North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: Carnivore Update - Public Does Not Care

  • From: Quark Physics
  • Date: Sun Nov 26 20:46:17 2000

> > 5% - Hardware encryption, leased line, keys for hardware encryption
> >      and passwords delivered in seperate parts by different people
> >      after identity verification. No physical connections to gateway
> >      systems. (Federal Reserve, Chase Manhatten Bank...)
> 
> The unknown tier, many of them are banks where minimum security is a
> regulatory thing. It's a part of doing business. I'm not sure, that if left
> to their own devices, that they wouldn't join the majority in in their
> apathy.

We were actually suprised that the good banks are pretty tight and without
real regulations that say exactly what to do. In technology reviews, we've
been asked about Van Eck sniffing, encrypting data while in RAM, and some
pretty impressive other stuff. Of course the bank is the one with the
money at stake.  What worries me, is my experience with corporate style IT
management tells me they only get that paranoid after being burned a few
times. Must have been some expensive lessons.  --Mike--