× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. SECURITY400
  3. July 2011

Re: Interesting discussion on ServerFault regarding an idiotic auditor ...

All the poster said is that it was a small UK company and they he
switched to PayPal for the quick fix. PCI is investigating the
company.

Glad I didn't have to deal with that moron. I would have asked how he
proposed me getting the plain-text passwords from the user accounts
when it is a one-way hash and to have a great guru like himself could
teach me something I didn't know.

--
Mike Wills
http://mikewills.me



On Wed, Jul 27, 2011 at 1:44 PM, Larry Paque <larry@xxxxxxxxx> wrote:
The only reasonable (if that's the word) explanation I can think of is that
the auditor had his email hacked and the poster is emailing with the hacker
or his cohort.

I was reading quickly - did he ever get anybody on the phone?

On Wed, Jul 27, 2011 at 1:37 PM, Mike Wills <mike@xxxxxxxxxxxx> wrote:

Reading through the demands. I don't think any of us could provide
that on the i either. IIRC, I believe most log in systems these days
store the hash then compare the two hashes to make sure they match.
The systems themselves may not even know the real password.

--
Mike Wills
http://mikewills.me



On Wed, Jul 27, 2011 at 12:12 PM, David Gibbs <david@xxxxxxxxxxxx> wrote:
http://urlq.us/2g


--
IBM i on Power Systems - For when you can't afford to be out of business
_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.


_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400)
mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.


_______________________________________________
This is the Security Administration on the AS400 / iSeries (Security400) mailing list
To post a message email: Security400@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/security400
or email: Security400-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/security400.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.