Ye all,
goes to show that all "exposures" are dangerous. Never wear a mini skirt in winter. Especially this winter (IBM is dead) of discontent. Batten yer hatches and be happy that in years of yore things were good. All the best - and batten yer bleedin hatches again. Andre => Do I know about a violation of the statement of integrity that IBM has not => addressed? No, of course not. => => I am not certain that "MVS exposures" versus "lax security" is a black and => white dichotomy. It's easy to look after the fact at any breach and say => "aha! You should not have done X." I don't think the role of we security => practitioners is solely pointing out "exposures" in MVS to IBM. I think => helping customers with common less-than-ideal practices is more important. => => Logica was a professional service bureau with a professionally-maintained En réponse à Charles Mills <[email protected]> : > ------------------ Début du message d'origine -------------------- > > Do I know about a violation of the statement of integrity that > IBM has not > addressed? No, of course not. > > I am not certain that "MVS exposures" versus "lax security" is > a black and > white dichotomy. It's easy to look after the fact at any > breach and say > "aha! You should not have done X." I don't think the role of > we security > practitioners is solely pointing out "exposures" in MVS to > IBM. I think > helping customers with common less-than-ideal practices is > more important. > > Logica was a professional service bureau with a > professionally-maintained > z/OS. They got breached. One might infer that other MVS sites, > and not just > those with "lax" (however defined) security practices, might > also be > vulnerable. > > Charles > > -----Original Message----- > From: IBM Mainframe Discussion List > [mailto:[email protected]] On > Behalf Of Shmuel Metz (Seymour J.) > Sent: Sunday, January 11, 2015 12:31 AM > To: [email protected] > Subject: Re: Young's Black Hat 2013 talk - was mainframe > tribute song > > In <[email protected]>, on 01/09/2015 > at 04:35 PM, Charles Mills <[email protected]> said: > > >A stitch in time saves nine. > > Whoosh! > > Let me rephrase that in simple terms. Have there been any > successful > cracking attempts in the wild against real, present-day > mainframes that > exploited MVS exposures rather than lax security practices? > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access > instructions, > send email to [email protected] with the message: INFO > IBM-MAIN > > ------------------- Fin du message d'origine --------------------- -------------------------------------------------------------------------------- www.lavache.com : l'email gratuit sans pub, vachement meuh. www.hugolescargot.com : coloriage, fiches recettes et bricolage, chansons, etc. www.jeux-gratuits.com : des jeux en ligne pour toute la famille. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
