•   almost 12 years ago

Searching for MC partner (exploring security)

We didn't make it into the first 500 who applied. Our interests are in evaluating the security of MintChip.

We're looking for someone with a MintChip kit to work with in exploring the security of the system.

Please contact at: jlcooke@certainkey.com

Best of luck to all!

  • 9 comments

  •   •   almost 12 years ago

    Please let me know if you are able to do some security analysis on the MintChip. I am very curious about how good the security and privacy protections are.

  •   •   almost 12 years ago

    No thanks, I don't want to jeopardize my participation.

    From the rules:
    6. In addition, any individuals, teams, Organizations or Large Organizations with the intention of reverse engineering the SDK, the MintChips and/or the Remote MintChips are expressly excluded from Competition. The Sponsor and the Administrator reserve the right to exclude such individuals, teams, Organizations or Large Organizations at their sole discretion and at any time, whether the risk of reverse engineering is real or perceived.

  •   •   almost 12 years ago

    This will just make things worse when blackhat crackers tear the system apart.

    Intelligent scrutiny from non-governmental third parties is an essential way of evaluating the security of the MintChip system. Also, ordinary users shouldn't trust the system to be safe and secure just because the people who designed it say so.

  •   •   almost 12 years ago

    It seems this is only a research and development project, I get the feeling the goal is not to actually launch this product, but instead create some buzz and application "ideas" that would actually entice the Mint that it is worth implementing at all.

    Then hopefully they would see its worth, and go through a more scrutinous security setup before launching real applications.

    That is my total guess.

  •   •   almost 12 years ago

    I suspect there is a risk the MintChip scheme is critically flawed and much of the effort in this project would be wasted if the user experience, storage, and API assumptions are fundamentally changed.

    Perhaps someone from the RCMint would feel better in sending me a MintChip package so not to put other contestants at risk? ;)

  •   •   almost 12 years ago

    At the very least, the security of the MintChip system should be evaluated by a credible and independent laboratory.

  •   •   almost 12 years ago

    Watching this. It will only help MintChip to allow people to try cracking it. Making a rule against it does nothing to keep the blackhats away.

  •   •   almost 12 years ago

    Security explorations are indeed necessary prior to a full launch. However, this isn't a full launch, so we understand the RCM's hesitation in exploring the security concerns.

    That said, security is a primary concern in any currency transaction, and it is important to think of it from the start. We should definitely keep this discussion open, but understand that we still need to adhere to the rules of *this* challenge. Our ideas can be considered going forward.

  •   •   almost 12 years ago

    A proper public security review should take at least 1 year and held in the same open and discussion based manner as this contest.

    Please ssk the mint to keep that in mind There is a lot of money to be made if even a small flaw Is found.

Comments are closed.