Since when has "virtually no" meant "no"? IIS6.x has had eight vulnerabilities in its seven years of existence (only seven if you search CERT). Less than one a year. IIS7.x has had two in two years (three if you search CERT, plus one "unreliable"). One a year. Apache 2.0.x has had TWENTY-FIVE, and Apache 2.2.x has had TWENTY SEVEN.
I love how it changes the registry to force the browser to load QuickTime for every PNG file on a page. Fuck does that take forever to fix! (Or load a page, for that matter).
Actually, a "fine" is not something that happens as a result of government action at all. According to Oxford it's a sum of money exacted as a penalty by a court of law or other authority. Note the "or other authority" (which doesn't necessarily have to be government).
They also wouldn't have to sue you, since you signed a contract saying exactly what happens if you screw up. It's not necessary to sue someone to enforce a contract (although sueing can certainly resolve it if one party decides to get argumentative).
Oh, and PCI DSS is not negotiable, no matter how big you are. In fact, it gets harder to comply with the larger you get.
Actually, I've read a Merchant Agreement as part of a cost-benefit analysis of outsourcing my e-commerce functions. This month even. You are the ignorant one.
Noting of course that the fines only occur if there's an actual breach (which if you store card numbers in the clear is virtually guaranteed to happen) - a failed audit on its own is not sufficient to get you big numbers in fines.
Actually, in many places it is law to follow PCI DSS if handling credit card information - off the top of my head, California, Nevada and Minnesota require it. Other states and countries may also.
And there are fines. Massive fines. And since you signed a merchant agreement, you agreed to a dead tree contract saying that you'll pay them if you ever get caught violating the standards.
An interesting element not generally related as part of this story just goes to prove you can never please everyone: The little UK firm responsible for the gaffe received a complaint from a potential customer who felt himself qualified to be a rich bastard yet had not received the letter he deemed appropriate to his station in life.
Credit Card info? That's a violation of PCI DSS right there along the lines of the great Web Hosting Talk fuck-up of last year. You can be fined millions for that.
What, don't post because your opinion does not conform to the groupthink? Fuck that.
"I know I'll be modded down" doesn't mean they're an asshole, it means that they know they have an opinion that does not conform (i.e. they aren't sheep). If anything, modding them down for being an asshole makes you an asshole.
Can anyone else see the irony in the seller of "asset protection services" to "hide assets from potential lawsuits" failing to hide his assets from potential lawyers?
No they don't. There's networks for all sorts of things from Corporations to entire countries, and you don't need to use a specific email domain at all to join them.
Since when has "virtually no" meant "no"? IIS6.x has had eight vulnerabilities in its seven years of existence (only seven if you search CERT). Less than one a year. IIS7.x has had two in two years (three if you search CERT, plus one "unreliable"). One a year. Apache 2.0.x has had TWENTY-FIVE, and Apache 2.2.x has had TWENTY SEVEN.
Only under the dodgy Labour figures where any death related to respiratory illness is attributed to smoking, whether cigarettes were involved or not.
Screens of *any* sort such as that of a laptop are illegal as well.
Bonus points for said person rear-ending another being the CEO of a mobile phone company.
Neither of the above mentioned activities are, or have ever been, legal.
Probably when the US became a monarchy.
Because it's not news until Slashdot gets paid for it. Didn't you see who submitted it?
What, the web server with virtually no security vulnerabilities in the last 4 years in the two most recent iterations?
Yeah, demon forbid that get installed.
I love how it changes the registry to force the browser to load QuickTime for every PNG file on a page. Fuck does that take forever to fix! (Or load a page, for that matter).
Wow. At our hospital, we'd charge you $1.12 for 20 of those pills (about 70 US cents).
You Americans ARE being ripped off!
Uh, it is. Giving away and no longer having said something (regardless of what the fucking EULA says) is not piracy, however (i.e. fuck you AutoCAD).
Actually, a "fine" is not something that happens as a result of government action at all. According to Oxford it's a sum of money exacted as a penalty by a court of law or other authority. Note the "or other authority" (which doesn't necessarily have to be government).
They also wouldn't have to sue you, since you signed a contract saying exactly what happens if you screw up. It's not necessary to sue someone to enforce a contract (although sueing can certainly resolve it if one party decides to get argumentative).
Oh, and PCI DSS is not negotiable, no matter how big you are. In fact, it gets harder to comply with the larger you get.
Actually, I've read a Merchant Agreement as part of a cost-benefit analysis of outsourcing my e-commerce functions. This month even. You are the ignorant one.
Noting of course that the fines only occur if there's an actual breach (which if you store card numbers in the clear is virtually guaranteed to happen) - a failed audit on its own is not sufficient to get you big numbers in fines.
Actually, in many places it is law to follow PCI DSS if handling credit card information - off the top of my head, California, Nevada and Minnesota require it. Other states and countries may also.
And there are fines. Massive fines. And since you signed a merchant agreement, you agreed to a dead tree contract saying that you'll pay them if you ever get caught violating the standards.
PCI DSS is in no way optional.
I actually prefer this bit:
An interesting element not generally related as part of this story just goes to prove you can never please everyone: The little UK firm responsible for the gaffe received a complaint from a potential customer who felt himself qualified to be a rich bastard yet had not received the letter he deemed appropriate to his station in life.
That's old. And it's probably an urban legend, as it's usually a charity emailing or sending letters to their biggest donors.
Credit Card info? That's a violation of PCI DSS right there along the lines of the great Web Hosting Talk fuck-up of last year. You can be fined millions for that.
No one's disagreeing there.
You and the GP appear to be mistaking Google Code Search for Google Code.
That will help Linux, when the USA Federal Government mandates use and requires all providers to support Linux.
You might want to lay off the crack pipe. They'll be more likely to sign off purchases of Apple computers, designed in California.
What, don't post because your opinion does not conform to the groupthink? Fuck that.
"I know I'll be modded down" doesn't mean they're an asshole, it means that they know they have an opinion that does not conform (i.e. they aren't sheep). If anything, modding them down for being an asshole makes you an asshole.
What do you think are the odds that exploited documents will be published to these documents too?
Zero, because this is about Google Docs, not Google Groups.
What? We're talking about Google Docs. No, you can't use robots.txt. What you can do, is not publish documents you don't want read.
Can anyone else see the irony in the seller of "asset protection services" to "hide assets from potential lawsuits" failing to hide his assets from potential lawyers?
No they don't. There's networks for all sorts of things from Corporations to entire countries, and you don't need to use a specific email domain at all to join them.