funsec mailing list archives
Former Hannaford CIO: Avoid Microsoft and Change PCI's Encryption Rule s
From: "Paul Ferguson" <fergdawg () netzero net>
Date: Fri, 11 Jul 2008 06:00:20 GMT
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Via StorefrontBacktalk. [snip] Bill Homa, who just stepped down July 1 as the CIO for the 165-store Hannaford grocery chain, considers Microsoft's OS to be "so full of holes" and describes the fact that current PCI regs do not require end-to-end encryption as "astonishing." But Homa's key point is that most retailers handle security backwards: Don't pour everything in protecting the frontdoor. Assume they'll get through and have a plan to control them once they're inside. One of the most frustrating IT security realities in retail today is the quintessential oxymoron: the more serious the CIO is about keeping data secure and the more sophisticated a defense is deployed, the more points of vulnerability emerge. [snip] More: http://storefrontbacktalk.com/story/071108homa - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.6.3 (Build 3017) wj8DBQFIdvbwq1pz9mNUZTMRApgsAKDlDkp5kdPjRIVIxqx81RMRvJTH0ACeJ95Q wTtu/veg+jTQTJY1fJ/ETmw= =2PZw -----END PGP SIGNATURE----- -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg(at)netzero.net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Former Hannaford CIO: Avoid Microsoft and Change PCI's Encryption Rule s Paul Ferguson (Jul 10)
- Re: Former Hannaford CIO: Avoid Microsoft and Change PCI'sEncryption Rule s Alex Eckelberry (Jul 11)