This is not the CVC2/CVV2/CID/CAV2 number it is a different data point which I learned about for the first time today in a security training.
Other things:
- In a stack-based overflow attack there is a spillover past, say, the bounds of an array on the stack wherein the extra items do things like override pointers on the stack and affect method return instructions causing havoc. In a heap-based overflow a chunk of the heap set aside for being written to gets written to and then some and the spillover writes gunk into another chunk causing pain.
- MD5, SHA-1, RC3, RC4 and all homebrew solutions are bad algorithms for encryption.
- IMEI stands for International Mobile Station Equipment Identity and is a unqiue id for a phone.
- A PIN is a personal identification number. Duh.
- AuthN and AuthZ are gansta ways to suggest authentication and authorization respectively.
- PCI-DSS is now up to version 6.5!
No comments:
Post a Comment