| From: | John R Pierce <pierce(at)hogranch(dot)com> |
|---|---|
| To: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: PG in cash till machines |
| Date: | 2013-05-10 21:55:15 |
| Message-ID: | 518D6CC3.7070406@hogranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 5/10/2013 2:11 PM, Bexley Hall wrote:
> Having designed (regulated) gaming and "grey area" devices (each
> handling hard currency), I can tell you that you have to have already
> performed a pretty exhaustive threat analysis (e.g., red team, blue\
> team) *before* you start the product's design. If you can't imagine
> *all* of the ways you can be targeted, then you can't determine
> how/if you will be "secure" in each of those scenarios (e.g.,
> I've incorporated features into the hardware designs to counter
> certain types of physical attacks).
indeed, and there's always threat models that no one could foresee,
witness the recent story of coordinated ATM withdrawals of $45,000,000
enabled by some back door hacking of the bank databases.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2013-05-11 00:03:38 | Re: Re: [GENERAL] pg_upgrade fails, "mismatch of relation OID" - 9.1.9 to 9.2.4 |
| Previous Message | Bexley Hall | 2013-05-10 21:11:26 | Re: PG in cash till machines |