|
** Reply to note from boothm@ibm.net Fri, 14 Nov 97 20:01:03 -0500 > Here, in my mind, is the whole essense of internet security. Of course > this scenario could be played out, and undoubtedly has been, over and > over. The presence of an Internet isn't required at all. The target can > be the regular daily business as it is right now. Whetther the attack is > by data wire, or machine guns in a Bank's lobby, or a bazooka on an > armoured truck, the issues are still the same. Security is a big business > and the internet is just one more business opportunity for the security > people, but we should not avoid the internet anymore than we avoid using > telephones, faxes, or ATM machines. And perhaps less. Booth, you are right. One advantage that we have in internet security is that someone is actually thinking about it, and working on it. Certainly applications can be cracked, but there is a matter of time and expense in doing so. Will a criminal invest $1000 to crack a transaction from which they will obtain a credit card number that will net them $500? The reason there have been high profile cases of card fraud is that new technology touches areas where people haven't considered the security risks. That is no reason to refuse to do business in those areas where the risks have been considered and security measures are in place. It is important to actually look at what the measures are and decide if you think that things are secure enough. So far, millions of dollars worth of business is done each day over the internet with no giant leap of fraud. As an example of how transactions can be secured across the internet, there is the "third party". Both buyers and sellers want to be assured that the other is really who they say they are. eBanks allow you to set up an account with them through whatever means (let's say you use the conventional postal application like you might for a new credit card). The vendor who wishes to sell over the internet also registers with the eBank in order to receive payments from them. You then browse your vendor's site and spot that new modem (or pair of shoes) that you want to buy. You select it and move to the order screen. When you click "Ship It!", your machine and the vendor's both open secure (encrypted) sockets to the eBank. The bank uses the conversations to verify that you are who you say you are and that the vendor is who they say they are. The eBank then issues a transaction number to both of you and the item is purchased. At no time did any of your credit card information flow across. No information at all was sent un-encrypted. Java helps to make this happen by allowing eBanks and vendors to build the software interface they want without being concerned about which platform it will be run on. Millions is being spent to create a secure environment for Internet transactions to make the same customer safe who currently wads up their credit card receipts, and tosses them in the trash. > Booth Martin Chris Rehm Mr.AS400@ibm.net How often can you afford to be unexpectedly out of business? Get an AS/400. +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to "JAVA400-L@midrange.com". | To unsubscribe from this list send email to MAJORDOMO@midrange.com | and specify 'unsubscribe JAVA400-L' in the body of your message. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
