> On Oct 10, 2017, at 9:23 AM, Paul Gilmartin > <[email protected]> wrote: > > On Mon, 9 Oct 2017 23:56:47 -0500, Edward Gould wrote: >> >> Our auditors would hop all over me and my management if we ever did >> something like what you are talking about. One time I got a fix for one of >> our MF products and I had to get the Presidents personal OK for me to upload >> it to the MF. It was an *EXTREMELY* important fix. The auditor sat with me >> while I explained to the President how I got the fix and how I was going to >> upload it to the MF. The auditor grilled me like there was his job on the >> line (mine was more likely the case). The auditor asked every blankety blank >> detail on how I learned about the fix and the product that was involved the >> fix number and how I d/l’d it. How was I going to get it to the MF and on >> and on. I felt like I was guilty for even asking for it. I asked him in the >> future did he want to get involved and micromanage every fix and he said >> *YES*. The President said well we have a solution. I *Never* want to go >> through that again. He did not blink when I asked him if Tape was OK and he >> said sure as long as the package is sealed from the vendor to us. >> > What if you need it within hours? Well, the express services can be very > prompt, > on a graduated price scale. Or a courier pouch on a private jet, for even > higher > cost.
Interesting question, will pose it at the next time the big boss is in a good mood. I do not know if its still available from Bolder, but we use to get fixes that way. Ed > >> IOW we are going to be majorly hurt if IBM decided to drop tape. >> > I'd be inclined to trust the SHA-1 checksum transmitted via an independent > verifiable conduit more than a heat-sealed polyethylene sleeve on a 3480 > cartridge. > SMP/E will verify the checksum and Do No Evil. I have asked the auditor and he seems happy with a plastic sealed envelope that is handled by signatures. Like I said I was always happy with a 3480/3420 tape. I suspect that if someone is going to intercept a tape they are reasonably advanced counterfiting team. Ed > > <SOAPBOX> All the risk with email, www, USB, arises from clients that > automatically > execute programs embedded in documents or support cross-site scripting. The > defense should be clients which unconditionally, not optionally, refuse to > open > attachments. Does CURL satisfy this? </SOAPBOX> > > -- gil > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
