Interesting thought. I listened to the following report on Visa' new Checkout system on my home from work yesterday and it seems in line with your suggestion. Online retailers get a one-time token for each transaction from Visa's system which makes storage of card data unnecessary at the retailer. I think that is comparable to how a Paypal transaction would look like, but I am not sure how the same level of comfort (1-click buy) that we have today with credit card storage can be reached with this type of system.
http://wnpr.org/post/visa-makes-big-move-boost-consumer-spending-online - Wolfgang On Thu, Jul 17, 2014 at 6:51 AM, Dave Aitel <[email protected]> wrote: > I got a bunch of replies that said this: > """ > Dave, enjoyed reading your rant, but I don't understand your punchline on > securing data --"but in fact, just to make it less valuable" - how do you do > make data less valuable? > """ > > So to bring us back to how you do this, let 's take a quick look at credit > cards and Target, which are the best example of an "If you collect it, > hackers will come" information security strategy. What Target really wants > is not Chip and Pin (or worse, Chip and Sign), but a transactional system > that is only good ONE TIME and to ONE PERSON. What they want is something > where I say "On this day please pay Target 11.50 USD" and then > cryptographically sign it. This is actually not that hard to do in the age > of smart phones and Google wallet. > > If you steal a bunch of those signed blobs, NOBODY CARES. They are useful > only to Target and only for that one day. I guess you could datamine them > and find out I bought a toothbrush that rotates because I'm a sucker for > such things, but that's it. We don't as a society have to fund a giant team > of FBI and SS agents to hunt down teenagers in Eastern Europe (those > headlines where we crow about arresting some teenager are embarrassing to > everyone involved). > > In RSA's case you have to wonder why they have the key material for their > SecureID tokens in a DB of any kind at all? Just delete that stuff as you > create it. Instead of collecting data, how about NOT collecting data? > Wysopal likes to go on about "security technical debt", which is essentially > when you are building a system and you don't consider security and later you > have assess, retrofit, or junk the entire system (this is the credit card > system from A to Z in a nutshell). Honestly, this is something M&A people > really should take into consideration a lot earlier in their valuation > process. > > But there is also a technical debt associated with collecting any kind of > large database of information. This is counter-intuitive because having lots > of information is a very valuable thing for a corporation or Government > agency! But it is also a huge liability, and so building these databases > should be undertaken with caution. If you haven't asked "How can I make this > database valueless to anyone but me?" then you have already failed at > information security and you are left to worry about IT security instead. > > -dave > > > > > On 7/16/2014 4:29 PM, Dave Aitel wrote: > > Like many of you, I went to the theater with a child much too young and > re-watched new and more awesome 3D-Jurrassic Park until they cried loudly > enough to annoy the other theater-goers and wanted to leave. Because in 3D, > those big dinosaur things are scary. And also that dude gets eaten while on > the toilet. > > And, honestly, looking at a lot of the security problems my friends are > dealing with on the defensive side makes me re-iterate that I'd rather be > eaten, while on the toilet if necessary, by a large reptile than ever try to > convince someone that "cloud security" was possible. How are you going to do > anything securely in the cloud, when the core problem of performance > isolation is basically just a lot of hands waving over a lot of CPU's in the > basic architecture of perfidy that Seymore Cray would have cried to have > even dreamed about. > > I know you all feel the same way about sitting through any presentations on > Internet Scale Performance - except all your IO is going over a cleartext > leased line through both China and Russia before coming back to you, on > machines whose hypervisors are all corrupted by malware that "can't possibly > exist". > > And, of course, what my friends often want to know about is "the root > cause". You can probably see the former-Saudi-contruction-project-managers > that make up a lot of Al Quada's command structure thinking the same thing. > "Maybe if we just stop using cell phones so much we'll stop getting eating > by the giant beasts that are hunting us?" And you can see Target's new team > using that same tone of voice except in a much nicer cave somewhere in > suburbia. "Hey, if we switch to whitelisting our point of sales systems, > will that prevent hackers from stealing all the credit cards that people > still use to buy their kids giant book bags that can double as Go Karts?" > > And the answer, is of course, that if you put lots of sugar in a bowl, flies > will find a way to eat it. Life will find a way! It's the Jurassic Park > rule, and it applies equally to credit card numbers, RSA token key > information and State Department cables. The way to secure your data is not > to add layers of encryption and whitelisting, but in fact, just to make it > less valuable. You can see Archer saying "This is why we get Ants" right > here, and it's not a coincidence that INNUENDO's logo is a big ant head. > > -dave > > > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > > > > _______________________________________________ > Dailydave mailing list > [email protected] > https://lists.immunityinc.com/mailman/listinfo/dailydave > _______________________________________________ Dailydave mailing list [email protected] https://lists.immunityinc.com/mailman/listinfo/dailydave
