The problem is, fundamentally, that "security" in most companies is under "risk management". That is the risk to THEIR BUSINESS, not to your finances.
Until companies, and their officers personally (since chapter 11, aka the socializing of risk but the personalizing of reward: heads I win, tails you lose; is a business strategy these days) are held liable, either by statute or precedent, for all losses due to their insecurity (meaning your actual financial losses, time and distress, when your identity gets stolen, bank account looted, or cc abused), they will only engage in perfunctory, and mostly useless, "check the box" security. > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Rich Kulawiec > Sent: Monday, March 08, 2010 3:01 PM > To: [email protected] > Subject: Re: [funsec] Bank security > > Recent similar experience: was given a pair of running shorts as a > gift. > They didn't fit. Took them back to $BIGOUTDOORSTORE along with a > printout of the receipt from their online store. Did not ask for > cash refund. Did not ask for refund on the card that was used for > the purchase. Asked for a store credit so that I could just buy > something else, maybe shorts, maybe a shirt. > > They demanded a driver's license. I asked why. They said "because > the online store isn't really us". I said that the online store > operates > on their web site with their name and bills credit cards with their > name > and ships with their name on the box so this is hardly my problem is > it? > Then they said "for your protection". I said that I don't need the > kind > of protection that invades my privacy. Then they said "for our > protection" > and I pointed (a) that if my goal here was to defraud them of $32 that > I > was doing a damn poor job of it *since I was handing them the original > merchandise with their tags still on it* and (b) that if I was going to > trouble myself to defraud them, that I wouldn't bother for anything > less > than seven or eight figures. > > And so on. > > ---Rsk > > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
