Great stuff.
I have a comment about one thing. We were chatting about it last night at
Macao:

>If your OS is compromised, then you're already fucked.

There's a nuance here, right. In my opinion, however much I hate banks, I
think over the last few years they have got this right. 2FA is a solution
to the OS compromise issue, BUT it doesn't work if the second factor is on
the same machine, or in the cloud (yes, sure a google 2FA can be basically
effective but only because of the nightmarishly huge power such a
corporation can wield, and even then it's not 100%), or if it's network
enabled.

The only 2FA that really works is the completely "cold" separate device,
not even capable of talking to any other device. That's what most banks use
nowadays.

Maybe it's not a practical thought; who is going to make and distribute
such devices? A funny scenario might be to find a way to allow people to
use their HSBC or Barclays 2FA device on their dark wallet to help them buy
stuff on silk road :)



On Tue, Dec 10, 2013 at 8:58 AM, Amir Taaki <genjix@???> wrote:

> https://wiki.unsystem.net/index.php/DarkWallet/Intro
>
> sick of typing - will finish at later dates. basic bullets are there though
>
>
> _______________________________________________
> unSYSTEM mailing list: http://unsystem.net
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>
>