[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Re: bounce

To: "Sheflug" <sheflug [at] vuw.ac.nz>
Subject: Re: [Sheflug] Re: bounce
From: "Stephen J. Turnbull" <nospam [at] sk.tsukuba.ac.jp>
Date: Wed, 10 Jan 2001 12:52:13 +0900
List-help: <http://www.sheflug.co.uk>
List-owner: <mailto:sheflug-admins [at] vuw.ac.nz>
List-post: <mailto:sheflug [at] vuw.ac.nz>
List-subscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=subscribe>
List-unsubscribe: <mailto:sheflug-request [at] vuw.ac.nz?Subject=unsubscribe>
Reply-to: "Sheflug" <sheflug [at] vuw.ac.nz>
Sender: sheflug-bounce [at] vuw.ac.nz

>>>>> "Will" == Will Newton <will [at] misconception.org.uk> writes:

    >> Huh?  Just because you are foolish enough to think it's
    >> somebody else's responsibility to safeguard your details when
    >> you post them on a broadcast medium doesn't mean the banks are
    >> obliged to buy in.

    Will> And why is it any more likely that a malicious hacker with
    Will> the skills to catch the (usually encrypted) packets in
    Will> flight than it is that the guy at your local restaurant is
    Will> swiping cards twice (the standard way to take numbers)? 
    Will> Statistically? No.

Number of hackers vs number of waiters is not the right statistic.
Remember, that one hacker is everywhere on the Internet
simultaneously---with automatic tools.

    Will> Remember, if your machine is hacked or the other end's
    Will> machine that's hardly anything to do with "broadcast media"
    Will> is it?

It has everything to do with it from the bank's point of view; the
cracker most likely got in through exactly that broadcast medium.  It's
much safer than physical entry, and can be automated.  Maybe even with
help from the government or ISPs, as Richard would have it.

If you want to trip me up on the technical details, go right ahead.  I
don't have time to be that careful.

The point is that "internet" is a red button with banks for a wide
variety of _correct_ reasons.  It puts them at risk an ways they can't
quantify well, unlike the (now well-known) statistical probability of
double-ticketing.

Just because I get the precise classification of one reason or t'other
wrong doesn't mean the bank is any safer.  In fact, the ease of
getting the classification wrong means that even us self-appointed
experts don't really think correctly yet.  The bank is right to be
_generally_ paranoid because they're even less competent than we are.

-- 
University of Tsukuba                Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
Institute of Policy and Planning Sciences       Tel/fax: +81 (298) 53-5091
_________________  _________________  _________________  _________________
What are those straight lines for?  "XEmacs rules."
---------------------------------------------------------------------
Sheffield Linux User's Group - http://www.sheflug.co.uk
To unsubscribe from this list send mail to
- <sheflug-request [at] vuw.ac.nz> - with the word 
 "unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.

Follow-Ups:
- Re: [Sheflug] Re: bounce
  - From: Will Newton <will [at] misconception.org.uk>

References:
- Re: [Sheflug] Re: bounce
  - From: "Stephen J. Turnbull" <turnbull [at] sk.tsukuba.ac.jp>
- Re: [Sheflug] Re: bounce
  - From: Will Newton <will [at] misconception.org.uk>

Prev by Date: Re: [Sheflug] Re: bounce
Next by Date: Re: [Sheflug] Re: bounce
Prev by thread: Re: [Sheflug] Re: bounce
Next by thread: Re: [Sheflug] Re: bounce
Index(es):
- Date
- Thread