funsec mailing list archives
Re: Bank security
From: Mike Preston <mike () technomonk com>
Date: Tue, 09 Mar 2010 12:17:15 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I just had a backup of a PCI DSS DB uploaded via anon FTP for a server I'm working on. Can't get much more clueless than that considering that they had: - - a valid login to an alternative secure sftp server. - - both my and their own GPG credentials to allow it to be encrypted. - - over 10 years experience as a 'system administrator' responsible for the companies PKI. The only mitigating factor was that the upload directory doesn't allow downloads, but it still went over the wire in the clear. Mike Preston chaim.rieger () gmail com wrote:
Just had a gov agency send me an email that contained private and personal info (not mine) Called em on it and they went oops Sent via BlackBerry from T-Mobile _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) iEYEARECAAYFAkuWPEoACgkQvhwPecbXDdzQ6gCePVJzFmC6X6mMfCP3MH2Ur/Ad iUQAni09cSxF7uUXygbufZSKgfRwf7hm =G5eE -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: Bank security, (continued)
- Re: Bank security Larry Seltzer (Mar 08)
- Re: Bank security Tomas L. Byrnes (Mar 08)
- Re: Bank security Rich Kulawiec (Mar 08)
- Re: Bank security Tomas L. Byrnes (Mar 08)
- Re: Bank security Joel Esler (Mar 08)
- Re: Bank security Rich Kulawiec (Mar 09)
- Re: Bank security Joel Esler (Mar 09)
- Re: Bank security Dave Paris (Mar 10)
- Re: Bank security Larry Seltzer (Mar 08)
- Re: Bank security chaim . rieger (Mar 08)
- Re: Bank security chaim . rieger (Mar 08)
- Re: Bank security Mike Preston (Mar 09)