[Info-vax] VMS on Raspberry Pi 5

56d.1153 56d.1153 at ztq8.net
Wed Nov 22 00:39:11 EST 2023 

On 11/19/23 1:58 AM, Ahem A Rivet's Shot wrote:
> On Sat, 18 Nov 2023 23:15:11 -0500
> "56d.1152" <56d.1152 at ztq9.net> wrote:
> 
>> On 11/18/23 3:01 AM, Ahem A Rivet's Shot wrote:
>>> On Sat, 18 Nov 2023 01:16:41 -0500
>>> "56d.1152" <56d.1152 at ztq9.net> wrote:
>>>
>>>>      Big banks/biz, govt/mil, need to err on the side of
>>>>      security. Google can err on the side of high-volume.
>>>
>>> 	Read this https://cloud.google.com/customers/revolut/
>>>
>>> 	Revolut is one of the biggest banks.
>>
>>
>>     But for HOW LONG if it uses insecure methods ?  :-)
> 
> 	They've been operating since 2015, 

   Many of the others since the 1800s  :-)


> had a data breach in 2022
> resulting from a phishing attack which netted some personal data (about
> 5000 people) and a bug in their US payment system that let them (not their
> customers) lose $20m. Note carefully that neither of these was an
> infrastructure attack.


   But a very relevant attack nevertheless. Doesn't matter
   where you cast blame - damage done.


> 	Pretty small potatoes compared to say the Capital One data breach
> in 2019 that let 100 million credit card application details out or the JP
> Morgan Chase data breach of 83 million accounts or the Experian breach of
> 24 million customer's personal details or the ransomware attack on the US
> branch of ICBC (that's the world's biggest bank) or Flagstar bank which has
> had three data breaches in the last two years or the IBM Moveit data breach
> earlier this year that leaked medical records of 4.1 million people in
> Colerado. It's even small compared to Bank of Ireland's 22 data breaches
> over six months leaking personal data of over 50,000 customers.

   The way modern biz/banking likes to do things, NONE of
   your stuff is very "secure". Basically I don't *do*
   online banking - and WILL change banks if that becomes
   their only option.

   And yes, banks WILL find a way to blame YOU for any
   losses ..... can you afford to go up against their
   lawyers ???

   Should you put up with this shit ???

   Hey, it's your MONEY/SAVINGS/FUTURE/SECURITY ... do
   not go gently ........

> 	I'd say the evidence is that their security stacks up pretty well.

   But only for a few years.

   Wait until NK focuses ........

> 	As anyone involved professionally in data security (hint that
> includes me) knows the vast majority of compromises these days result from
> social engineering (various forms of phishing) not technical issues.

   I agree. But MANY problems result from system-level
   weaknesses too. You see it in the news almost weekly
   now ... giant tech-biz, everything spilled.

   Humans ARE the weakest link - fer sure - but not the
   ONLY weakness. Alas those "other" weaknesses will be
   able to do FAR more damage FAR more quickly.

> 	Peruse this https://tech.co/news/data-breaches-updated-list if you
> don't believe me.

   Stats are fine, but look at the next/next-next lines
   on the vulnerabilities list ....

   I'm old-school, not a fool, I know how badly systems-level
   issues can damage.

   Things like Docker/Kubernetes are great - but DO remember
   their vulnerabilities too. It's all well documented.

   NK knows this stuff too.

More information about the Info-vax mailing list