| Submit your comments on this article |
| Home Front: Economy |
| MasterCard security breached, > 40M cardholders at risk |
| 2005-06-18 |
| Posted by:trailing wife |
| #9 3DC, the reason why that doesn't happen is because merchants demand to be able to process through the internet. Restricting credit card transactions to a 'banknet' kills the entire internet economy. Even smaller storefronts now are buying credit card machines that instead of dialing into our secure host, instead use their store's internet connection to reach the host. Merchants also like to be able to see their transaction and deposit information online as well. So as long as the merchants demand this capability, those sorts of vulnerabilities are going to exist. |
| Posted by: Silentbrick 2005-06-18 21:35 |
| #8 As SB points out - most breaches are inside jobs. The "lost tapes" (tapes, lol!), FedEx was it?, a few weeks ago was the dumbest of the lot, so far: the data wasn't encrypted. That's just so phreaking easy and fundamental that heads should roll, without a doubt. There is no absolute fix for bad people on the inside of the security fences. It's too bad that commercial firms can't require job applicants for the potential "insider" jobs to sign a waiver allowing them to be summarily shot in the head if it is discovered they've imperiled the millions of people who depend upon them being honest. I wouldn't miss 'em. 3dc - Private / VPN / PPTP / etc "networks" are so easy to establish, with any level of encryption you desire, over the net that a separate net, a huge expense, seems unnecessary. I could be wrong, of course - I've never had a competent Tiger Team try to break into a 1024 (or higher) bit encrypted PPTP session by smurfing, spoofing, etc. |
| Posted by: .com 2005-06-18 21:34 |
| #7 One of these days Ima gonna complie a huge list of Maiden names Dogs names Eldest childs names Husbands name (weird ain't it) Moms first name Street Address |
| Posted by: Shipman 2005-06-18 21:18 |
| #6 Why are all these credit and bank computers connected to the internet? They can do a banking net... just don't connect anywhere to the internet. |
| Posted by: 3dc 2005-06-18 19:54 |
| #5 As someone that works in the credit card processing industry, let me point out that virtually every instance of this sort of thing involves someone working for the company helping them get the information. I don't care how good your security is, if someone's using inside information, it can be extremely hard to stop. |
| Posted by: Silentbrick 2005-06-18 16:17 |
| #4 "I know this will irritate..." ABG Kool Aid. |
| Posted by: .com 2005-06-18 11:47 |
| #3 "The steady stream of these disclosures shows the pressing need for regulation of the industry both in terms of limitation in the amount of personal information that companies collect and also liability when these kinds of disclosures occur," Sobel said. Spoken in true lawyer speak. That is what we need. More government rules. It is not like we already must kowtow just to abide by the Patriot Act in banking, this mook wants more rules. You can't even, under the PA rules take a check from a deadbeat business cusomer, haul it over to his bank and cash it. I know this will irritate more than a few in Rantburg, allowing me to vent my frustration when I talk to an 'IT' guy about maybe he ought to hedge his bets some in the areas of servers and no be so cocksure his brand new Win2003 server won't hose him at some point, and I will mention it only once in this thread, but gee, I wonder what kind of script it was. |
| Posted by: badanov 2005-06-18 08:14 |
| #2 I predict source of attack is either Indonesia, China or Russian mafia. Internet warfare, internet crime - it's the new century! |
| Posted by: anon1 2005-06-18 07:14 |
| #1 Sigh. This is like total duffers running The Masters. |
| Posted by: .com 2005-06-18 01:36 |