that is printed on the note as an QR code.
>
>On Sun, May 18, 2014 at 7:51 AM, Alex Kotenko <alexykot@gmail.com> wrote:
>
> Yes, but it must not sacrifice usability. It's paper money, people are used to it and they have rather high standard of expectations in this area. Any usbility sacrifices in this area result into failure of the whole thing.
>
> Best regards,
> Alex Kotenko
One thought I had reading through this exchange: I think the general
public is becoming more aware of the "hacker with a long range
antenna" sort of attack, since credit cards are getting microchips
that can be scanned. There's a few videos I've seen of white hat
hackers demonstrating how a suitcase-sized apparatus carried by
someone walking down the street can scan and make charges on cards in
people's pockets as the attacker brushes past. Hence RFID-blocking
sleeves/wallets are on the market, such that your smart credit card
can't make a purchase while its in your wallet. Is a RFID-blocking
wallet also NFC-blocking? Irregardless of whatever "future cash" you
choose to carry (be it credit card or bitcoin card/coin/cash), perhaps
its the wallet/purse that needs an upgrade, to ensure your money
doesn't spend itself while its in your pocket, but you can easily
remove it and spend it conveniently?
Brooks
|
