funsec mailing list archives
Re: The PCI sky *isn't* falling!
From: "Justin D. Scott" <admin () dtdns com>
Date: Mon, 23 Mar 2009 22:41:10 -0400
I think such motion from total ignorance to doing "a piss-poor job" of security represents a huge progress for such, mostly small, organizations.
There also many small companies that took one look at PCI and just gave up entirely and outsourced anything that was in scope for compliance to a larger company that specialized in payment processing. I can't tell you how many busted shopping carts we've replaced with PayPal checkout. When their online stores were built six or seven years ago, security wasn't as much of a problem. Now, they see the cost of keeping processing on their own site and go ahead with moving checkout to another service. They don't get the "prestige" of having the checkout on their site, but their customers are a whole lot safer as a result. -Justin Scott _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: The PCI sky *isn't* falling!, (continued)
- Re: The PCI sky *isn't* falling! Anton Chuvakin (Mar 23)
- Re: The PCI sky *isn't* falling! Alex Eckelberry (Mar 23)
- Re: The PCI sky *isn't* falling! Drsolly (Mar 23)
- Re: The PCI sky *isn't* falling! security curmudgeon (Mar 23)
- Re: The PCI sky *isn't* falling! Anton Chuvakin (Mar 23)
- Re: The PCI sky *isn't* falling! Amrit Williams (Mar 23)
- Re: The PCI sky *isn't* falling! Paul Ferguson (Mar 23)
- Re: The PCI sky *isn't* falling! Anton Chuvakin (Mar 23)
- Re: The PCI sky *isn't* falling! security curmudgeon (Mar 23)
- Re: The PCI sky *isn't* falling! Drsolly (Mar 24)
- Re: The PCI sky *isn't* falling! Anton Chuvakin (Mar 24)
- Re: The PCI sky *isn't* falling! Justin D. Scott (Mar 23)
- Re: The PCI sky *isn't* falling! Drsolly (Mar 24)
- Re: The PCI sky *isn't* falling! Justin Scott (Mar 24)
- Re: The PCI sky *isn't* falling! Jon Kibler (Mar 24)
- security theater is useful, stop abusing it [was: PCI] Gadi Evron (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] Benjamin April (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] Imri Goldberg (Mar 24)
- Re: security theater is useful, stop abusing it [was: PCI] nick hatch (Mar 24)
- Re: The PCI sky *isn't* falling! David Harley (Mar 24)
- Re: The PCI sky *isn't* falling! Jon Kibler (Mar 24)