7 posts • joined Friday 10th December 2010 13:13 GMT
It's not about techniology, it's about risk.
The "problem" comes down to one of risk management. What is the risk to the assets involved versus what access to those assets is worth to the organisation and what it would cost them should they be compromised.
Once you have an understanding of the risks and costs you can start to look at mitigating those risks and the cost of mitigation versus value of the assets and the benefit of allowing mobile access.
In technology terms the solutions are already out there, the question is; do they provide a sufficient reduction in risk to justify the expenditure against the business benefit?
Nice idea but lacking one thing
If I plug my MacBook into one of these I can't use the screen, only my desktop monitor. FIne if you only ever use one display, but not so great for those of us who run the MacBook acreena nd a seperate monitor as well.
Re: How crooks make money from this.
This isn't a case of opportunist hackers this is serious organised crime getting involved.
It works because anyone can apply for a carbon trading account subject to some basic, but it seems easily faked, background checks.
The mechanism is that they will compromise a legitimate trading account and transfer the carbon certificates to one or more compromised accounts or companies in another countries. Most have been in the former eastern block countries. They end up in a dummy which is then used to sell the certificates on the open spot market and the resulting cash siphoned off.
Because the only identification on the certificates is the serial number, and the only way to check ownership is to go back to the original issuing body and follow the trail of trades associated with those certificates traders assume that ownership is proof of legitimacy. Once the certificates have been stolen the thieves disappear with the cash. The whole issue is compounded by the fact that in a number of jurisdictions there is no requirement for the purchaser to return goods when they are shown to have been stolen.
By the time the whole mess is sorted out, ownership proved and the trades traced the perpetrators are long gone.
Rightly or wrongly
the carbon trading market is a reality. What is also a reality is the laughable levels of security in place around what is a multi-million Euro market.
Account security it limited to a pre-generated user ID and passwords on a 90 day expiry. No tokens, no additional verification of identity, just a simple account that lets you trade millions of carbon certificates. Apart from a rather perfunctory plea not to answer phishing emails there is no further advice on the registry website on securing the accounts or managing access.
For something this valuable ( Holcim Romania lost something in the region of 20M Euro ) you'd think they could put in some decent security or at least offer advice to their account holders.
Easy to do without the sugar and icecream.
Same glass but fill with crushed ice first.
Brown or Green booze in first ( Tia Maria, Kahlua / Midori, Creme de Menth)
The Ice makes it easier to layer up the drinks and adds some texture to the whole thing.
Slice of Lemon for the sun and a straw. Then drink. Carefully.
- World's OLDEST human DNA found in leg bone – but that's not the only boning going on...
- Lightning strikes USB bosses: Next-gen jacks will be REVERSIBLE
- Pics Brit inventors' GRAVITY POWERED LIGHT ships out after just 1 year
- Facebook offshores HUGE WAD OF CASH to Caymans - via Ireland
- Microsoft teams up with Feds, Europol in ZeroAccess botnet zombie hunt