Information Security News mailing list archives
Re: Cyber Fears on Fed's Web Plan
From: InfoSec News <isn () c4i org>
Date: Wed, 18 Aug 2004 05:53:17 -0500 (CDT)
Forwarded from: Eric Hacker <isn () erichacker com> On Mon, 16 Aug 2004 03:28:44 -0500 (CDT), InfoSec News wrote:
http://www.nypost.com/business/18671.htm With little fanfare, the Federal Reserve will begin transferring the nation's money supply over an Internet-based system this month - a move critics say could open the U.S.'s banking system to cyber threats.
.....
Patti Lorenzen, a spokeswoman for the Federal Reserve, said the agency is taking every precaution.
"Of course, we will not discuss the specifics of our security measures for obvious reasons," she said.
Hmmm. Are the reason's obvious because we are dealing with a bureaucratic government agency that still has the bassackwards idea that security through obscurity works? Most security engineering is a compromise between cost and risk, and maybe it is unwise to go into detail about those compromises (maybe not). Regular Multi-million dollar transactions, like electronic voting, do not fall into that category. This should be a rock solid as AES and go through just as much public review. Eric Hacker _________________________________________ Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/
Current thread:
- Cyber Fears on Fed's Web Plan InfoSec News (Aug 16)
- <Possible follow-ups>
- Re: Cyber Fears on Fed's Web Plan InfoSec News (Aug 18)