| | 
08-05-2008, 03:33 PM
| | Registered User | | Join Date: Jun 2005 Location: Hong Kong
Posts: 5,357
| | Quote:
Originally Posted by Claire ex-ax  No possible damage then? Remember what happened to Jeremy Clarkson... | I didn't say that. What I said was that if people wanted that information about you there are far, far easier ways to get it than to try to crack the security on a bank's server.
Last edited by PDLM : 08-05-2008 at 03:51 PM.
|
08-05-2008, 03:42 PM
| | Registered User | | Join Date: Jun 2005 Location: Hong Kong
Posts: 5,357
| | Quote:
Originally Posted by KnowItAll PDLM - trust you to believe everything that HSBC says.
Only their IT folks and Insurance people would know the truth... | Indeed - but if the server was entirely unprotected I can't believe HSBC would be stupid enough to say that it had "multiple layers of security which are reviewed regularly" since the reputation cost of someone then producing the list of names would be immense. (Even though in practice they couldn't do much with it.)
And frankly there are thousands of people in Hong Kong and elsewhere who trivially have access to my name, address, bank account and credit card details (being all the customer service, accounts and other people in the organisations who have access to my accounts everywhere that I pay bills or shop). Again, if someone wants that information they could either get a job as a customer service rep at one of the organisations, or bribe someone who already is there. This would be far, far easier than cracking security and encryption on a server.  |
08-05-2008, 03:44 PM
|  | Registered User | | Join Date: Oct 2006
Posts: 137
| | What you said was: Quote:
Originally Posted by PDLM ...all they would get if they could is get names, account numbers and transaction details. | That's enough.
On your other point, granted it's far easier just to have computers scanning the internet to get the relevant information. A certain bank [name beginning with C] has had its security systems breached so many times that it no longer announces them. |
08-05-2008, 03:50 PM
| | Registered User | | Join Date: Jun 2005 Location: Hong Kong
Posts: 5,357
| | | Anyone you have ever made any non-cash payment to has your name and either your bank account number or credit card number. So there are tens of thousands of people already with that information in Hong Kong, from waitresses to customer service reps, to landlords, to colleagues.
I really can't get stressed about one more person getting the information. |
08-05-2008, 03:51 PM
|  | Resident Peacekeeper | | Join Date: Apr 2003 Location: Pokfulam Age: 40
Posts: 9,890
| | >> "multiple layers of security which are reviewed regularly"
All irrelevant if their drives are not encrypted.
If its the same lot that manage their epayments system in UK, I'd not bet on it. HSBC e-payments system goes titsup | The Register |
08-05-2008, 03:54 PM
| | Resident Peacekeeper | | Join Date: Apr 2003 Location: Pokfulam Age: 40
Posts: 9,890
| | | Love this line in the comments section ...
"Paris, because even her panties stay up more than HSBC's servers." |
08-05-2008, 04:00 PM
|  | Registered User | | Join Date: Jan 2008 Location: Kowloon, HK
Posts: 87
| | | Just checked Claire's earlier mention 'bout the Immigration Dept...
Sh*t happenz...
And yet another long "probe"
(Er, a particularly SLOW day today.)
Source: RTHK.org.hk
Immigration data leaked on internet
2008-05-08 HKT 11:27
An immigration officer is facing disciplinary action after he mistakenly leaked classified information on the internet, including a list of visitors who need special monitoring. The Immigration Department is still investigating the scale of the problem, and said it's doing everything possible to minimise the damage.
The officer - who was recently recruited - took home some old classified computer files to study - without authorisation. His computer was connected to the internet and the files were distributed without his knowledge by a file sharing programme. Files that were leaked included a list of leaked included a list of visitors who need special monitoring. There were also records of operational mistakes by immigration officers.
Speaking on RTHK's BackChat programme, the Privacy Commissioner, Roderick Woo, said he was informed about the case yesterday. He said a probe would be carried out into the incident. |
08-05-2008, 04:02 PM
| | Registered User | | Join Date: Jun 2005 Location: Hong Kong
Posts: 5,357
| | And in another thread recently we had somebody whinging at length about HSBC for reasons including that the computers in their branch were not able to access the internet.
So what do you want people? Security or convenience?
If you really want to understand more about what security and risk really means then I strongly recommend the work of Bruce Schneier, one of the world's experts in this field, who also writes about it extremely well.
Last edited by PDLM : 08-05-2008 at 04:05 PM.
|
08-05-2008, 04:05 PM
| | Resident Peacekeeper | | Join Date: Apr 2003 Location: Pokfulam Age: 40
Posts: 9,890
| | | How about both? Security and convenience do not have to be mutually exclusive with current technology. |
08-05-2008, 04:35 PM
| | Registered User | | Join Date: Jun 2005 Location: Hong Kong
Posts: 5,357
| | Quote:
Originally Posted by KnowItAll How about both? Security and convenience do not have to be mutually exclusive with current technology. | So long as the "technology" includes people then there's always a tradeoff. I am quite happy that junior bank staff who have access to all my financial details on their PC don't also have an internet connection on there. | | Tools | Search | | | | | Rate This Thread | | | All times are GMT +8. The time now is 11:22 AM. | |
