The Epic American Credit and Bond Bubble Laboratory Message Board

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Strategies & Market Trends : The Epic American Credit and Bond Bubble Laboratory

Public Reply Prvt Reply Mark as Last Read File

Previous 10 Next 10 Previous Next

To: Skywatcher who wrote (34084)	6/7/2005 3:20:20 PM
From: mishedlo	Read Replies (1) of 110194

When I worked at First National Bank of Chicago, Later merged with Bank One, a decision was made to outsource the entire operation to FDC. I can tell you flat out you would be amazed at the code FDC was running. A single program of 1 million lines of Cobol code ran practically their entire operation. Perhaps that has changed now but somehow I doubt it. Anway their encryption algorythms were so slow they wanted us to send the a file of accounts and unencrypted PIN numbers. We are talking 10 million plastics along with PIN numbers and other sensitive info. Bank One would not agree so it did not go out like that. But FDC F'd up one of the conversions and people got the wrong PIN numbers. I had to prove it was their fault not ours. I wrote most of our encryption code. It was a call to an IBM "black box" really with various routines such as assign a pin, change a pin, verify a pin, authorize a pin coming in over a terminal etc. I really knew how all of that worked. I had to beause I wrote it. I did not know the master codes, but at one point I had to prove the codes we had locked up in the master vault were not the correct ones! They wanted me to prove that to them on the test system. Sorry, not possible. In fact, it turned out the codes in the matser vault were the codes for the test system and not production. I forget where they found the real codes, but eventually they entered by someone into the black box (that took 3 keys I think, two to the black box itself) were stored away. There are two sets of numbers. One person enetered one set, and another person entered the second set. I genererated production PINS for people and they verified their PIN numbers so we now knew the right set was in the vault. Obviously the right set was in the black box, but they did not match what was in the safe. Given access to production (to fix problems or whatever) I could get anyone's PIN number I wanted. I could easily have written out a file for "my own purposes" of every acct/pin number combination that we had. I was a consultant. There was one person high up in the organization that kept asking about me. Wanted to know if I was fingerprinted. He did not like the fact that I was an outside conultant with all that knowlege. Actually I was the only person that I know that was in fact never fingerprinted when I was hired. How much would a file of plastics together with their PIN number for every account at Bank One be worth on the open market? My reckoning is that I would have been killed for it. Mish

Report TOU Violation

Share This Post

Public Reply Prvt Reply Mark as Last Read File

Previous 10 Next 10 Previous Next