MasterCard scandal: More details emerge

Silicon.com ^ | June 21, 2005 | Joris Evers

[HAL9000]

FYI - More wonderful publicity for Microsoft.

[Ramius]

Lame.

Blaming your firewall and/or policy failures on *any* OS infrastructure is just plain lame.

[JustAnotherOkie]

It's probably more like blaming Ford for someone driving an Expedition into someone's house, or blaming Colt for some gangsta getting capped.

[softwarecreator]

Ouch.  Usually I defend MS, but I ain't touching this one!

In all fairness though, every OS is vulnerable to attack.  Their have been attacks and breaches on mainframes, macs, Linux, OS2, etc...

[LibFreeOrDie]

"...eight out of 10 "senior-level professionals" in Washington, DC, thought that lawmakers weren't doing enough to keep consumer data safe."

What the h*ll are politicians supposed to do about flawed software? Are they personally now supposed to fix the security holes in Microsoft software?

(Why does everything that's broken need a new law in order for it to be fixed??)

[philz]

I am thinking it is time to sell my MS shares...

[softwarecreator]

Come on, Hal.  I've seen you post a lot of anti-MS stuff before ... are you saying NO other OS would have a security breach.  Bit of a stretch, don't you think?

[ikka]

The credit card companies are very explicit about what data you can hold onto, and what data you cannot retain. I do not keep a record of my customer's CC info (I do recurring billing) on ANY machine that is EVER connected to the Internet. Period.

[CurlyDave]

MBNA, one of the largest US credit card issuers, said it has received information from CardSystems about exposed customer accounts. The company won't contact the individuals affected but is keeping a close eye on the compromised accounts, said an MBNA spokesman.

This ought to be flat-out illegal. Victims, or potential victims of fraud should be notified.

[Terpfen]

Just the latest in a string of security f**kups. Bank of America, Wachovia, LexisNexis, and more.

The problem isn't Microsoft, though their swiss cheese software contributes. No one takes security very seriously, except of course when they're the victim of a lapse, in which case they always get enraged and blame everyone except themselves.

Meanwhile, it pays to be paranoid. Very paranoid.

[chariotdriver]

I think perhaps the reason for this /unfortunately/ is there are potential opportunistic fraudsters in the compromised accounts

[6SJ7]

All we need is John McCain lecturing us on the need to download the latest M/S Service Pack! :-)

[xrp]

Are guns responsible for murders?

Microsoft software is a tool. In the proper hands (someone very Microsoft savvy), IT CAN BE SECURED.

[xrp]

No one takes security very seriously

That's the truth. I know first-hand that many, MANY large corporate companies will slash security spending first when it comes to IT budget crunch time.

Ironically most of these same companies have no problem shelling out big bucks for 2 flat screen monitors per employee.

[television is just wrong]

Hmm, blame the firewall. How about the operators?

[John W]

"(Why does everything that's broken need a new law in order for it to be fixed??)"

Because we've become a nation of pu**y*.

[nhoward14]

Due to the nature of the information available at CardSystems, the OS is irrelevant. The data being sought was highly treasured by the criminals, and they would have tried to find a way in no matter what OS was being run.

[xroadie]

You're right. You can always insure yourself against the (relatively) inexpensive fraud. But an employee complaint for an ergonomic violation? HA!

[HAL9000]

Microsoft software is a tool.

Microsoft operating systems are defective products. They should not be used in environments that require high security.