[LINK] The truth about Internet fraud

[Chirgwin, Richard]

Hmmm. ZDnet opens with the mass theft of card numbers, which remains a far
lesser threat to merchants than number generation using cheap and
freely-available software like CreditMaster. Yes, the story finally gets to
the "truth" but it still leads with the sensationalist line.

Nor is ZDnet's history up to scratch:
>Although these algorithms were developed in the 1960s, generator software
appeared in >the early 1990s as a problem online.

Wrong. Algorithm generators like CreditMaster date back to the 1980s, when
they were used to defraud bulletin board merchants. Still, a minor quibble.

Bu I have to question ZDnet's understanding of net security. Another story
linked from the same page:
>NAB Blacks Out Net Banking
>http://www.zdnet.com.au/news/breakingnews/story/0,2000011362,20209534,00.ht
m

contains this gem:
>The upgrade will remove digital certificates which restrict hacking.
>The National is currently the only local bank to use the certificates.

I'm sure other banks would be thrilled to know that they're not using
digital certificates. And digital certificates reduce fraud, not hacking.
And, and, and...

Richard Chirgwin


-----Original Message-----
From: Rick Welykochy [mailto:rick@praxis.com.au]
Sent: Friday, 16 March 2001 22:00
To: link@www.anu.edu.au
Subject: Re: [LINK] The truth about Internet fraud


Tony Barry wrote:
> 
> The truth about Internet fraud
> Online credit card scams cost Visa USA at least US$48 million last
> year. Read on to
> discover the real story behind the biggest threat to e-commerce and
> how you can protect
> your business and yourself
> http://cgi.zdnet.com/slink?86885

Can anyone really have any sympathy for the "victim" cited
in the opening paragraphs? They were storing credit cards online
in plain text format. It is trivial to encrypt such information
to keep it from prying eyes. Especially internal ones, which is
the source of the majority of security breaches.


--
Rick Welykochy || Praxis Services Pty Limited