| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALKmEuCz1123+fmKnhr_i8N0YoaBEQG_Y4cbic=wTvRsi9=NHw@mail.gmail.com>
Date: Thu, 16 Jan 2014 21:59:47 +0100
From: Daniël W. Crompton <daniel.crompton@...il.com>
To: Valdis Kletnieks <Valdis.Kletnieks@...edu>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: EE BrightBox router hacked - bares all if you
ask nicely
On 16 January 2014 18:44, <Valdis.Kletnieks@...edu> wrote:
> Bonus points for finding a standard that provides enough *actual* security
> that it is worth doing, but yet won't bankrupt the industry. Consider that
> of all the credit-card breaches we've seen so far this century, something
> outrageous like 97% of the victim companies had current audits that listed
> them as being 100% PCI compliant at the time of the incident.
>
This is obvious troll bait, you know very well that PCI compliance has very
little to do with security and is a mechanism for payment companies to
transfer their risk to merchants. ;)
D.
Daniël W. Crompton <daniel.crompton@...il.com>
<http://specialbrands.net/>
<http://specialbrands.net/>
http://specialbrands.net/
<http://twitter.com/webhat>
<http://www.facebook.com/webhat><http://plancast.com/webhat><http://www.linkedin.com/in/redhat>
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists