[sldev] More about viewer auth in today's RC
Argent Stonecutter
secret.argent at gmail.com
Wed Dec 5 08:04:03 PST 2007
On 04-Dec-2007, at 20:35, Jesse Barnett wrote:
>> It's not a security system.
>> Like Tess said, this isn't about security.
>> This is about a lot of words that people mix up with security. Like
>> evidence, and investigation, and forensics, and stuff like that.
> Billion dollar credit card companies would disagree with that
> assessment.
I don't think so. Credit card companies do not actually apply a huge
amount of direct effort to security. Your credit card and number
contain no security features beyond a simple documented (thus
reproducible) checksum. If they were to make their cards foolproof
with embedded biometric sensors, encrypted certificates, and temper-
resistant storage... they would get so much pushback from their
customers. Instead they apply the effort to fraud investigation, and
tools to improve fraud investigation, and gathering evidence to
detect fraud, and so on.
More information about the SLDev
mailing list