On Tue, May 10, 2011 at 09:33:23AM +1000, Ivan . spake thusly: > I guess that makes a mockery of the PCI DSS framework!
Not at all. PCI DSS does not guarantee security. And if they didn't have a firewall and were running outdated software they weren't compliant anyway. -- Tracy Reed
pgp7fWhMJ9F7L.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
