Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
I am not sure jail time would be appropriate, but I would say that if
the company was found to be negligent in their security practice and
the identity information was stolen, then it would open them up to
huge security risks.
As it is, I think these companies are already opened up to a lawsuit
by anyone who can prove that they purcahsed something with a card at
that store and then had their identity stolen. If you are going to ask
for the information, then you have to safeguard it.
But this is just like the credit card receipts. I was just in Missouri
and practically everywhere I used my card, the printout the store kept
had my credit card, expiration date and Name printed plainly on the
receipt. What is up with that? On top of that I had one sprig of
broccoli that insisted that she had to rerun my card when I scribbled
off everything except the last four numbers and my name.
We can complain about wireless networks and computer system security
all you want, but in truth, the best security protocols will not work
if your users give away the keys to the kingdom.
You all should read Kevin Mitnicks book if you have not. I have
actually read it twice because it was so enlightening about how social
engineers will get into your system.
Sure put up firewalls, lock down your systems, use Linux to help keep
hackers out and turn around and let the receptionist give away the
keys to someone just calling on the phone.
On Fri, 17 Dec 2004 13:03:31 -0800, Michael <EMAIL:PROTECTED> wrote:
>
> > According to this article...
> >
> > http://www.computerworld.com/securitytopics/security/cybercrime/story/0,10801,98355,00.html
> >
> >
> > The three men were indicted by a grand jury in November 2003 on 16
> > counts of conspiracy, wire fraud, computer fraud, unauthorized computer
> > access, intentional transmission of computer code and attempted
> > possession of unauthorized access devices.
> >
> > The men faced maximum sentences of 170 years in prison if convicted on
> > all counts.
> >
> > Previously, the longest federal sentence in a hacking case is believed
> > to be the 68-month sentence imposed on computer hacker Kevin Mitnick,
> > the government said.
> >
> > This is an interesting case. Was it "conspiracy" because they two
> > guys made the plan together?
> >
> > Don't get me wrong, I think they deserve to be punished, but I don't
> > think this is the most heinous computer crime for which anyone has
> > ever been sentenced, but it does seem to be the longest prison
> > sentence ever imposed for this type of crime. We definitely should go
> > after these people and sentence them, but we have to maintain
> > *proportionality* (appropriate relationship between crime and
> > punishment). We can't just get frustrated and start executing them!
>
> So who's in for a plan to wait four years and then break these guys out?
> I think four years sounds like more than enough time considering they
> didn't even use any of the data they were snooping on. Four months
> sounds high to me given then didn't even use the data.
>
> If I ever start commiting computer crimes I'll decide to rape, murder,
> and pillage too.. it might help me get a shorter sentence.
>
> --
> Michael <EMAIL:PROTECTED>
> http://kavlon.org
>
> _______________________________________________
> members mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/members
>
--
Thanks
F Vernon Green
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact