[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)

On 15/04/14 02:03, Stan Hoeppner wrote:
>> I certainly wouldn't jump to conclusions that they're a bank therefore
>> > they use IBM mainframes therefore they don't use OpenSSL therefore
>> > they're invulnerable, 
> I jumped to no conclusion.  Do you see the word "bank" in my original
> statement below?  No, you see "financial institutions".

Sorry. I'll add the logical step: "... they're a bank therefore they're
a financial institution therefore they use IBM mainframes ..."

>> > and I wish that they'd tell us either way.
> Yes, that would be nice.  But outside of technical geeks, none of their
> customers are paying attention.

Of course they're not paying attention. Nobody's telling them about it.
The non-technical people I've spoken to have generally not heard of it.
Maybe they haven't heard of it either: that's one of the things that
concerns me.

>  And, more importantly, as a rule
> chiseled in granite, financial institutions, especially banks, never
> admit to doing anything wrong, because it opens them up to liability,
> lawsuits, thus monetary loss.  The lawyers have sewn the executives lips
> shut on this while they spend days, if not weeks to a month figuring out
> how to best handle "needed" disclosure without losing [m|b]illions.

That may be the problem, sure. Even though I wouldn't consider it them
doing something wrong, I can see that some would, and it's an
opportunity for lawyers to make money.


Reply to: