[ale] OT: Security code on Credit/Debit cards

Michael H. Warfield mhw at WittsEnd.com
Tue Feb 23 14:28:14 EST 2010


On Tue, 2010-02-23 at 12:01 -0500, Jim Popovitch wrote: 
> On Tue, Feb 23, 2010 at 11:51, Jim Kinney <jim.kinney at gmail.com> wrote:
> > True. But being in a position to see relevant data is also being in a
> > position to SELL relevant data. And that part is far too easy.

> I seriously doubt that is an issue at any moderately sized financial
> entity, there are just too many walls in the way.   That's not to say
> that a rougue sysadmin can't go maverick, but that's not really what
> this thread is about.   Easily sniffing relevant financial data, from
> a mild to medium financial institution, is not a concern in 2010.

The usual answer to that is to ask them if they need to run it past the
corporate lawyers.  That usually changes attitudes real fast.  You can
present them with all the technical answers and reasoning and captures
and demonstrations you want, but, as soon as you start talking about
needing to clear things with the legal eagles, people pucker up real
fast and start moving in CYA mode.

> -Jim P.

Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20100223/7fc625f6/attachment-0001.bin 


More information about the Ale mailing list