And as we both know, the "passive sniffing attacker" is a myth. If you can sniff packets, you can intercept traffic. We don't reason about security mechanisms by tying the attackers hands behind their back.
Management made the decision that my trivial change to eliminate replay attacks was "too much effort". I am inclined to agree, since even with such a change the effort required to circumvent their entire so-called security is minimal.
Next quarter they're introducing e-commerce solutions. Dear god.
One might argue that, if an unnamed company's e-commerce solution would put a lot of people at risk, and an unnamed engineer can prove it, that unnamed engineer has an ethical obligation to discreetly report the vulnerability first to the unnamed company, then to successively more influential and more public venues (e.g. consumer protection groups, security research groups, etc.), until the company responds.
