For years, security people have been trying to show businesses how to be secure. It is still not working. What they haven't realized is they are talking to the wrong end of the horse.
Teach Security to the user at home. Show them how to secure their home computer so that they can do their business on it, preferably for free. Teach it to their kids in school. Start now. Then show them the exact same tools and techniques and rules and safe practices at work. It won't be something new and different, but something they are used to and they know will work. They will not look at it as something to make their job difficult and inconvenient. Show them that by using this at work it will keep them safe at home. It will stop spam and protect them from the botnets and malware that threatens to ruin their business of running their own home.
It is what will keep their kids safe online and their money in their bank and the credit cards in their name and out of the online crooks and scammers. Fraud rates would drop and then their interest rate on all these credit cards would drop. And the chargebacks on all the fraud would stop being charged back to the retailer. And the prices of all of our goods and services would drop also.
Which means the credit card companies would not be making the money they are now. They have set themselves up perfectly. Spam and malware and trojans and botnets and rootkits do not cost the credit card companies a dime.
They have conned the cons.
It's "The Sting" all over again.
They make big business pay for what the credit card companies say they have to have or it's no dice. The businesses continue to pay pentesters and compliance auditors. They continue to buy the newest big and shiny blinky light box or software because someone told them it will solve their problem. It won't. They continue to pay the chargebacks for any fraud that was committed against them and the higher rates the credit card companies charge them. The businesses pass all of these extra costs to them on as a cost directly to the consumers. Us. You and me.
All businesses that do credit card business of any kind.
Even Micky D's.
Hackers and Crackers. Just Say'n.
Your Big Mac costs more because of fraud and the credit card companies.
We pay for the fraud! YOU AND ME!!!
Can I get an AMEN!!!
Believe me, brother, if it were costing them anything, they have more money to throw at this than anybody else on the planet because they have all of our money already. I would not be surprised to find out that it is the credit card companies who are the ones who are paying for the malware to begin with. What the thieves and malware writers don't understand is their paying the same high prices as everybody else even if it is someone else's credit card. They would be able to afford alot more stuff on their on credit card if it all just didn't cost so damn much. The "Cost Of Doing Business" passed down to the working man and woman and working children of working men and women and the working parents of the working man and woman, just to live and raise a family. What a Crock!
And where is the government in all this? Quietly doing whatever the credit card companies tell them to.
They owe them more money than we do.
The banks too, profit from all this, and do all they can to force you to use credit cards. They do nothing to defend your hard earned money in your checking and savings accounts if you fall victim to malware and fraud on your own computer which they have made no effort to help you protect. They actually made money off of the fraudulent transaction in transaction fees or from you, if you catch it in time, with stop payment charges. Or if the credit card companies decide to garnish your accounts, the banks will give your money to them with no regard to your best interest at all. If it's just sittin' in your account then it costs them money.
Win and Win.
I Call Bullshit!!
Bullshit on the credit card companies and the banks that represent them and the governments that let them get away with it. They are the only ones to profit from the whole fiasco. As long as you are working to pay off your credit cards you are also paying taxes with no money left to put in the bank or savings for your retirement. What retirement? You will work until you die as servants to the credit card companies, banks and the government. And then you die. And guess what. Then your estate gets to pay off your credit cards and your bank loans and if there is any money left, your taxes you still owe. It is doubtful if anything will be left to bury you with or to leave to your family. But maybe they can put the funeral on the old Visa, M/C, Amex.
Win and Win and Win.
They have made it so now you can't be your own banker in control of your own money.
Which is absolutely the last thing in the world that they are going to let happen. People in control of their own money.
Blasphemy. End of the World as we know it.
Put the money back in the hands of the people and the government will listen to what you have to say.
Start turning the horse.
These hackers appear to be fairly good coders and would probably work a hell of a lot cheaper than what the credit card companies gouge out of the business every year. Give them a job. And then start paying the pentesters and auditors to secure your employees at home. Show them what they stand to lose there and you will have them in the same mind set when they come in to work to get that paycheck that will now buy so much more stuff because online fraud and spam have disappeared and prices on everything
( and I mean everything, from Quarter Pounders to toilet paper)
will be so much lower, because the businesses no longer have to worry about charge back fees and high interest rates (they borrow from the same folks as we do, sister.)
When you want a business to see where its weakest link is, it is always gonna be Layer 8. The human element. Ask anyone in security "Where is the weakest link?" You will get the same answer every time.
Us. We are the weakest link.
You can not blame the user for being a stupid user if you are not doing everything you can to help them not be one. So why do we not devote all of our time and effort and money in this war on fraud on us? Spend the money and manpower where it will do the most good. Teach us to be secure at home where it means the most to us and we will bring that with us when we come to work.
Keep turning that horse.
We can't allow these machines to get the better of us.
Can you only imagine what this is going to be like when every Layer 8 on the whole bloody planet gets their own Layer 8 IPv6 address. And we all know there is no way to spoof that. Right??? Your Credit card will have its on static IPv6 address. Your phone, your watch, your car, your TV and your refrigerator.
Who you gonna call? The scammers 900 numbers. Which they can now dial for you.
What time is it? Time for Viagra.
Do you want spam coming out of your car? Pay up or no go.
Malware on your flatscreen? Pay up or no HBO.
Scammers in your fridge? Pay up or we'll turn off your freezer or freeze your beer.
This problem must be solved now while it still can be. The businesses should take a small percentage of the money the credit card companies are costing them and spend it on their employees security at home. The users will see where it will make doing the business they do online at home safer, and with cheaper prices and lower interest rates, they will still spend their hard earned money, but now it's a better deal for everyone, not just the credit card companies. We might even have some money left over to save.
And if our online transactions are safe, we might just use our own money on our own debit card to buy something instead of a credit card.
What a concept!
Take back what is ours,
Then secure everyone around you.
All this time you have been talking Security to the wrong end of the horse.
Now turn the horse around and look him in the face.