[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cybank breaks new ground; rejects public-key encryption
=?ISO-8859-1?Q?J=FCri_Kaljundi?= writes:
> There must be something wrong with bank people all over the world. One
> local bank that now is offering payments using their WWW server here in
> Estonia, and every time I publicly announce some security flaw in their
> system, I have to convince them this bug really exists, they never want to
> believe me.
I would suggest a much simpler technique.
Explain to them the next time you point out a flaw, that you will be
explaining these flaws by publishing exploits in the local newspaper,
and that all future flaws will be explained in the newspapers until
such time as they begin to take you seriously.
> What might be a good reward for hacking into an Internet bank and
> showing I can steal their money?
Don't bother. Just describe the flaws in public enough, and then you
have no risk because you are not committing a crime, and you have a
gain because you get an increase in your reputation for supplying
accurate information.
Perry