*BSD News Article 62403


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!newshost.telstra.net!act.news.telstra.net!psgrain!news.uoregon.edu!news-feed.iguide.com!uunet!in2.uu.net!newsfeed.internetmci.com!vixen.cso.uiuc.edu!ehsn25.cen.uiuc.edu!jroberts
From: jroberts@ehsn25.cen.uiuc.edu (Jason V. Robertson)
Newsgroups: comp.os.linux.development.system,comp.os.linux.misc,comp.os.linux.networking,comp.unix.bsd.freebsd.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.bsdi.misc
Subject: Re: need secure OS to entrust millions to
Date: 26 Feb 1996 19:32:39 GMT
Organization: University of Illinois
Lines: 34
Message-ID: <4gt1sn$c1t@vixen.cso.uiuc.edu>
References: <4gi6t6$3h9@lace.colorado.edu> <4gssap$4ki@news.mountain.net>
Reply-To: jroberts@uiuc.edu (Jason Robertson)
NNTP-Posting-Host: ehsn25.cen.uiuc.edu
Xref: euryale.cc.adfa.oz.au comp.os.linux.development.system:18274 comp.os.linux.misc:89155 comp.os.linux.networking:30039 comp.unix.bsd.freebsd.misc:14543 comp.unix.bsd.netbsd.misc:2356 comp.unix.bsd.bsdi.misc:2504

In article <4gssap$4ki@news.mountain.net> rprowel@nttc.edu (R. Prowel) writes:
>In article <4gi6t6$3h9@lace.colorado.edu>,
>   wilcoxb@cs.colorado.edu (Bryce) wrote:
>>-----BEGIN PGP SIGNED MESSAGE-----
>>
>>I'm writing documentation which advises banks on how to
>>setup an electronic banking software package on a
>>Net-connected, firewall-protected Intel box.  Some of the
>>most important banks in the world will be reading this
>>documentation very soon.  The current version of the 
>>documentation, which I inherited, advises them to run
>>FreeBSD or BSDI.  I'm considering changing this
>>recommendation to Linux.  
>>
>
>My recommendation for your clients is DONT!  I am a privacy and
>security advocate who has a real problem with any fincancial 
>transactions taking place over public networks such as the 
>InterNet.  I refuse to do business with entities who are so
>irresponsible as to move any records containing information about 
>me across public data networks.
>
>Don't be naive.  The concept of an absolutely secure network
>connected system is a pipe dream.
>
>PS- the preceeding opinions are mine, and they are, of course the 
>right opinions to have.

It's more secure than mail or the phone, if done properly.  If you encrypt
the data securely before you send it out then there's no real problem, or at
least no problem that you wouldn't have no matter how you transfer the data.

Add careful filtering and other processing of the data and you can be about as
secure as possible.