CIPC records breached

Some interesting article that popped up:

www.tomshardware.com

White House urges developers to avoid C and C++, use 'memory-safe' programming languages

The languages may pose a security risk when used in critical systems.
www.tomshardware.com www.tomshardware.com

Thank goodness in school, although they taught us Delphi they also encouraged Python. Why people still use C and C++ is beyond me, but maybe its because it seems confusios.

Can't believe Java made it to the safe list. The Standard Bank Business Online app hasn't changed in over a decade and runs on Java. It just feels slow and like it belongs on a feature phone, not on the same system that runs AI.
 
dontcryforme said:
Some interesting article that popped up:

www.tomshardware.com

White House urges developers to avoid C and C++, use 'memory-safe' programming languages

The languages may pose a security risk when used in critical systems.
www.tomshardware.com www.tomshardware.com

Thank goodness in school, although they taught us Delphi they also encouraged Python. Why people still use C and C++ is beyond me, but maybe its because it seems confusios.

Can't believe Java made it to the safe list. The Standard Bank Business Online app hasn't changed in over a decade and runs on Java. It just feels slow and like it belongs on a feature phone, not on the same system that runs AI.
Click to expand...
Why wouldn't java make the safe list..? It's prevalence is enormous.. if used right, it's safe..
 
dontcryforme said:
Some interesting article that popped up:

www.tomshardware.com

White House urges developers to avoid C and C++, use 'memory-safe' programming languages

The languages may pose a security risk when used in critical systems.
www.tomshardware.com www.tomshardware.com

Thank goodness in school, although they taught us Delphi they also encouraged Python. Why people still use C and C++ is beyond me, but maybe its because it seems confusios.

Can't believe Java made it to the safe list. The Standard Bank Business Online app hasn't changed in over a decade and runs on Java. It just feels slow and like it belongs on a feature phone, not on the same system that runs AI.
Click to expand...
It's not "memory safety" that's the risk. For some reason OSes like Windows STILL don't use the features that have been in processors from the 90's that almost completely eliminates unauthorised access.
 
Swa said:
It's not "memory safety" that's the risk. For some reason OSes like Windows STILL don't use the features that have been in processors from the 90's that almost completely eliminates unauthorised access.
Click to expand...
Data centres are also the issue. If the user can reset the root password, so can the data centre employees. That's not a Windows issue.

I've had a case where my password was accessed by a call centre employee without my knowledge. My password to some of our infrastructure at the office was stored in plain text by the provider and shared with a third party call centre.
 
  • Wow
Reactions: Swa
I would like to know how much of this information was really private. A lot of the CIPC information can be search and obtained quite legally (including some of the items mentioned in the article). Was this a real attack or a scrape?
 
  • Like
Reactions: Swa
Johand said:
I would like to know how much of this information was really private. A lot of the CIPC information can be search and obtained quite legally (including some of the items mentioned in the article). Was this a real attack or a scrape?
Click to expand...
A scrape would result in a lot more data transfer than a database dump and be easier to detect, but yes they're being very vague here.
 
Swa said:
A scrape would result in a lot more data transfer than a database dump and be easier to detect, but yes they're being very vague here.
Click to expand...
Very vague but I doubt they were able to scrape payment data unless the CIPC had a payment page with details hidden somewhere so the likelihood is it's far beyond scraping...
 
quovadis said:
Very vague but I doubt they were able to scrape payment data unless the CIPC had a payment page with details hidden somewhere so the likelihood is it's far beyond scraping...
Click to expand...
We don't know if payment data was leaked. They have no idea what was leaked if anything.
 
Swa said:
We don't know if payment data was leaked. They have no idea what was leaked if anything.
Click to expand...
They explicitly mentioned the fact that customers should be vigilant authorizing credit card transactions. No breach notice would include that without reasonable belief that such data was accessed.
 
quovadis said:
They explicitly mentioned the fact that customers should be vigilant authorizing credit card transactions. No breach notice would include that without reasonable belief that such data was accessed.
Click to expand...
They included it because they have no varking idea. That is even worse.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X