[wodencafe]

Put the cyber-snooping aspect aside for a minute.

Where have the banks been?

Why didn't this Andrew Kennedy guy (or any other banks) chime in when this was fresh?

Why did this only become relevant to them at the last minute? Forgive me, but I have no sympathy for these institutions. If they really cared about Security, they would have dealt with this nonsense a long time ago.

You want to excuse the banks because they are "big businesses [that] have regulations you don't understand or even care about", but for institutions where security is of critical importance, why haven't they been following this more closely?

This a case of pure neglect and greed.

[riskable]

Do not assume that the people who are responsible for monitoring such things (at the big banks) have only their employer's purse in mind.

One cannot rule out... <whistles with fingers in ears>

Someone's going to get vastly improved security whether they want it or not!

Protocols like TLS protect bank customers from fraud. It is the bank's duty first and foremost to protect their every day customers. If Wall Street always comes first banking's primary product will be despair.

[wodencafe]

> If Wall Street always comes first banking's primary product will be despair.

This has already come to be :)

[kabdib]

No surprise, given the quality of the edge software of most banking systems. With few exceptions, they are howlingly bad. I cannot imagine what the insides of them are like.

[wodencafe]

It's turtles all the way down.