Lynn Harrison wrote:
Starwave is warning customers about an "intruder" who took credit card numbers from the ESPN and NBA Web sites and then sent messages to the card owners about the alleged security flaws. Will the security breach on the popular sports sites affect emerging e-commerce efforts?
Is this the same story as the one in The Wall Street Journal today about Phiber Optic's "accidentally" sending worldwide a security test that automatically returns passwords stored on supposedly secure systems? Phiber claims he did not know the test would generate a flood of passwords to his e-mail address: from corps, mils, and govs. Says he's so sorry, especially because he's still doing community service. Phiber's employer refused to name the computer corp that installed the secure system Phiber was testing. However, experts interviewed said the password snarf feature is, ahem, well-known to experts, and that the only security worth trusting is the one you build and run yourself and test frequently and still makes you lay awake at night shivering in doubt fear and uncertainty -- like guilty-parental senators, TLA directors, and all the world's bearers of the public trust and such fundy druggies.