[Gllug] natwest fantasticness

[Simon Perry]

Peter Childs wrote:

> Computer security is always a bit of a joke anyway. Any on-line 
> banking is only has secure as the weakest link. Usally the password 
> belonging to the person who uses a simple password like their first 
> name and then writes it down just to make sure its public knowledge.

Here here and not to mention whatever key logging / backdoor nastiness 
Mr & Mrs Average unknowingly have on their unpatched windoze systems.

>    Its like this new Chip and Pin. If thats more secure than a 
> personal thing like a signiture then I'm not a computer programmer. In 
> this age where we think seriously of using a 128 bit encription the 
> creditcard company go and use a 10bit key! Rather than a much large 
> key that they were using before ie somones signiture. True passwords 
> are not much stronger than a pin but they are usally twice the length 
> with twice the number of different letters.
>    Sorry for stating my opions but the adverts were beginning to get 
> on my nerves.
>
I think the big thing for the card companies here is that they can catch 
a wrong pin immediately where a forged signature may well not come to 
light for ages depending on when a card is reported lost/stolen or how 
often someone checks their statement. Also IIRC card companies are 
obliged to honor a fraudulent transaction that have been signed for 
unlike mail order where they penalise the retailer.

Simon

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug