[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Heartbleed (was ... Re: My fellow (Debian) Linux users ...)



On Mon, Apr 14, 2014 at 10:34:29PM -0400, shawn wilson wrote:
> On Apr 14, 2014 10:11 PM, "Richard Hector" <richard@walnut.gen.nz> wrote:
> > They don't need to send an email, or anything intrusive. They just need
> > to put a big notice on the login page of their internet banking site -
> > along with (or instead of) all the ads they have for cheap loans or term
> > deposits or whatever. It would make virtually no difference to the speed
> > of logging in, and would reassure me that they take security seriously.
> >
> 
> This is totally OT (this thread sorta has been for a while)

There is an old saying, "Don't try and put a fire out with gasoline!"

> All banks take security seriously - if they fail audits, someone will get
> fired (probably a C level someone). Past that, I can say BofA seems to
> spend extra effort on security for businesses and high value customers, and

A few years ago I had some checks stolen and subsequently cashed. The
banks weren't interested until I got the cops involved and only then did
they refund my money. Sure, they are worried about security -- their own
security.

> If a company starts posting CVEs on their home page, I'll think it kinda

Don't be ridiculous. 

-- 
"If you're not careful, the newspapers will have you hating the people
who are being oppressed, and loving the people who are doing the 
oppressing." --- Malcolm X


Reply to: