Tuesday, April 19, 2011

Security - a scam?

Some companies make a business by providing security - airport security, building security, computer security, internet banking security and other types of security. They exaggerate the risks that can arise from lack of security and provide expensive solutions to solve these risks. They make a lot of profit from these solutions.

Apart from the high cost and burden to the businesses, which are passed to consumers, these security measures add to the hassle of life. Life is already so stressful and the excessive security measures make life more complicated.

If airport security is loosen, what will happen? Maybe a plane might fall to terrorists every few years. The number of people that is killed would still be quite small, compared to deaths by road accidents. I am not suggesting that the airport security be removed entirely. I am suggesting more sensible ways to implement security that is less costly, less troublesome and still quite effective.

I have the same observation for internet banking security. We have gone overboard in giving so many layers of security for small payments through bank transfer or credit cards. In the real world, the cash in my pocket can be easily stolen. Someone can take my check book and forge my signature. The real world carries more  real risks than hacking through the internet. Why do we need to over-emphasize the security risks of computer systems?

The biggest scam is the y2k. Many consultants and accounting firms exaggerate the risks to computer systems that could occur when the date passes through midnight of 31 December 1999,. They pocketed hundred of millions of consultancy and security fees. Nothing happened when the world enters into the 1st second of 2000. The companies that paid the millions were conned, and they were too ashamed to admit it. The key people  responsible for this waste were the regulators, who fell for the con  and imposed strong requirements on the banks, insurance companies and other businesses to implement the y2k security measures.

I ask for the people responsible to use their common sense and evaluate the costs of prevention against the benefits of avoiding loss - i.e. to exercise risk management in a sensible way. If the cost is excessive, it is better to take the risk (i.e risk retention). If preventive measures have to be taken, choose the appropriate measures that are cost effective.

Tan Kin Lian

4 comments:

Unknown said...

Again you comment about the unnecessary level of security on internet banking, but I disagree. I am very happy with the 2FA authentication that Singapore banks have. Many developed nations do not have such high level of security for online banking. Recently, Google also came up with their own 2FA for Gmail. Maybe identity theft does not occur that often in Singapore which is why people take it for granted?

Spur said...

Another big con was the anti-viral drugs business surrounding H1N1. The big drug companies encouraged doomsday scenarios and paid for documentaries, doctors and scientists to paint an extreme case scenario to hype up the market for their products --- many of which were hastily rushed through medical trials and approved by authorities even though they have plenty of side effects, especially for young children.

Govts around the world and WHO all bought into the drug companies hyperbole, and started buying up those over-priced and over-hyped drugs. People were urged to get themselves and their children injected with these drugs. Some govts even made it such that those who refuse were seen as anti-social and potential disease carriers out to cause harm to the community.

Our own govt and MOH also kenna conned and spent hundreds of millions of taxpayer monies to buy those drugs. Now most of the drugs are sitting in air-con warehouses unused. MOH has given out these drugs FOC or at very low cost to GPs, but now everybody doesn't want to be injected with them, becoz of published side effects around the world. Medicines have limited shelf life (usually 2 or 3 yrs), especially such anti-virals based on biologics. They will become expired by end-2011 or by mid-2012. That's why MOH now giving out FOC but nobody wants now.

Tan Kin Lian said...

Hi Garrett
The 2FA is okay. But, why must each credit card payment go through a mobile phone confirmation? Even for small payments?
My friend used to be able to buy movie tickets online. Now, he can't, as they require him to enter a 2FA and he kept it at home. I asked him to bring his 2FA along with him, but he found it not practical.

Weng Mao Fa said...

The worst scam is intellengent of X superpower to create conflict to destabalise a region. Thereafer, affected countries has a reason to increase defence expenses and buy more weapon from the X or Y superpower.

Weapon exporters would laughing all his way. Ordinary folk and children are crying and suffering in a world political stage.

Blog Archive