PCI makeover
Results 1 to 3 of 3

Thread: PCI makeover

  1. #1
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883

    PCI makeover

    Now this is an interesting twist on PCI regulations.

    http://news.com.com/Credit+card+secu...l?tag=nefd.top

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #2
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Ahhh.... The oldest question in the security industry... Do I make it secure or do I make it cost effective and usable???

    But isn't the ball being dropped again, (or am I missing something????)... If the application understands encryption then if the application is compromised so is the data. If the OS understands encryption then the legacy apps don't need to understand it and either the OS or the app needs to be compromised.

    The proposed solution is to drop encryption, which occurs for the most part automatically of is relatively easy to set up, and allow operations to complicate the perimeter with additional and probably unneccesary layers in order to give them the "warm and fuzzies"...

    Personally I don't see the benefits here... I can see some potential detriments... especially since they have my CC data....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    The proposed solution is to drop encryption, which occurs for the most part automatically of is relatively easy to set up, and allow operations to complicate the perimeter with additional and probably unneccesary layers in order to give them the "warm and fuzzies"...
    Yep, my feeling exactly. This is why I constantly complain to C level execs about business process efficiencies and stripping out high cost low return security "solutions" that support hig cost low return business processes.

    Anyway, before I get all worked up, lemme finish my cup of joe...



    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides