| Main Archive Page > Month Archives > full-disclosure-uk archives |
Re: [Full-disclosure] Compliance Is Wasted Money, Study Finds
From: Tracy Reed <treed_at_nospam>Date: Mon Apr 26 2010 - 03:25:47 GMT
To: Nick FitzGerald <nick@virus-l.demon.co.uk>
On Mon, Apr 26, 2010 at 08:57:18AM +1200, Nick FitzGerald spake thusly:
> Anyone authoritatively stating that antivirus software is a necessary
> component of a "reasonably secure" system is a fool.
No, they just think all the world is Windows.
> So _if_, as you and another recent poster strongly imply, the PCI
> standards include a specific _requirement_ for antivirus software, then
> the standards themselves are total nonsense...
PCI only requires antivirus for systems commonly affected by
viruses. This means Windows. PCI security council has said that UN*X
OSs etc. are not required to have antivirus.
-- Tracy Reed http://tracyreed.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/