[ale] How to hack a bank

Michael Trausch mike at trausch.us
Wed Apr 28 14:47:53 EDT 2010


On Wed, 2010-04-28 at 14:38 -0400, Jim Philips wrote:
> Yes, the social Web of Facebook and LinkedIn must be a true goldmine
>  for hackers. I have worked in financial services for about fifteen
>  years. Many of these companies believe that if they meet all the
>  compliance rules, they are necessarily secure. It's interesting that
>  PDF's were the vector here. At one company where I worked, they did
>  everything they could to block "suspicious" Web sites, but never
>  bothered to warn people about the dangers of PDF's. 

Yet another reason to use the one truly secure format for information
interchange: plain text.

Seriously, I don't understand why every non-trivial document format in
existence has to present a wide attack surface that can be relatively
easily used to enhance the vulnerability of any particular system or
network.  Just once, I'd like to see something as widely adopted as PDF,
but without the sort of nasty teeth that PDF, MS Word, ODT, etc., bring
with them.

	--- Mike

-- 
Even if their crude and anticompetitive business practices don't make
you think about using their software, their use of sweatshops and child
labor should:  boycott Microsoft like you would any other amoral child
abuser:  http://is.gd/btW8m

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20100428/e316881a/attachment.bin 


More information about the Ale mailing list