W3C home > Mailing lists > Public > public-webapps@w3.org > January to March 2015

Re: The futile war between Native and Web

From: Jeffrey Walton <noloader@gmail.com>
Date: Mon, 16 Feb 2015 03:29:33 -0500
Message-ID: <CAH8yC8m9NBNxUfJsv=NNo2FmkCq-Me1kDaRsCRwsG0YbpW3Lcw@mail.gmail.com>
To: Florian Bösch <pyalot@gmail.com>
Cc: public-webapps WG <public-webapps@w3.org>
On Mon, Feb 16, 2015 at 3:17 AM, Florian Bösch <pyalot@gmail.com> wrote:
> On Mon, Feb 16, 2015 at 9:08 AM, Jeffrey Walton <noloader@gmail.com> wrote:
>>
>> I'd hardly consider an account holder's data as high value. Medium at
>> best and likely low value. But that's just me.
>
> Of course if the data is compromised it means that an attacker can also
> remote-control your e-banking interface, and issue payments and so forth.
> I'm sure that's not "high value" either?

No, that's definitely not high value from my experience with three US
financial firms. In US financial, those losses are simply passed on to
share holders. Risk is democratized, reward is privatized.

Perhaps you should talk to other security architects with experience
in financial and see what they have to say.

Jeff
Received on Monday, 16 February 2015 08:30:00 UTC

This archive was generated by hypermail 2.3.1 : Friday, 27 October 2017 07:27:25 UTC