Stupid ebay/amazon question
Ben Scott
dragonhawk at gmail.com
Thu Jun 29 11:36:01 EDT 2006
On 6/29/06, Christopher Schmidt <crschmidt at crschmidt.net> wrote:
> I don't know how likely that is, but there is no technical reason why
> this should ever be a requirement, which means that if this is
> happening, it would be either malicious or ignorant.
You forgot "apathetic". A lot of organization know they play fast
and loose with customer data, but just don't care. Or, at least,
don't care enough to do something about it. Sometimes they feel a
little bad, I guess.
I wish I was kidding, but look at the near-monthly news reports
about how some random, big organization had tons of customer
information disclosed, usually because their entire customer database
was on some weenie's laptop or on a public webserver with a root
password of "passw0rd" or something like that.
"Your web transaction is secure because we use SSL.... too bad
everything *else* is wide open."
-- Ben
More information about the gnhlug-discuss
mailing list