nanog mailing list archives
RE: OT: Re: User negligence?
From: "David Schwartz" <davids () webmaster com>
Date: Sun, 27 Jul 2003 01:25:24 -0700
I think there is confusion here.
The banks are making the claim, that, if you the user, has an infected PC, that is compromised by an 3lit3 h4x0r, and your password to your bank account is compromised, then the bank is not responsible.
That is what you are saying, Sean?
While the bank holds your money, it is responsible for its safety. This includes making sure the money is only released to you or to those you authorize. If an act of theft or fraud causes the bank to release that money without your authorization, the bank can certainly be held responsible. This is why they hold checks and even, from time to time, call people up to confirm suspicious transactions. Generally banks have a blanket bond to cover theft/fraud losses and this protection extends to their customers. I don't think it would be that difficult to show that there are significant security flaws in the online banking system that the user is neither responsible for nor capable of correcting. You could get a dozen security experts to testify that a static password is not sufficient to protect a system that can perform unretrievable funds transfers. If that's all the bank's online scheme provides, this may negate the argument that the user's negligence was the sole/primary cause of the loss. In most states, you have additional protections under state law. DS
Current thread:
- Re: OT: Re: User negligence?, (continued)
- Re: OT: Re: User negligence? Len Rose (Jul 26)
- Re: OT: Re: User negligence? Alex Rubenstein (Jul 26)
- Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Sean Donelan (Jul 26)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Rob Thomas (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Vinny Abello (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User negligence?) Vinny Abello (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Paul Vixie (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Patrick (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Paul Vixie (Jul 27)
- Re: Its not just Spam and DDOS anymore (was Re: OT: Re: User Patrick (Jul 27)
- RE: OT: Re: User negligence? David Schwartz (Jul 27)
- Re: OT: Re: User negligence? Simon Lockhart (Jul 27)
- Re: User negligence? Sean Donelan (Jul 27)
- Re: User negligence? Kandra Nygårds (Jul 27)
- Re: User negligence? Owen DeLong (Jul 27)
- Re: User negligence? James H. Cloos Jr. (Jul 27)
- Re: User negligence? JC Dill (Jul 27)
- Re: User negligence? David Lesher (Jul 27)
- Re: User negligence? JC Dill (Jul 27)