Unless I've missed it, I've yet to see anyone positively confirm that credit card numbers or other data is flying around in the clear on these networks. I've been amazed (and disappointed) to see press coverage that appears to be little more than hearsay. Has there been independent confirmation of credit cards numbers in the clear done by any member of the press, or done by any individual or organization acting as a source to the press with a methodology that allows for independent confirmation (packet captures)? ---Matthew *********** REPLY SEPARATOR *********** On 5/2/2002 at 1:01 PM OBrien, Brennan wrote: >Just so I'm clear... I know I remember the discussion of "security by >obscurity" going the way of the dodo bird, but when did we decide >"security through humiliation" was a good technique?? > >From the Best Buy response below, it sure looks like they made an honest >mistake in their practices -- SOMETHING EVERY ONE OF US HAS DONE IN THE >PAST. So, now we're going to raise fear, uncertainty and doubt in the >(already a little flighty) buying public which could scare away more >consumers and really hurt these guys. Is this issue fact? Yes. Does the >public at large get it? Nope, not really. > >Funny thing about guns... When you pull the trigger, you not only need to >know what you're hitting, but what's beyond it in case the bullet goes all >the way through.. > >Sarah, it was really cool of you to send them your note. Good job. >
This archive was generated by hypermail 2b30 : Thu May 02 2002 - 15:43:36 PDT