Anne & Lynn Wheeler wrote:
1)
Intuit warns of credit card risk
http://news.com.com/Intuit+warns+of+credit+card+risk/2100-1029_3-5269821.html
One could postulate that the need to notify customers, as pushed by California's legislature, is an example of a good state intervention.
Securing those credit cards will now carry with it the cost of carrying out all that notification kerfuffle, and other incidental liabilities. This cost should easily outweigh the cost of simple disk encryption systems.
2)
Cyberattacks are soaring, countermeasures are sucking up tons of cash, and hardware and software vendors for the most part are sitting it out, *Bob Evans* says. But big customers are starting to say enough is enough, so the business-technology world is about to get whirled.
http://www.informationweek.com/story/showArticle.jhtml;jsessionid=WK0LPHXYB4YSUQSNDBGCKHY?articleID=22104612
Bob Evans is obviously trying to introduce people gently to the gathering storm. Is he a softie? Or are his editors nervous?
He missed the big one: class action suits. The big firms are mulling over this phishing thing, and they don't quite smell the blood yet, but they feel it should be there.
If I was (insert choice list of 4 companies), I'd be having very rapid contingency meetings on this. But I'm not so I don't care. Will Kamishlian raised the spectre in this fine contextual history essay:
http://www.financialcryptography.com/mt/archives/000174.html
...................
i've been saying for some time that after market security is broken by design ... it is somewhat like after market seat belts of the 60s. for security to work, it has to be designed & built in from the start ....
I think you are too kind. Something that wasn't designed except as a placebo for worried execs can't really be broken.
some relatively recent comments about after market security:
http://www.garlic.com/~lynn/2002h.html#39 Oh, here's an interesting paper
http://www.garlic.com/~lynn/2002p.html#27 Secure you PC or get kicked off the net?
http://www.garlic.com/~lynn/2003n.html#14 Poor people's OS?
iang
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
