Anne & Lynn Wheeler wrote:

1)
Intuit warns of credit card risk
http://news.com.com/Intuit+warns+of+credit+card+risk/2100-1029_3-5269821.html

One could postulate that the need to notify customers, as pushed by California's legislature, is an example of a good state intervention.

Securing those credit cards will now carry
with it the cost of carrying out all that
notification kerfuffle, and other incidental
liabilities.  This cost should easily outweigh
the cost of simple disk encryption systems.

2)
Cyberattacks are soaring, countermeasures are sucking up tons of cash, and hardware and software vendors for the most part are sitting it out, *Bob Evans* says. But big customers are starting to say enough is enough, so the business-technology world is about to get whirled.
http://www.informationweek.com/story/showArticle.jhtml;jsessionid=WK0LPHXYB4YSUQSNDBGCKHY?articleID=22104612

Bob Evans is obviously trying to introduce people gently to the gathering storm. Is he a softie? Or are his editors nervous?

He missed the big one:  class action suits.
The big firms are mulling over this phishing
thing, and they don't quite smell the blood
yet, but they feel it should be there.

If I was (insert choice list of 4 companies),
I'd be having very rapid contingency meetings
on this.  But I'm not so I don't care.  Will
Kamishlian raised the spectre in this fine
contextual history essay:

http://www.financialcryptography.com/mt/archives/000174.html

...................

i've been saying for some time that after market security is broken by design ... it is somewhat like after market seat belts of the 60s. for security to work, it has to be designed & built in from the start ....


I think you are too kind.  Something that wasn't
designed except as a placebo for worried execs
can't really be broken.

some relatively recent comments about after market security:
http://www.garlic.com/~lynn/2002h.html#39 Oh, here's an interesting paper
http://www.garlic.com/~lynn/2002p.html#27 Secure you PC or get kicked off the net?
http://www.garlic.com/~lynn/2003n.html#14 Poor people's OS?

iang

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to