Keep your money under your mattress
Jun. 13th, 2001 12:55 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mbarrickH@x0ring the bank
OK, this is the second largest bank in the world, you'd think they'd have it more together. In the six weeks I have been here I have punched holes out through and around the proxy server and firewall to get at blocked sites (like LiveJournal!). That's not so bad other than it potentially means I could circumvent the download and e-mail anti-virus security, but that's meaningless from the point of view of doing something malicious since I could walk in with evil software on a floppy or a CD and cause havoc that way, so big deal. Today, however, I found a nice little hole in one of the key applications I happen to be working on that is based on the fact that the corporate inertia here is so powerful that they are running server software that is years old and has very well documented security holes. Any disgruntled employee in Canada who has the brains to do a search at astalavista.box.sk could drop several of the key applications here. I can't imagine any other bank is any better. My recent experience with the Royal Bank certainly proved to me that their systems are just as fucked up as the ones here.
OK, this is the second largest bank in the world, you'd think they'd have it more together. In the six weeks I have been here I have punched holes out through and around the proxy server and firewall to get at blocked sites (like LiveJournal!). That's not so bad other than it potentially means I could circumvent the download and e-mail anti-virus security, but that's meaningless from the point of view of doing something malicious since I could walk in with evil software on a floppy or a CD and cause havoc that way, so big deal. Today, however, I found a nice little hole in one of the key applications I happen to be working on that is based on the fact that the corporate inertia here is so powerful that they are running server software that is years old and has very well documented security holes. Any disgruntled employee in Canada who has the brains to do a search at astalavista.box.sk could drop several of the key applications here. I can't imagine any other bank is any better. My recent experience with the Royal Bank certainly proved to me that their systems are just as fucked up as the ones here.
