Originally posted by smith88
reply to post by longlostbrother
I am speaking speculatively... also programming at this level is extremely complex. This isn't a generalization otherwise the work could be reverse
engineered fairly easy (I'm speaking generally for that's not the focus of my comments...). Maybe you are extremely talented in this field as well; I
don't really know. But to a majority in the industry it's extremely complex. Talking very advanced algorithms here, etc...
This is not my point either, that's a bit of a rabbit trail... you do make good, valid points none the less- thank you.
That's not how this sort of programming works, I'd imagine.
I'd imagine it's some sort of object oriented thing, that's a mix of bespoke and off the shelf, because it's ridiculous to rewrite working tools when
existing ones are safe and secure.
So things like encryption for transferring data and storing data, that stuff has existed for yonks and is unbreakable. That's not something a CC
Fraud/Bank Fraud programming expert is gonna be writing... the field is highly specialised, and as a team leader he may or may not even be coding on a
daily basis any more.
Very very little of this stuff is new ground-up projects, when it comes to banking... in fact, if you remember that HSBC/Bank of Scotland debacle last
month, the software they were using to batch update accounts is both the the industry standard AND extremely old (in software terms).
Why use old stuff or third party stuff?
You use old stuff for a few main reasons:
- The secure systems a bank use (for example) are bespoke and, for obvious reasons, don't get updated too frequently. So that's the "if it's not
broke"/"don't mess with success" reason
- It's been tested in the real world, they don't need to hire new staff, they don't need to retrain staff, it's secure, they have contracts with the
people who made it and support it.
Why use third party software libraries/"objects"?
- No one software company has the expert in every facet of their business. Using third party means getting "industry" standards, made by specialists.
The chances of someone being both a commercial banking fraud expert and a encryption expert and a hardware expert and a localisation expert, etc.,
etc. are exactly zero.
- Spending money to stock every "top" firm with dozens of experts, even as consultants, or contractors is wasteful, when there's industry standard
libraries that do all of this in secure and "known" ways.
So, Holmes is probably a very specialised expert dealing with commercial banking fraud (credit cards and probably things like skimming). These are
small individually, but cost millions and millions to banks. IF a company could, using pattern analysis, determine when a card was being used by
someone other than the owner, and kill it sooner than later, after say 2-3 purchases instead of 5-6, it would say untold millions over a few
That's the most likely, IMO, scenario re: Holmes, as far as the evidence I've seen. He wouldn't be touching real accounts, or investigating fraud,
except way after the fact, and en masse, to develop more meaningful iterations of software.
Chances of any of that bringing him close to really useful info...? 0.000001% or something equally small.
To me, it's like saying the guy who wrote the package tracking software at UPS was part of a drug smuggling ring that used UPS. On the surface you
think... ooh, maybe... but in reality, they couldn't be less connected, in most cases. We've seen no evidence to suggest this is anything but a
edit on 3-8-2012 by longlostbrother because: (no reason given)