https://en.wikipedia.org/wiki/Societ...ation#Security Very sophisticated. Totally unwarranted swipe against bangladesh in previous posts. The SWIFT system is widely used and at least two or three other similar incidents are known to have taken place.

I did not intend my comments to be "a swipe against Bangladesh," because the truth of the matter is that anyone ... or, any company ... might easily find opportunity, and find that opportunity irresistible.

The vulnerability is not one of simple technology: it is a vulnerability borne of misplaced human trust. In a world of "trust, but verify," we cannot verify and we often should not trust.

• We cannot verify that there is not a "weak link" anywhere in our vast chain that has, say, modified the application software or the (open source) operating system, or both.
• We do not exercise any sort of licensure or professional credentialing, as we do with plumbers or low-voltage wiring contractors, to regulate who has access to our software and how it is being maintained.

No matter how technically "secure" SWIFT (or any other system) might be on-paper, what matters most is the human environment in which it is deployed. This statement could be made, not only for high-dollar systems like SWIFT, but really for on-line transaction processing of all sorts. We have been "loosy goosy," so to speak, about all of these things, and we're constantly paying a billion-dollar price.

You all see the Bitcoin theft story that came out this weekend?

http://moneyandstate.com/looting-of-the-fox/

(spoiler for SundialSVCS: yes, it was an inside job).

We can't avoid the realization that "it was an inside job" is the most-plausible explanation for most of these things. And, we should not only "plan accordingly," but be pro-active in changing ... our own industry. At least, then, we have a faint hope of positively influencing what politicians do (to us).