Comment by closewith
7 months ago
> Almost everyone (very close to literally everyone) uses PIX and we have zero reported cases of mishap, errors or bad faith attacks...?
Earlier this month, hackers using credentials purchased from a C&M employee were able to generate unauthorised PIX transactions on client banks and steal at least BRL$ 500 MM, and maybe as much as BRL $ 5 BN, so it's definitely not fool proof.
> Hope this does not sound dismissive - as a heavy user with no complaints for years, why should I care PIX is a black box?
Brazilians in general are very accepting of government surveillance, with the omnipresent CPF and now complete disclosure of almost all consumer transactions to the State. It's always surprised me, TBH, given the very recent history of dictatorship and unbounded potential for abuse.
> Earlier this month, hackers using credentials purchased from a C&M employee were able to generate unauthorised PIX transactions
To be clear - This was a "bank robbery" (inside job, given usage of credentials?) and in absolutely zero ways affects trust in Pix as a user
As for your other point - thanks, our values and concerns are not aligned; it would be hard for us to agree on this
> To be clear - This was a "bank robbery" (inside job, given usage of credentials?) and in absolutely zero ways affects trust in Pix as a user
Well, that doesn't appear to have been the case. Instead it seems to have been an attack that leverage a as-yet-unknown weakness in the Pix protocol that seems to have allowed something similar to impersonation. Whether it has affected your trust in Pix is almost immaterial, as it has rocked institutional trust in the protocol and platform.
As for user trust, with endless malware attacks like PixPirate, PixBankBot, GoPix, etc,
> As for your other point - thanks, our values and concerns are not aligned; it would be hard for us to agree on this
That's an interesting claim - how do you know my values and concerns?