|
<<
^
>>
Date: 1998-11-16
E-Kommerz: Die Zukunft des Betrugs
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Es werde keine Zeit dazu bleiben, die Systeme abzusichern,
wenn der Ernstfall eingetreten sei, warnt Bruce Schneier,
unter anderem Autor des Standardwerks "Applied
Cryptography". Die Innovationszyklen der vernetzten Welt -
und damit auch die Zyklen neuer Methoden kybernetischer
Kriminalität - bewegten sich weit schneller, als zu den Zeiten
der Falschgeldproduktion auf Papier. Heutzutage sei es eben
möglich, eine Firma binnen Stunden zu ruinieren.
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
Electronic Commerce: The Future of Fraud
Bruce Schneier
Fraud has been perpetrated against every commerce system
man has ever invented, from gold coin to stock certificates to
paper checks to credit cards. Electronic commerce systems
will be no different; if that's where the money is, that's where
the crime will be. The threats are exactly the same.
Most fraud against existing electronic commerce systems --
ATM machines, electronic check systems, stored value
tokens -- has been low tech. No matter how bad the
cryptographic and computer security safeguards, most
criminals bypass them entirely and focus on procedural
problems, human oversight, and old-fashioned physical theft.
Why attack subtle information security systems when you
can just haul an ATM machine away in a truck?
This implies that new commerce systems don't have to be
secure, but just better than what exists. Don't outrun the
bear, just outrun the people you're with. Unfortunately, there
are three features of electronic commerce that are likely to
make fraud more devastating.
One, the ease of automation. The same automation that
makes electronic commerce systems more efficient than
paper systems also makes fraud more efficient. A particular
fraud that might have taken a criminal ten minutes to execute
on paper can be completed with a single keystroke, or
automatically while he sleeps. Low-value frauds, that fell
below the radar in paper systems, become dangerous in the
electronic world. No one cares if it is possible to counterfeit
nickels. However, if a criminal can mint electronic nickels,
he might make a million dollars in a week. A pickpocketing
technique that works once in ten thousand tries would starve
a criminal on the streets, but he might get thirty successes a
day on the net.
Two, the difficulty of isolating jurisdiction. The electronic
world is a world without geography. A criminal doesn't have
to be physically near a system he is defrauding; he can
attack Citibank in New York from St. Petersburg. He can
jurisdiction shop, and launch his attacks from countries with
poor criminal laws, inadequate police forces, and lax
extradition treaties.
And three, the speed of propagation. News travels fast on
the Internet. Counterfeiting paper money takes skill,
equipment, and organization. If one or two or even a hundred
people can do it, so what? It's a crime, but it won't affect the
money supply. But if someone figures out how to defraud an
electronic commerce system and posts a program on the
Internet, a thousand people could have it in an hour, a
hundred thousand in a week. This could easily bring down a
currency. And only the first attacker needs skill; everyone
else can just use software. "Click here to drop the deutsche
mark."
Cryptography has the potential to make electronic commerce
systems safer than paper systems, but not in the ways most
people think. Encryption and digital signatures are
important, but secure audit trails are even more important.
Systems based on long-term relationships, like credit cards
and checking accounts, are safer than anonymous systems
like cash. But identity theft is so easy that systems based
solely on identity are doomed.
Preventing crime in electronic commerce is important, but
more important is to be able to detect it. We don't prevent
crime in our society. We detect crime after the fact, gather
enough evidence to convince a neutral third party of the
criminal's guilt, and hope that the punishment provides a
back-channel of prevention. Electronic commerce systems
should have the same goals. They should be able to detect
that fraud has taken place and finger the guilty. And more
important, they should be able to provide irrefutable evidence
that can convict the guilty in court.
Perfect solutions are not required -- there are hundred of
millions of dollars lost to credit card fraud every year -- but
systems that can be broken completely are unacceptable.
It's vital that attacks cannot be automated and reproduced
without skill. Traditionally, fraud-prevention has been a game
of catch-up. A commerce system is introduced, a particular
type of fraud is discovered, and the system is patched.
Money is made harder to counterfeit. Online credit card
verification makes fraud harder. Checks are printed on
special paper that makes them harder to alter. These
patches reduce fraud for a while, until another attack is
discovered. And the cycle continues.
The electronic world moves too fast for this cycle. A serious
flaw in an electronic commerce system could bankrupt a
company in days. Today's systems must anticipate future
attacks. Any successful electronic commerce system is
likely to remain in use for ten years or more. It must be able
to withstand the future: smarter attackers, more
computational power, and greater incentives to subvert a
widespread system. There won't be time to upgrade them in
the field.
Why Cryptography is Harder Than it Looks:
http://www.counterpane.com/whycrypto.html
Security Pitfalls in Cryptography:
http://www.counterpane.com/pitfalls.html
-.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
edited by
published on: 1998-11-16
comments to office@quintessenz.at
subscribe Newsletter
- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.- -.-. --.-
<<
^
>>
|
|
|
|