Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ISN] Cyber Fears on Fed's Web Plan

from [InfoSec News] Network Security [Permanent Link]
Subject: Re: [ISN] Cyber Fears on Fed's Web Plan
Date: Wed, 18 Aug 2004 05:53:17 -0500 (CDT) 
Forwarded from: Eric Hacker <isn@erichacker.com>

On Mon, 16 Aug 2004 03:28:44 -0500 (CDT), InfoSec News wrote:

http://www.nypost.com/business/18671.htm

With little fanfare, the Federal Reserve will begin transferring the
nation's money supply over an Internet-based system this month - a
move critics say could open the U.S.'s banking system to cyber
threats.


.....


Patti Lorenzen, a spokeswoman for the Federal Reserve, said the
agency is taking every precaution.



"Of course, we will not discuss the specifics of our security
measures for obvious reasons," she said.


Hmmm. Are the reason's obvious because we are dealing with a
bureaucratic government agency that still has the bassackwards idea
that security through obscurity works?

Most security engineering is a compromise between cost and risk, and
maybe it is unwise to go into detail about those compromises (maybe
not). Regular Multi-million dollar transactions, like electronic
voting, do not fall into that category. This should be a rock solid as
AES and go through just as much public review.

Eric Hacker



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - 
http://www.osvdb.org/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [ISN] Big Brother's Last Mile, InfoSec News
Next by Date:  [ISN] REVIEW: "Computer Security for the Home and Small Office", Thomas C. Greene, InfoSec News
Previous by Thread:  [ISN] Cyber Fears on Fed's Web Plan, InfoSec News
Next by Thread:  [ISN] Linux Security Week - August 16, 2004, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]