My point is that anyone who has accepted payment from me will automatically have my name, card issuer's name and card number on file (and possibly my email address too if they were an online merchant), so claiming that I can authenticate an email proporting to come from my card issuer by checking that my name and the last 4 digits of the card number are quoted in it is patently bullshit (the vendor does not need physical access to the card to get this information - you have to give them exactly this information in order to make a transaction). Even using the bank account number, rather than the card number would be risky since this information is also available to retailers who have accepted my card.

This isn't about "keeping the physical card secure", this is about the banks making their emails actually authenticatable rather than implementing some security theatre that does nothing but give people a false sense of security.

Please go back and read the whole thread - none of this discussion was about making fraudulent debit/credit card transactions; this was about banks using trivially obtainable information, such as credit card numbers, post codes, etc. in an insecure attempt to allow the customer to authenticate an email, rather than using a strong cryptographic signature that the email client can verify (which, seemingly contrarary to general belief on slashdot, *is* standardised in the form of S/MIME).

This is precisely the point - they are able to access other information by virtue of phishing. The banks are sending out legitimate emails with links to web pages on domains that aren't the bank's main domain, that ask for authentication credentials and telling the recipient that its all perfectly safe because they can authenticate the email by checking that some trivial information (last 4 digits of CC number, post code, etc.) is in it. If you want to gain access to someone's bank account, all you need to do is:
1. Obtain access to the customer database on some retailer's website (this seems to happen with reasonable frequency anyway).
2. Register a domain that looks almost-but-not-quite like a bank's domain (e.g. register mybankonline.com if you're targetting mybank.com customers).
3. Build a website on the mybankonline.com domain that looks like mybank.com's website, including authentic looking login pages that will collect a user's login details.
4. From the database obtained in (1), pick out all the email addresses, post codes and card numbers of people who have a card issued by mybank.com.
5. Send out authentic looking emails to the email addresses you found in (4), remembering to include their post code and the last 4 digits of their credit card number in the email. Include a "log in" link that points at your fake website. Remember to add some friendly information to the email along the lines of "So you know that emails we send are genuinely from us, we will always quote the last 4 digits of your account number." (*)
6. Sit back and wait for the credentials to roll in, because there is absolutely *nothing* the user could do to tell this apart from the legitimate emails the banks are sending out. You've now gained access to the accounts of rather a lot of customers.

(* This text was taken from a real legitimate email from Capital One. Other banks do similar).

Again, please go back and read the thread - you seem to be replying to a conversation that we are not having rather than the one we are...

My "regular bank" credit and debit cards have both the Visa/Mastercard number, *and* the bank account number printed across the front of the card. I wouldn't mind betting that both numbers are encoded on the magstripe, although its very rare for cards to be swiped these days (I'm not entirely sure what data retailers get to see during a chip&pin transaction though).

Swiss banks must be decidedly more clueful than British ones then. Most of the British banks seem to think that putting some easilly obtainable PII in a plain text email allows you to authenticate it.

A few years ago, the Nationwide took to sending me marketing email that:
1. Came from a domain other than nationwide.co.uk.
2. Included web links to their product descriptions, but also not at nationwide.co.uk (can't remember the exact domain, probably something like nationwidebanking.co.uk or nationwideonline.co.uk - either way, something that could easilly have been registered by a third party.
3. Included the first half of my post code.
4. Wasn't electronically signed.

I complained to them, pointing out that although the stuff they linked to didn't actually ask for any personal account details(*), they were basically muddying the waters when it came to people being able to identify phishing emails from legitimate emails and that they were training people to expect legitimate emails to employ exactly the same properties as phishing emails, which is obviously very bad for security. I also pointed out that it would be better for them to use a technology like S/MIME to allow the user to authenticate the email, rather than some trivially publically available information like half a post code.

They responded - basically they couldn't understand any of my points about why what they were doing was a bad idea or why a postcode isn't suitable authentication criteria.

I escallated the complaint to the regulator. They refused to get involved.

In the end I ended up closing my Nationwide accounts - mainly because of several repeated screwups, one of which almost caused a house purchase to fall through (which they compounded by refusing to talk to me about when I was trying to sort it out); but their utter lack of clue about security certainly played a part.

Unfortunately, since that time, almost all the banks I use have started doing similar stuff. I brought this up with a friend who works in the highstreet banking sector (although not on the IT side) and he pointed out that the banks are generally not interested in security, they only want to limit their liability - if a bank were to sign all their emails and their key got compromised then the bank would be liable, whereas if the customer hands their details to a phisher because the bank has trained them that they should expect legitimate emails to look like phishing emails then the customer is liable.

I would find it very useful for banks, credit card companies, etc. to email my statements to me (encrypted and signed), as this would allow me to automate archiving of them. It seems very unlikely to happen any time soon though.

Here's a good example of bad email from a bank - in this case, Capital One, a credit card issuer, they email me monthly to say my account statement is ready for download from their website:
1. The email comes from capitaloneonline.co.uk - why not capitalone.co.uk, which is their usual domain?
2. It includes my name and the last 4 digits of my credit card number and says: "So you know that emails we send are genuinely from us, we will always quote the last 4 digits of your account number." - my name, card number and the fact that the card is issued by Capital One are going to be known by *anyone* who has accepted payment from my card. Not exactly great authentication credentials.
3. It includes an "access your account" link, which takes me to the sign-in page on the capitalone.co.uk site. At least they're using the right domain this time, but still it seems risky training people to click random links in emails and then enter their account details.
4. The email is not signed.
5. I know most people won't look at email headers, but if you do you can see the originating system is tsyseurope.com - that doesn't seem to be in any way connected with Captial One, even the whois record doesn't seem to show an obvious association.

Yes, it is standard. Go look up S/MIME.

That's what S/MIME is for... unfortunately no one uses it.

Evilness doesn't really come into it... Microsoft has written software that uses a third party service in a way that that third party's T&Cs disallow. You're free to avoid services on the grounds that you don't like their T&Cs, but you don't get to just ignore the T&Cs, especially when you're operating commercially.

Didn't that require converting several universes worth of mass into energy to power it?

"Encrypted" often just means the connection to the server is encrypted - that prevents everyone except the server operator from snooping. What you really want is end-to-end encryption, but I wouldn't trust a service to be doing that unless they actually said they were.

Skype did used to ahve a reputation for being secure, based purely on Skype's claims that they were secure. As you point out, they refuse to let anyone actually check their claims, but unfortunately people often take vendor's claims at face value. That was right up until a bunch of people got arrested in China a few years back, after Skype gave the Chinese government access to these supposidly "secure" instant messages - since then it's been quite obvious that there's no end-to-end encryption going on.

My point was, if your equipment is old and reaching the end of its servicable life, the chance of failure is high. Replacing it reduces the chance of failure, just having a warranty does not - if it dies then it dies, whether or not you get some pitiful payout when it does.

Yeah, coz Google would *never* read your private data...

My ISP recently expressed shock when I told them one of my DSL modems was over 10 years old... I'm not entirely sure why they thought it would've been worth replacing - a DSL modem is a DSL modem, a new one isn't going to do anything the old one didn't do, so why bother replacing it? Anyway, the firmwares on consumer grade kit are still junk, so "upgrading" was always most likely to just replace one set of serious bugs with another set of serious bugs...

All too often:
  - You're a small/large shop with enough money and the equipment is doing critical work: Ignore advice to have a spare/redundant configuration, scream blue murder when it breaks. (And usually after a big outage like that, once its all up and running, they *still* ignore the advice to have spares).

A "life time warranty" (even if it really is - most life time warranties are the life of the product, which can be very short indeed) only means the vendor will pay out or replace stuff if it dies. All equipment dies at some point - if some equipment is mission critical then you shouldn't run it into the ground just because the vendor will replace it when it dies. (Of course, really mission critical stuff should have backup equipment ready to go too!)

That said, equipment follows a "bath tub" curve and I often think that people replace it too soon. I see a lot of "that's 3 years old, we should replace it", which seems bonkers to me - if a bit of equipment has been working very reliably for 3 years, I would certainly hesitate to replace it with shiny new (untested) kit.

Yes. My first Android phone was the HTC Dream. An excellent little phone (albeit with not quite enough ram), and a much nicer keyboard than any other device I've used. These days I've settled on a Samsung Captivate Glide, but the keyboard isn't as nice, the phone's a little too big and the software support from Samsung is abysmal - I'm still on Gingerbread; they did eventually release an ICS firmware after a very long wait, but it is widely regarded as unusably buggy. The xda-developers community have been reasonably successful at porting CyanogenMod to it, but there are still some serious bugs (notably with bluetooth and GPS) which are holding me back from upgrading.

And what would happen if all the gold being hoarded in vaults were dropped onto the market to be used for *useful* stuff?

Anyway, supply and demand doesn't mean that the price will stay above the production cost - it could easilly be that there is too much being produced at this time - yes, producers of any product have problems if the buyers value the product less than the cost to produce it.