Random thought on penetrating security

**Norm** · 02-17-2012, 04:58 PM

VPN’s are only as secure as their managers. But, I’m talking about machine to machine networks which are vastly more secure. The connections between ATMs and their servers are obviously not over the I ‘Net and certainly not used by people surfing websites. The guy that developed the Citibank network architecture worked for me when I was in charge of their tech architecture and strategy, and he and I together couldn’t break what he developed.

As far as the casino to which I referred, NO, it would not have been accessible via a VPN or any of the programmers. That’s not how it works. We are not talking about the incompetent efforts of e-mail providers that really don’t care about privacy. Indeed, most of them violate privacy themselves. We are talking about financial networks that can suffer enormous losses by hacking.

There have been hugely embarrassing failures in security. But, they are all related to personal data. And, whether we like it or not, businesses don’t give a crap about your personal data. But, they do care about their own money. And that is protected at vastly higher levels.

**RWM** · 02-17-2012, 05:48 PM

I wouldn't think it easy to get into a casino's system, but OSN I'd guess has a budget of next to nothing. I can't imagine that would be that difficult to get into and of a lot more interest to me. Also SIN and Biometrica.

**Norm** · 02-17-2012, 07:01 PM

Originally Posted by RWM

I wouldn't think it easy to get into a casino's system, but OSN I'd guess has a budget of next to nothing. I can't imagine that would be that difficult to get into and of a lot more interest to me. Also SIN and Biometrica.

Small companies are another matter. People untrained in security do not understand basic principles. When I was a yout’, a place I worked for installed a safe. I was curious why. No way I could figure out a serious combination safe. So, one night, I picked the joke lock they put on the file cabinet next to it with two paper clips. All the folders inside were in convenient alphabetic order. So, I found the folder titled “safe.” Sure enough, the combination was in the folder. As Marvin said, humans are the weak link.

**RWM** · 02-18-2012, 09:39 AM

Originally Posted by Norm

Small companies are another matter. People untrained in security do not understand basic principles. When I was a yout’, a place I worked for installed a safe. I was curious why. No way I could figure out a serious combination safe. So, one night, I picked the joke lock they put on the file cabinet next to it with two paper clips. All the folders inside were in convenient alphabetic order. So, I found the folder titled “safe.” Sure enough, the combination was in the folder. As Marvin said, humans are the weak link.

You sound like a young Richard Feynman. If you haven't read his books check them out.

Thread: Random thought on penetrating security

Thread Tools

Display

Bookmarks

Bookmarks

Posting Permissions

Other QFIT Sites

Internal Links

About Blackjack: The Forum