In 05ea01d02ddc$927328a0$b75979e0$@mcn.org, on 01/11/2015
at 12:24 PM, Charles Mills charl...@mcn.org said:
Logica was a professional service bureau with a
professionally-maintained z/OS.
FSVO,
They got breached.
How?
One might infer that other MVS sites, and not just those with
lax
In 050701d02c6d$4c43bef0$e4cb3cd0$@mcn.org, on 01/09/2015
at 04:35 PM, Charles Mills charl...@mcn.org said:
A stitch in time saves nine.
Whoosh!
Let me rephrase that in simple terms. Have there been any successful
cracking attempts in the wild against real, present-day mainframes
that
@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe tribute song
In 050701d02c6d$4c43bef0$e4cb3cd0$@mcn.org, on 01/09/2015
at 04:35 PM, Charles Mills charl...@mcn.org said:
A stitch in time saves nine.
Whoosh!
Let me rephrase that in simple terms. Have there been any
] On
Behalf Of Shmuel Metz (Seymour J.)
Sent: Sunday, January 11, 2015 12:31 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe
tribute song
In 050701d02c6d$4c43bef0$e4cb3cd0$@mcn.org, on 01/09/2015
at 04:35 PM, Charles Mills charl...@mcn.org said
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe tribute song
Do I know about a violation of the statement of integrity that IBM has not
addressed? No, of course not.
I am not certain that MVS exposures versus lax security is a black and
white dichotomy. It's easy
charl...@mcn.org (Charles Mills) writes:
I am not certain that MVS exposures versus lax security is a black and
white dichotomy. It's easy to look after the fact at any breach and say
aha! You should not have done X. I don't think the role of we security
practitioners is solely pointing out
In 54aae54e.7060...@acm.org, on 01/05/2015
at 01:26 PM, Joel Ewing jcew...@acm.org said:
But, the password encoding in the RACF data base only becomes a
security issue if READ access to the RACF data base itself is not
properly restricted by RACF.
The ironic thing is that while I have never
In 047801d0291f$5efb31f0$1cf195d0$@mcn.org, on 01/05/2015
at 11:39 AM, Charles Mills charl...@mcn.org said:
The fact is there have been several successful real hacks of
production mainframes, so some sort of real, present-day hacker
exposure is not unheard-of in the wild.
The Devil is in the
On 01/03/2015 09:23 PM, Paul Gilmartin wrote:
On Sat, 3 Jan 2015 10:13:21 -0600, Ed Gould wrote:
Indeed it was at least interesting.
I would be curious if IBM would like to comment on some of the
statements on how how RACF encrypts the passwords.
I disagree with how RACF encryption is done
, with disastrous results.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Joel Ewing
Sent: Monday, January 05, 2015 11:26 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Young's Black Hat 2013 talk - was mainframe tribute song
On 01/03/2015 09
10 matches
Mail list logo