Re: [U2] Credit Card Processing (Mike Hulls)
Our company just obtained PA-DSS acceptance (a subset of PCI for vendors selling software) for a product running on HP-UX universe. Don't go down that path if you can at all help it. Our customer's volumes where high enough with multiple banks to justify it at the time. If you touch a credit card at all (prompt for it, or it passes through your system un-encrypted) you need to remove that to even have a chance of PCI compliance. If the provider you use prompts for the credit card in a browser session, the PC that browser runs on needs to be PCI compliant (scanned, controlled access etc). Where ever possible, use separate hardware/card swipe terminals so you don't ever see the credit card. If you do have to go down that path, a couple of recommendations: - don't use Type 30 files. Turns out, part of the workspace memory ends up in the free space in the blocks on disk which then shows up on your scans. Maybe U2 has fixed this by now. - companies doing PCI and PA-DSS audits are used to dealing with huge companies and expect huge budgets. U2 contacts led us to K3DES which just got the job done. Mike This email and any attachments may contain confidential and privileged information which is not subject to public disclosure. For more information about Campana's privacy policy, or to read this email disclaimer in French, read our Privacy Policy at http://www.campana.com/privacy.asp. ___ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
Re: [U2] Convert to Numeric
On 01/07/11 15:11, Ed Clark wrote: The behavior varies somewhat by platform. Are you using universe or unidata? I'm guessing you're on unidata because you are using the MD conversion code (I haven't seen that used much on universe) I'm guessing MD/MR is site specific, not platform/flavour specific. Coming from a PI/UV background, I've never used UD, and I've almost never ever seen MR conversions. Always MD. Cheers, Wol ___ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
Re: [U2] Git and U2
On 01/07/11 04:47, Rob Sobers wrote: Good point, Dan. Dropbox is such a good service, too. It's a shame that a) they let it happen (unit tests, man!) and b.) they handled it so poorly PR-wise. On the bright side, it's not nearly as bad as Citibank or Sony. Maybe poor PR but can anyone fault them on the technical handling? From the little I've picked up, from bug to fix was about 6 hours (5 minutes from discovery to fix). More importantly, they claim to have identified EVERY account that was accessed during the vulnerable period, notified them asap, and checked for any dodgy activity. IF that's true, I can't fault them. Why divert resources to dealing with people who aren't affected? Apart, of course, for the PR value. Cheers, Wol -Rob On Thu, Jun 30, 2011 at 3:43 PM, Dan McGrath danmcg...@gmail.com wrote: Rob, might not be the best idea to say secure cloud-based and Dropbox in the same email as a comparison after what happened to dropbox recently ;) ___ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users ___ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users ___ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users
