Date: Fri, 13 Sep 2013 09:18:35 +0400 From: Lev Serebryakov <lev@FreeBSD.org> To: Julian Elischer <julian@freebsd.org> Cc: freebsd-security@FreeBSD.org Subject: Re: FreeBSD Transient Memory problem? Message-ID: <1458963304.20130913091835@serebryakov.spb.ru> In-Reply-To: <5231D461.5050504@freebsd.org> References: <CAGX1DMbQP=TggYQm-3hra0Od3gjgz5xQ8bEMMrueuhL6kuZMUA@mail.gmail.com> <5231D461.5050504@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Julian. You wrote 12 =D1=81=D0=B5=D0=BD=D1=82=D1=8F=D0=B1=D1=80=D1=8F 2013 =D0=B3.,= 18:49:05: JE> Pretty much all they've proved to me is that they have no idea of what JE> they are talking about. JE> You need to ask them for a better description of the problem as so far= =20 JE> all you've JE> seen is about a hundred computer science professionals rolling around= =20 JE> on the floor JE> laughing when you showed them the paragraph from the report.. JE> and you can quote me on that one. In my expirience, "Security audit" people, who could, for example, do PCI/DSS audit, are like this. So, yet, it is their level of competence, but you could not pass around them, if you want official PCI/DSS certification, for example. Did you seen this epic thread on stackoverflow (or its devops/sysops counterpart) about "log file with every login of each user with password in clear text,'' for example? --=20 // Black Lion AKA Lev Serebryakov <lev@FreeBSD.org>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1458963304.20130913091835>