LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Domain Registration

[ILUG] Domain Registration

Colm MacCarthaigh colm at stdlib.net
Tue Sep 25 08:24:28 IST 2007 

On Mon, Sep 24, 2007 at 02:56:57PM +0100, Thomas Bridge wrote:
> And the risk is not with you putting it on paper, but giving it to
> people who don't handle the security very well.

... such as those who use fax :-)

> > Yes, and any business which asks for a fax plainly isn't thinking about
> > it, they're not trying to protect customers - only themselves. The
> 
> There is no "huge increased risk" - there is an increased risk, but
> I'm objecting to the use of the adjective "huge".    Risks with Credit
> Cards are elsewhere.

There are plenty of risks all-round, but I do think physical copies are
a huge risk, mainly to opportunists.

> Hmmm - lets see.   Nice printed fax, stored in a folder somewhere in
> the archives of the vendor, requiring *physical* access to the
> printout.

Or in a big-bag, who knows?

> As opposed to stored on a database which is accessible over the
> internet.   Or a laptop which gets nicked - which has happened a
> couple of times in the UK recently.

Sure, but the problem with faxes - is that the risk is in addition to
the above, it's not like the people who want faxes from you don't also
make you fill in a webform to make their lives easier. So the risk
is only additive, again - only for their benefit - not yours. 

> Are you really trying to make the argument that an internet connected
> server is more secure than an office filing cabinet?

No, but I don't accept that the fax will end up in a filing cabinet so
reliably or quickly. 

> If I had a database of several thousand stolen card numbers, I
> wouldn't care for credit limits - I'd just keep trying numbers.

But that's not really my worry - my worry is a rogue employee, or bin
collector scanning through the fax images and picking the ones which
look the most lucrative ot them. 

> > > Such as ringing up the vendor and giving the details over an
> > > "insecure" line?
> 
> > Well, no .. such as faxing it.
> 
> None of the objections you raised regarding the fax don't apply to the
> voice call.

I did say I try to avoid giving it over voice. 

-- 
Colm MacCárthaigh                        Public Key: colm+pgp at stdlib.net

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell