[fc-discuss] Financial Cryptography Update: Definitions, competition-by-regulation, and Justice-by-Press-Release
iang@iang.org
iang@iang.org
Mon, 27 Jun 2005 11:32:51 +0100 (BST)
Financial Cryptography Update: Definitions, competition-by-regulation, and Justice-by-Press-Release
June 27, 2005
------------------------------------------------------------------------
https://www.financialcryptography.com/mt/archives/000509.html
------------------------------------------------------------------------
I had a go at upgrading the Wikipedia definition of Financial
Cryptography. Anyone can edit it and improve on it, and I left you
plenty of room for that!
http://en.wikipedia.org/wiki/Financial_cryptography
I also added an article on Token Money as I saw it. Curiously, it may
be a definition that only exists in the FC world! The Money entry in
Wikipedia saw it differently, referring to tokens as those that had no
intrinsic value (by which it meant gold). Any economists in the house
to rule on this? And on the chart 1/3 way down here:
http://www.dailyreckoning.com/RudeAwake/Articles/RA061705.html
SL points me to Simpay, a pan-european mobile phone payments system
that has decided not to roll out everything ... in what appears to be a
response to the overbearing regulation by the EU. Donald at linkdump
has a few choice words on how the regulators now get to clean up the
mess they made:
http://www.simpay.com/
"Mobile operators make money by exploiting their own quick-and-dirty
payment mechanisms and (inter)national roaming agreements for the
interoperable use of these instruments. With Simpay they found out what
it would cost to build and operate a system that really accounts for
all transactions. Also, they may have started to discuss interchange
fees for Simpay, the applicable Regulation 2560 as well as the future
legal framework for payments in the European Market."
"The conclusion could then well have been that they are far better of
with the current grey-area, less-visible payment arrangements than with
a formal payment processor that has no business case to work on. The
benefit: more income from payments business while maintaining less
visibility and transparance."
Well, of course. The regulations were put in place to protect the
banks from competition, and the competitors' mission is to avoid the
regulations. Society cheers you on!
The Economist weighs in on the data crisis in the USA. Not much to say
other than they've picked up a series of soundbites from b-school profs
who all think the board should pay more attention. With opinions like
that it's no wonder the data gets lose. But it gets worse:
http://www.economist.com/business/displayStory.cfm?story_id=4112390
"The FTC decided to settle with BJ's Wholesale Club, a retailer whose
lax data-protection practices the agency said constituted an
“unfair practice that violated federal law.” The firm
collected too much data, kept it too long, did not encrypt it, lacked
password protections and left its wireless network open. This, in turn,
enabled criminals to produce counterfeit credit and debit cards using
stolen customer data and rack up millions of dollars in fraudulent
charges. The firm has agreed to fix these problems and undergo
information-security audits for 20 years."
So the FTC is getting tough, but what's with the "information-security
audits for 20 years" nonsense? On to KPMG. Confirming the judicial
flavour of issuing justice only at arbitrary times and places, the
discussion surrounding the pending and alleged KPMG indictment is
centering around whether we really need to stick another barb in the
already wounded animal known today as the Big Four Accounting Firms:
http://www.reuters.com/financeNewsArticle.jhtml?type=businessNews&story
ID=8816416
Some accounting experts said that, while an indictment could surely
ground KPMG, it would not bode well for the accounting industry. Dozens
of top notch corporations had to scramble around the world to find a
new auditor after Arthur Andersen was brought down by an indictment
over its role in the accounting fraud committed at energy trader Enron
Corp.
"There does not seem to be any appetite for reducing the number of
audit firms any more. It is already difficult enough for a large
corporate entity to retain the size and sophistication of auditors. (An
indictment) will be intolerable," said Mark Cheffers, head of auditor
research firm Audit Analytics.
What ever happened to compassion and the right to a speedy trial? If
the audit is dying, put it out of its misery! The public has little
faith in audits, so what's the point?
And over in gambling territory, the poker players are calling the US
Department of Justice's bluff. The now legendary 5 billion pounds IPO
of just one of the online poker companies has drawn out the DoJ in a
its approach to gambling - tell everyone that gambling is illegal, but
don't actually litigate so aggressively just in case they are wrong.
http://www.reuters.com/newsarticle.jhtml?type=technologynews&storyid=88
41483
One has to applaud the poker players in this. If justice is to be done
by press release not law, then what happens when various officials
decide to misinterpret the law for their own purposes? I saw a perfect
of example over at the Wikipedia definition of money where it said that
Western economies ban the private issuance of money. That's not
actually the case, and it is explicitly not the case to my knowledge in
USA, Europe (the eMoney directive), New Zealand, Australia and one
supposes any country that has ever trialled a smart card money.
Luckily, it looks like someone else saw it and corrected the flaky text
in a couple of days. Pretty snappy those Wikipedia folks!
Tao reports on the direness of the CISSP certification, a common test
you can take to become a security professional.
http://taosecurity.blogspot.com/2005/06/isc2-conducting-cissp-exam-surv
ey-last.html
http://taosecurity.blogspot.com/2005/05/report-from-cissp-exam-no-i-did
-not.html
So my question is: is a CISSP a neutral signal? And if not is it
negative or positive?
--
Powered by Movable Type
Version 2.64
http://www.movabletype.org/