taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] e-postage redux


From: Jeff Burdges
Subject: Re: [Taler] e-postage redux
Date: Thu, 21 Apr 2016 08:24:55 +0200

It's true that anything that can spend money is already a target for
crime, but users are already a target for malware wishing to act as a
botnet, steal their credit card details, etc. 

At least Taler limits the damage to money in the wallet and likely
limits withdrawals.  

We could consider additional security like encrypting coins behind a
pass phrase until users actually need them. I suppose one could do this
by encryption only the coin's private key, so that withdrawal operations
continued asynchronously.  Refresh operations require access to both the
spent and the new coin's private key. 



On Wed, 2016-04-20 at 20:33 +0000, hellekin wrote:
> I remember a conversation where using GNU Taler as an anti-spam shield
> in the line of pay-to-whitelist.  At the time it seemed obvious:
> increase the price of sending email, and spam will stop.
> 
> But then I was recently pointed at http://www.taugh.com/epostage.pdf
> which is a decade-ago argument against all forms of e-postage.
> 
> Some of the arguments could be technically avoided, but there's at least
> one point that seriously made me doubt: how to handle Trojan horses,
> that abuse the current user to send email using their (probably
> white-listed) address.  A GNU Taler protection would certainly fail in
> this case, unless you can convince me that this paper is outdated, and
> you found a magic trick.


Attachment: signature.asc
Description: This is a digitally signed message part


reply via email to

[Prev in Thread] Current Thread [Next in Thread]