(Reuters) - Marriott International (MAR.O) said on Friday hackers stole about 500 million records from its Starwood Hotels reservation system in an attack that began four years ago, exposing personal data of customers including some payment card numbers.
And we be hacked many times more under the current system. The inherent failure? Customers never should have given Marriott their specifics in the first place. The reason our IDs get stolen is because we give them away to organizations like Marriott. Instead, we need to have our banker bot just give them the public key needed to complete the sale, and keep the secret key hidden by the banker bot.
My smart card proposal is simple, but fails in one regard. We continue to have laws dis-allowing our possession of honest bots watching our stuff, the smart card is illegal. When the NSA wants secret keys forbidden, they actually desire to peruse our stuff. Those terms are unacceptable, violate basic rights. Techies need to deploy the smart card functionality, they know it.
The big tech companies fear the political correctness crowd. At the heart of Silicon Valley is the desire to control our identities, it is in their politics and their software. Everything built around selling our stuff to others. We can fix this, outside of Silicon Valley, it is not something we can do in the Silicon Valley political atmosphere.
David Mitchell at the Guardian discusses the issue:
I do realise that, if we’re going to have online banking, customers have to take some responsibility for keeping their money secure. If you start putting your passwords on Facebook so friends can help you remember them, banks are put in an impossible position. Then again, if you find the online world impersonal and bewildering, there is no longer a realistic option of banking in the old-fashioned way – of having a personal contact with a bank employee, in a branch you can walk to, to whom you can hand your money and who will hand it back only to you.We’re all forced to engage with internet and telephone banking, with all their possibilities for fraud, primarily because it’s a cost-efficient way for banks to do business. All those high street premises, all the cash and cash machines and UK-based staff created huge overheads. But it doesn’t seem right that the banks benefit from all the cost savings made by going online, while customers take the hit for the consequent ease with which money can be stolen.
Passwords should be generated and held in secret by our hand held bot. Even I should not know my password, the smart card has NFC, it can log in for me. It is, in general impossible to have humans protect identities while in the open web. Hence, put the bot in charge, keep humans out. As long as I have a valid thumb print, the bot can operate safely on my behalf.
No comments:
Post a Comment