[59966] in North American Network Operators' Group
Re: User negligence?
daemon@ATHENA.MIT.EDU (Peter Galbavy)
Mon Jul 28 06:13:26 2003
From: "Peter Galbavy" <peter.galbavy@knowtion.net>
To: "ken emery" <ken@cnet.com>,
"North American Noise and Off-topic Gripes" <nanog@merit.edu>
Date: Mon, 28 Jul 2003 11:12:49 +0100
Errors-To: owner-nanog-outgoing@merit.edu
ken emery wrote:
> I'm not sure what needs to be done, but the security as now
> implemented
> is not even close to enough IMHO. Networkwise (to bring this back on
> topic) I'm not sure there is really much that can be done.
Don't forget the desperate need for user *and* staff education. I have now
multiple time got calls from my bank asking to discuss my account. Could I
just verify my details ? they asked. Er, you first, I said. They didn't get
it. They didn't understand why, as someone who is lightly paranoid and
understand more about security than they do, I was concerned that they
couldn't prove they were from the bank...
Peter
