lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: peter at (Peter van den Heuvel)
Subject: Corporate Information Security	Accountability
 Act of 2003

> And who's going to enforce this? Something to consider, this could mean
> that you could face criminal charges if you stated that your network was
> secure and an independent audit team belonging to the DOJ proved
> otherwise - that'd land a lot of execs in jail (including Gates).  Want
> to get your CEO put in jail?  Just open up that telnet port.
LOL. And more, who would do the audit? I've seen _far_ more audit 
reports that aren't worth shit than reports that come close to being 
reasonable. Maybe it would make better sense to require such companies 
to publisize their security incidents; enable the shareholders to draw 
their own conclusions. Not that it would change anything of course; 
MicroSoft security status being not particularly secret.


Powered by blists - more mailing lists