Howard Brazee wrote:
Decades before, people kept printed copies of programs they wrote.
Sometimes they even used them in job interviews.
Is that significantly different?
potentially by several orders of magnitude ... also might completely change the possible fraud "return-on-investment" equation.
something that might have 1percent fraud ... if it changed by two orders of
magnitude ... it could go to nearly all fraud ... possibly resulting in
collapse of the infrastructure
recent posts in this thread:
http://www.garlic.com/~lynn/2007c.html#1 Decoding the encryption puzzle
http://www.garlic.com/~lynn/2007c.html#9 Decoding the encryption puzzle
the whole data breach, security breach that has been in the news for the past year
or two ... is that the attacker's cost for an electronic breach and to translate
than electronic information directly into fraud can be a couple orders of magnitude
per account ... than saying physical operation of holdup at gunpoint to obtain
somebody's wallet. If you take the time&effort of a physical holdup for a
couple of credit cards .... the cost to the attacker (per account) can be easily
several orders of magnitude larger compared to the cost to the attacker (per
account) for an electronic breach involving a couple million accounts records.
and of course, reference to old security proportional to risk post
http://www.garlic.com/~lynn/2001h.html#61
lots of past posts involving some kind of fraud, threat, vulnerability,
exploit, etc
http://www.garlic.com/~lynn/subintegrity.html#fraud
and loads of past posts specifically mentioning data breaches and/or security
breaches
http://www.garlic.com/~lynn/aadsmail.htm#mfraud AADS, X9.59, security, flaws,
privacy
http://www.garlic.com/~lynn/aepay3.htm#riskm The Thread Between Risk Management
and Information Security
http://www.garlic.com/~lynn/aepay7.htm#nonrep3 non-repudiation, was Re: crypto
flaw in secure mail standards
http://www.garlic.com/~lynn/aepay7.htm#nonrep5 non-repudiation, was Re: crypto
flaw in secure mail standards
http://www.garlic.com/~lynn/aepay7.htm#nonrep6 non-repudiation, was Re: crypto
flaw in secure mail standards
http://www.garlic.com/~lynn/ansiepay.htm#breach Security breach raises
questions about Internet shopping
http://www.garlic.com/~lynn/ansiepay.htm#theory Security breach raises
questions about Internet shopping
http://www.garlic.com/~lynn/aadsm5.htm#shock2 revised Shocking Truth about
Digital Signatures
http://www.garlic.com/~lynn/aadsm6.htm#terror4 [FYI] Did Encryption Empower
These Terrorists?
http://www.garlic.com/~lynn/aepay12.htm#5 Law aims to reduce identity theft
http://www.garlic.com/~lynn/aadsm11.htm#47 maximize best case, worst case, or
average case? (TCPA)
http://www.garlic.com/~lynn/aadsm17.htm#32 visa cards violated, BofA reissuing
after hack attack
http://www.garlic.com/~lynn/aadsm18.htm#35 Credit card leaks continue at a
furious pace
http://www.garlic.com/~lynn/aadsm18.htm#49 one more time now, Leading Cause of
Data Security breaches Are Due to Insiders, Not Outsiders
http://www.garlic.com/~lynn/aadsm19.htm#21 Citibank discloses private
information to improve security
http://www.garlic.com/~lynn/aadsm19.htm#28 "SSL stops credit card sniffing" is
a correlation/causality myth
http://www.garlic.com/~lynn/aadsm19.htm#45 payment system fraud, etc
http://www.garlic.com/~lynn/aadsm19.htm#47 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#1 Keeping an eye on ATM fraud
http://www.garlic.com/~lynn/aadsm20.htm#2 US consumers want companies fined for
security breaches
http://www.garlic.com/~lynn/aadsm20.htm#9 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#12 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#17 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#18 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#41 Another entry in the internet
security hall of shame
http://www.garlic.com/~lynn/aadsm21.htm#18 'Virtual Card' Offers Online
Security Blanket
http://www.garlic.com/~lynn/aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure
Email Technologies
http://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 -
Phishing
http://www.garlic.com/~lynn/aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 -
Phishing
http://www.garlic.com/~lynn/aadsm22.htm#21 FraudWatch - Chip&Pin, a new tenner
(USD10)
http://www.garlic.com/~lynn/aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner
(USD10)
http://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner
(USD10)
http://www.garlic.com/~lynn/aadsm22.htm#26 FraudWatch - Chip&Pin, a new tenner
(USD10)
http://www.garlic.com/~lynn/aadsm22.htm#33 Meccano Trojans coming to a desktop
near you
http://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
http://www.garlic.com/~lynn/aadsm23.htm#0 Separation of Roles - an example
http://www.garlic.com/~lynn/aadsm23.htm#9 PGP "master keys"
http://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by
"repairworkers"?
http://www.garlic.com/~lynn/aadsm23.htm#54 Status of SRP
http://www.garlic.com/~lynn/aadsm24.htm#7 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#10 Naked Payments IV - let's all go
naked
http://www.garlic.com/~lynn/aadsm24.htm#30 DDA cards may address the UK
Chip&Pin woes
http://www.garlic.com/~lynn/aadsm24.htm#38 Interesting bit of a quote
http://www.garlic.com/~lynn/aadsm24.htm#47 More Brittle Security -- Agriculture
http://www.garlic.com/~lynn/aadsm24.htm#48 more on FBI plans new Net-tapping
push
http://www.garlic.com/~lynn/aadsm24.htm#52 Crypto to defend chip IP: snake oil
or good idea?
http://www.garlic.com/~lynn/aadsm25.htm#13 Sarbanes-Oxley is what you get when
you don't do FC
http://www.garlic.com/~lynn/aadsm25.htm#20 Identity v. anonymity -- that is not
the question
http://www.garlic.com/~lynn/aadsm25.htm#21 Identity v. anonymity -- that is not
the question
http://www.garlic.com/~lynn/aadsm25.htm#24 DDA cards may address the UK
Chip&Pin woes
http://www.garlic.com/~lynn/aadsm25.htm#26 Fraudwatch - how much a Brit costs,
how to be a 419-er, Sarbanes-Oxley rises as fraud rises, the real Piracy
http://www.garlic.com/~lynn/aadsm25.htm#41 Why security training is really
important (and it ain't anything to do with security!)
http://www.garlic.com/~lynn/aadsm26.htm#4 Citibank e-mail looks phishy
http://www.garlic.com/~lynn/aadsm26.htm#5 ATMs hacked using MP3 player
http://www.garlic.com/~lynn/aadsm26.htm#6 Citibank e-mail looks phishy
http://www.garlic.com/~lynn/aadsm26.htm#7 Citibank e-mail looks phishy
http://www.garlic.com/~lynn/aadsm26.htm#11 What is the point of encrypting
information that is publicly visible?
http://www.garlic.com/~lynn/2001d.html#58 Very CISC Instuctions (Was: why the
machine word size ...)
http://www.garlic.com/~lynn/2001f.html#31 Remove the name from credit cards!
http://www.garlic.com/~lynn/2001j.html#9 E-commerce security????
http://www.garlic.com/~lynn/2001k.html#43 Why is UNIX semi-immune to viral
infection?
http://www.garlic.com/~lynn/2001l.html#10 E-commerce security????
http://www.garlic.com/~lynn/2001n.html#30 FreeBSD more secure than Linux
http://www.garlic.com/~lynn/2001n.html#71 Q: Buffer overflow
http://www.garlic.com/~lynn/2002.html#39 Buffer overflow
http://www.garlic.com/~lynn/2002d.html#16 Mainframers: Take back the light
(spotlight, that is)
http://www.garlic.com/~lynn/2002f.html#10 Least folklorish period in computing
(was Re: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002f.html#23 Computers in Science Fiction
http://www.garlic.com/~lynn/2002h.html#50 crossreferenced program code listings
http://www.garlic.com/~lynn/2002l.html#20 Backdoor in AES ?
http://www.garlic.com/~lynn/2002m.html#36 (OT) acceptance of technology, was:
Convenient and secure
http://www.garlic.com/~lynn/2003n.html#23 Are there any authentication
algorithms with runtime changeable key length?
http://www.garlic.com/~lynn/2005b.html#12 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005b.html#45 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005b.html#50 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005j.html#19 Performance and Capacity Planning
http://www.garlic.com/~lynn/2005l.html#24 The Worth of Verisign's Brand
http://www.garlic.com/~lynn/2005l.html#34 More Phishing scams, still no SSL
being used
http://www.garlic.com/~lynn/2005o.html#46 Article: The True Value of Mainframe
Security
http://www.garlic.com/~lynn/2005p.html#24 Hi-tech no panacea for ID theft woes
http://www.garlic.com/~lynn/2005t.html#27 RSA SecurID product
http://www.garlic.com/~lynn/2005t.html#34 RSA SecurID product
http://www.garlic.com/~lynn/2005u.html#3 PGP Lame question
http://www.garlic.com/~lynn/2005u.html#31 AMD to leave x86 behind?
http://www.garlic.com/~lynn/2005u.html#33 PGP Lame question
http://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
http://www.garlic.com/~lynn/2006c.html#34 X.509 and ssh
http://www.garlic.com/~lynn/2006d.html#26 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006d.html#28 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006e.html#21 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006e.html#30 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005
Make Sense
http://www.garlic.com/~lynn/2006f.html#16 trusted repositories and trusted
transactions
http://www.garlic.com/~lynn/2006g.html#38 Why are smart cards so dumb?
http://www.garlic.com/~lynn/2006h.html#14 Security
http://www.garlic.com/~lynn/2006h.html#15 Security
http://www.garlic.com/~lynn/2006k.html#4 Passwords for bank sites - change or
not?
http://www.garlic.com/~lynn/2006k.html#16 Value of an old IBM PS/2 CL57 SX
Laptop
http://www.garlic.com/~lynn/2006k.html#17 Hey! Keep Your Hands Out Of My
Abstraction Layer!
http://www.garlic.com/~lynn/2006o.html#35 the personal data theft pandemic
continues
http://www.garlic.com/~lynn/2006o.html#47 the personal data theft pandemic
continues
http://www.garlic.com/~lynn/2006p.html#18 19,000 Accounts Compromised
http://www.garlic.com/~lynn/2006p.html#38 Hackers steal AT&T customer data
http://www.garlic.com/~lynn/2006t.html#5 Are there more stupid people in IT
than there used to be?
http://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN
processing
http://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN
processing
http://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN
processing
http://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that
increases password security
http://www.garlic.com/~lynn/2006y.html#8 Securing financial transactions a high
priority for 2007
http://www.garlic.com/~lynn/2006y.html#25 "The Elements of Programming Style"
http://www.garlic.com/~lynn/2007.html#5 Securing financial transactions a high
priority for 2007
http://www.garlic.com/~lynn/2007.html#42 The logic of privacy
http://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was
Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#12 Special characters in passwords was
Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#20 How many 36-bit Unix ports in the old
days?
http://www.garlic.com/~lynn/2007b.html#33 security engineering versus
information security
http://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a
high priority for 2007
http://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a
high priority for 2007
http://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high
priority for 2007
http://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high
priority for 2007
http://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a
high priority for 2007
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
