funsec mailing list archives
Re: PCI compliance
From: Drsolly <drsollyp () drsolly com>
Date: Sat, 4 Apr 2009 09:51:41 +0100 (BST)
Yes, and I remember the UK government security approval scheme, where you got approved if your product did what you said it would do, irrespective of whether that was actually useful. I kept threatening to have a product approved "comes in a blue box", and that would actually have been approved, after someone checked that it did indeed come in a blue box. On Fri, 3 Apr 2009, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:
Date sent: Fri, 03 Apr 2009 23:18:00 +0100 (BST) From: Drsolly <drsollyp () drsolly com>The logic is impeccable. PCI DSS is only concerned about data kept in electronic form. By using pencil and paper, he remains PCI DSS compliant.I agree that, in terms of compliance, the logic works. It reminds me of ISO27k in that regard: if you are troubled by any particular vulnerability, and don't want to fix it, just ask to have it (or related system) removed from scope ... ====================== (quote inserted randomly by Pegasus Mailer) rslade () vcn bc ca slade () victoria tc ca rslade () computercrime org Beware of all enterprises that require a new set of clothes. - Henry David Thoreau http://victoria.tc.ca/techrev/rms.htm http://blog.isc2.org/isc2_blog/slade/index.html http://twitter.com/rslade http://blogs.securiteam.com/index.php/archives/author/p1/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- PCI compliance Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 02)
- Re: PCI compliance Drsolly (Apr 03)
- Re: PCI compliance Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 03)
- Re: PCI compliance Drsolly (Apr 04)
- Re: PCI compliance Rob, grandpa of Ryan, Trevor, Devon & Hannah (Apr 03)
- Re: PCI compliance Drsolly (Apr 03)