Jean-Luc Cooke • about 14 years ago
Searching for MC partner (exploring security)
We didn't make it into the first 500 who applied. Our interests are in evaluating the security of MintChip.
We're looking for someone with a MintChip kit to work with in exploring the security of the system.
Please contact at: jlcooke@certainkey.com
Best of luck to all!
Comments are closed.
9 comments
Milan Ilnyckyj • about 14 years ago
Please let me know if you are able to do some security analysis on the MintChip. I am very curious about how good the security and privacy protections are.
Gary Reuter • about 14 years ago
No thanks, I don't want to jeopardize my participation.
From the rules:
6. In addition, any individuals, teams, Organizations or Large Organizations with the intention of reverse engineering the SDK, the MintChips and/or the Remote MintChips are expressly excluded from Competition. The Sponsor and the Administrator reserve the right to exclude such individuals, teams, Organizations or Large Organizations at their sole discretion and at any time, whether the risk of reverse engineering is real or perceived.
Milan Ilnyckyj • about 14 years ago
This will just make things worse when blackhat crackers tear the system apart.
Intelligent scrutiny from non-governmental third parties is an essential way of evaluating the security of the MintChip system. Also, ordinary users shouldn't trust the system to be safe and secure just because the people who designed it say so.
Chris Deadlock • about 14 years ago
It seems this is only a research and development project, I get the feeling the goal is not to actually launch this product, but instead create some buzz and application "ideas" that would actually entice the Mint that it is worth implementing at all.
Then hopefully they would see its worth, and go through a more scrutinous security setup before launching real applications.
That is my total guess.
Jean-Luc Cooke • about 14 years ago
I suspect there is a risk the MintChip scheme is critically flawed and much of the effort in this project would be wasted if the user experience, storage, and API assumptions are fundamentally changed.
Perhaps someone from the RCMint would feel better in sending me a MintChip package so not to put other contestants at risk? ;)
Milan Ilnyckyj • about 14 years ago
At the very least, the security of the MintChip system should be evaluated by a credible and independent laboratory.
R Warner • about 14 years ago
Watching this. It will only help MintChip to allow people to try cracking it. Making a rule against it does nothing to keep the blackhats away.
Xitij Patel • about 14 years ago
Security explorations are indeed necessary prior to a full launch. However, this isn't a full launch, so we understand the RCM's hesitation in exploring the security concerns.
That said, security is a primary concern in any currency transaction, and it is important to think of it from the start. We should definitely keep this discussion open, but understand that we still need to adhere to the rules of *this* challenge. Our ideas can be considered going forward.
Jean-Luc Cooke • about 14 years ago
A proper public security review should take at least 1 year and held in the same open and discussion based manner as this contest.
Please ssk the mint to keep that in mind There is a lot of money to be made if even a small flaw Is found.