funsec mailing list archives
Re: The PCI sky *isn't* falling!
From: Valdis.Kletnieks () vt edu
Date: Mon, 23 Mar 2009 16:05:41 -0400
On Mon, 23 Mar 2009 11:15:20 -0800, "Rob, grandpa of Ryan, Trevor, Devon & Hannah" said:
Industry Data Security Standard (PCI DSS) `remains an effective security tool when implemented properly.'
Why does this remind me of "an important part of this complete breakfast"?
Because they drink the PCI sugar-free kool-aid, fail to eat the 'least privilege' oatmeal, ignore the on-the-wire-crypto toast and jam, only take a sip of the software change control milk - and then wonder why they they feel the 'bits leaving the network' empty stomach before lunchtime.
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: The PCI sky *isn't* falling!, (continued)
- Re: The PCI sky *isn't* falling! Jon Kibler (Mar 24)
- security theater is useful, stop abusing it [was: PCI] Gadi Evron (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] Benjamin April (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] Imri Goldberg (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] nick hatch (Mar 24)
- Re: The PCI sky *isn't* falling! David Harley (Mar 24)
- Re: The PCI sky *isn't* falling! Jon Kibler (Mar 24)
- why is certification useful anyway? [was: PCI] Gadi Evron (Mar 24)
- Re: The PCI sky *isn't* falling! Rob, grandpa of Ryan, Trevor, Devon & Hannah (Mar 23)
- Re: The PCI sky *isn't* falling! Gadi Evron (Mar 24)