Hi Brian,
Are there any specific new security problems introduced when using DIME to send binary data from a web service? What reccomendations do you have to provide adequate security?
I also want to say that I agree wholeheartedly with your pragmatic view of security. I think that if an organization realizes that their security isn't perfect, that it
is possible for someone who is determined to perpetrate some form of fraud or mischief to do so, everyone in the organization will be more alert and vigilant. Complacency is itself a vulnerability.
I've found in many eCommerce ventures that the most profitable thefts were not based solely on a technolical flaw, but also other vulnerabilities in the chain of operations. Particularly in the realm of credit cards. Don't forget that 'Dumpster diving' is still a great source of information for those that would steal.
Anyways, I'd appreciate any tidbits you could pass along regarding DIME.
Thanks.
Sincerely,
Lindsay Morsillo