📅 Original date posted:2015-02-23
📝 Original message:Den 23 feb 2015 08:38 skrev "Andy Schroder" <info at andyschroder.com>:
>
> I agree that NFC is the best we have as far as a trust anchor that you
are paying the right person. The thing I am worried about is the privacy
loss that could happen if there is someone passively monitoring the
connection. So, in response to some of your comments below and also in
response to some of Eric Voskuil's comments in another recent e-mail:
>From the sources I can find NFC don't provide full privacy, but some
modulations are MITM resistant to varying degrees, some aren't at all, and
they are all susceptible to denial of service via jammers.
If the merchant system monitors the signal strength and similar metrics, a
MITM that alters data (or attempts to) should be detectable, allowing it to
shut down the connection.
Using NFC for key exchange to establish an encrypted link should IMHO be
secure enough.
http://resources.infosecinstitute.com/near-field-communication-nfc-technology-vulnerabilities-and-principal-attack-schema/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150223/4bea3a57/attachment.html>;
Natanael [ARCHIVE] /
npub179…lpmjt
2023-06-07 15:31:02
in reply to nevent1q…yq6r
Author Public Key
npub1798ncudyucap9jzzujjsgufx8tdykm8auzfledjcs6f6wf4ekqvq8lpmjtPublished at
2023-06-07 15:31:02Event JSON
{
"id": "cb740bffa1458ea94c04a23ba6350b9aa0a4a8c402d9b8b3b4bc8c289d9977ec",
"pubkey": "f14f3c71a4e63a12c842e4a50471263ada4b6cfde093fcb6588693a726b9b018",
"created_at": 1686151862,
"kind": 1,
"tags": [
[
"e",
"dfefe04b212481eb3fe073238ab7d32774988526d8b8bf7f8fff0d7249ebe09f",
"",
"root"
],
[
"e",
"f1f07a8817460467833525a26fac74cb2989bc11b9cc7b5a3bb178fe70a05b36",
"",
"reply"
],
[
"p",
"1c7d4637a4686939cc8b4a759caace11bb63bafb75b73b6f57d7ba81f9bd6a6c"
]
],
"content": "📅 Original date posted:2015-02-23\n📝 Original message:Den 23 feb 2015 08:38 skrev \"Andy Schroder\" \u003cinfo at andyschroder.com\u003e:\n\u003e\n\u003e I agree that NFC is the best we have as far as a trust anchor that you\nare paying the right person. The thing I am worried about is the privacy\nloss that could happen if there is someone passively monitoring the\nconnection. So, in response to some of your comments below and also in\nresponse to some of Eric Voskuil's comments in another recent e-mail:\n\n\u003eFrom the sources I can find NFC don't provide full privacy, but some\nmodulations are MITM resistant to varying degrees, some aren't at all, and\nthey are all susceptible to denial of service via jammers.\n\nIf the merchant system monitors the signal strength and similar metrics, a\nMITM that alters data (or attempts to) should be detectable, allowing it to\nshut down the connection.\n\nUsing NFC for key exchange to establish an encrypted link should IMHO be\nsecure enough.\n\nhttp://resources.infosecinstitute.com/near-field-communication-nfc-technology-vulnerabilities-and-principal-attack-schema/\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150223/4bea3a57/attachment.html\u003e",
"sig": "ac8d6855dad85a841626e9358d4240d5f45a3e0f5046649df60d2dd6117672bc32f62980ff70eef35dd7d8d0749067a200469cc77071da1128cb816264a73ae2"
}