I was going from a court ruling but David Stokes noted a whitepaper that
confirms my suspicions in the court ruling.
Target does not have z/OS nor dynalloc (by name). However Unix is by design
dynalloc all the time.
Jon
On Saturday, December 23, 2017 9:09 AM, Walt Farrell
<[email protected]> wrote:
On Fri, 22 Dec 2017 21:26:07 +0000, Jon Perryman <[email protected]> wrote:
>Charles broke the cardinal rule in security ( never say never ). Viruses rely
>on dynalloc. This vulnerability was used against Target where they >were
>recently fined $18 million and lost millions in revenues for their data
>breach.
Can you point to reports that talk about how the Target breach occurred? I have
not seen any descriptions of it publicly that could allow one to draw the
conclusions you've made.
(I'm assuming, by the way, that you don't literally mean that z/OS, and
dynalloc, were involved. If you do mean that, the reports should also
specifically describe the system that was breached, the OS, etc.)
