Comments for ScottFromSecurity.com https://scottfromsecurity.com/blog The ROI of Info Sec is the absence of chaos, or in other words Boring is Beautiful Wed, 29 Feb 2012 03:21:27 +0000 hourly 1 http://wordpress.org/?v= Comment on Security I want around my online banking experience… by Scott Lockington https://scottfromsecurity.com/blog/2012/02/16/security-i-want-around-my-online-banking-experience/comment-page-1/#comment-114 Scott Lockington Wed, 29 Feb 2012 03:21:27 +0000 http://scottfromsecurity.com/blog/?p=442#comment-114 Thanks Jack, That's an excellent point. The average user certainly has a large part of the blame for the stolen money. But with banks on the hook for some or all of it, I wonder how many dollars it will take for the banks to lose each year before their view of the risk/reward ratio will change enough for them to add in some basic good practice protections around the currently broken online banking experience. Thanks Jack,
That’s an excellent point. The average user certainly has a large part of the blame for the stolen money. But with banks on the hook for some or all of it, I wonder how many dollars it will take for the banks to lose each year before their view of the risk/reward ratio will change enough for them to add in some basic good practice protections around the currently broken online banking experience.

]]> Comment on Security I want around my online banking experience… by JD https://scottfromsecurity.com/blog/2012/02/16/security-i-want-around-my-online-banking-experience/comment-page-1/#comment-113 JD Tue, 28 Feb 2012 16:58:30 +0000 http://scottfromsecurity.com/blog/?p=442#comment-113 Scott, Good stuff. We all know we could go with further technical steps for the end-user (live CD, two-factor) but we have to be realistic with the technical level of the end-user. Your summary of suggestions could be implemented at a single point (bank) vs. having every end user try to improve their security posture on their end workstation, which is not realistic. Scott,

Good stuff. We all know we could go with further technical steps for the end-user (live CD, two-factor) but we have to be realistic with the technical level of the end-user. Your summary of suggestions could be implemented at a single point (bank) vs. having every end user try to improve their security posture on their end workstation, which is not realistic.

]]> Comment on The startup that didn’t start… by Brian https://scottfromsecurity.com/blog/2012/01/01/the-startup-that-didnt-start/comment-page-1/#comment-108 Brian Tue, 31 Jan 2012 15:35:12 +0000 http://scottfromsecurity.com/blog/?p=364#comment-108 looking good. looking good.

]]>