More on NRF’s Letter to PCI SSC, and the Wireless Network that Could standard
A couple of weeks ago, I jotted down a few thoughts on the letter from the NRF to the PCI-SSC about the PCI Standards. My post was a bit rant-ish, but Anton Chuvakin threw down a great review in his blog yesterday. The only point that I wanted to add a different opinion on is the use of WEP. I’ve been a proponent for wide open wireless networks in corporations for a few years. I argue that because network compromises are either hit-or-miss with advanced encryption technologies, most hackers default to attacking hosts instead. One of our own testers is known to breach networks that security professionals thought were virtually impenetrable. He didn’t do it by packing a Cray into ...
Continue Reading