Windows & credit card security 16828

Op Tue, 21 Jun 2005 08:07:56 -0400, schreef Larry Qualig:

1) The articles about this incident mention a virus as the attack vector. I only know of one OS which is susceptible to viruses in any practical sense. 2) If the IIS server mentioned was indeed a front end for the actual database system, and this server's security was breached in such a manner that the attacker gained full control over it, the attacker would automatically have gained access to any information stored in the database which was accessible through the front end.

Of course, there is still a chance that a vulnerability of another OS was the main cause for the incident, yet considering all available information, this latter course of events has a much lower probability. Unfortunately, the exact details about this affair will almost certainly never be published.

All in all, chances are that the cause of this problem was a poorly maintained Windows system. As maintaining airtight security on any Windows system is notoriously difficult(*), I'd say both Windows and CardSystems bear equal responsibility in this matter.

*) A recent survey of IT security in the Netherlands by state officials shows that some 50 percent of all companies had to deal with computer virus infections in the past year, more than double the amount of the previous year. In addition, the number of security flaws in security software itself exhibits an alarming rise. As both viruses and virus protection software are almost exclusively found on Windows systems, this suggests that the Windows platform is quickly becoming a poor choice in situations where system and data security bear any importance whatsoever (if ever it was a good choice to begin with, which I very much doubt). These figures also match my own experience: for the past few years, I'm seeing a sharp increase in the amount of inquiries, from both companies and individuals, regarding a switch away from Windows, mostly because of security and maintenance issues.

Windows & credit card security 16829
Larry Qualig Some sort of public key encryption stuff going on there between Dell (the merchant) and the cc companies (the transactors) which means that the client doesn't...

Richard Rasker

-- Linetec Translation and Technology Services

Linux | Previous | Next

Windows & credit card security 16829

Linux Advocacy from Newsgroups

The #1 Usenet Provider on the Internet

Windows & credit card security 16827

PLEX86 x86- Virtual Machine (VM) Program


	CVS \| Mailing List \| Download \| Newsgroups

		Windows & credit card security 16828 Op Tue, 21 Jun 2005 08:07:56 -0400, schreef Larry Qualig: 1) The articles about this incident mention a virus as the attack vector. I only know of one OS which is susceptible to viruses in any practical sense. 2) If the IIS server mentioned was indeed a front end for the actual database system, and this server's security was breached in such a manner that the attacker gained full control over it, the attacker would automatically have gained access to any information stored in the database which was accessible through the front end. Of course, there is still a chance that a vulnerability of another OS was the main cause for the incident, yet considering all available information, this latter course of events has a much lower probability. Unfortunately, the exact details about this affair will almost certainly never be published. All in all, chances are that the cause of this problem was a poorly maintained Windows system. As maintaining airtight security on any Windows system is notoriously difficult(), I'd say both Windows and CardSystems bear equal responsibility in this matter. ) A recent survey of IT security in the Netherlands by state officials shows that some 50 percent of all companies had to deal with computer virus infections in the past year, more than double the amount of the previous year. In addition, the number of security flaws in security software itself exhibits an alarming rise. As both viruses and virus protection software are almost exclusively found on Windows systems, this suggests that the Windows platform is quickly becoming a poor choice in situations where system and data security bear any importance whatsoever (if ever it was a good choice to begin with, which I very much doubt). These figures also match my own experience: for the past few years, I'm seeing a sharp increase in the amount of inquiries, from both companies and individuals, regarding a switch away from Windows, mostly because of security and maintenance issues. Windows & credit card security 16829 Larry Qualig Some sort of public key encryption stuff going on there between Dell (the merchant) and the cc companies (the transactors) which means that the client doesn't... Richard Rasker -- Linetec Translation and Technology Services Linux \| Previous \| Next



		Windows & credit card security 16829 Linux Advocacy from Newsgroups The #1 Usenet Provider on the Internet Windows & credit card security 16827