Free Republic
Browse · Search		 News/Activism
Topics · Post Article

Skip to comments.

Equifax Chief Information Security Officer Was An Affirmative Action Hire
thelibertyconservative.com ^ | September 13, 2017 | Alex Witoslawski

Posted on 09/16/2017 8:01:50 PM PDT by grundle

click here to read article

Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-65 last
To: Hat-Trick

I suspect the subpoenas would go much further back in time.


61 posted on 09/17/2017 10:06:28 AM PDT by EVO X
[ Post Reply | Private Reply | To 60 | View Replies]
To: EVO X

Agreed, because apparently this was their 3rd hack in nearly 16 months.


62 posted on 09/17/2017 10:16:09 AM PDT by Hat-Trick (Do you trust a government that cannot trust you with guns?)
[ Post Reply | Private Reply | To 61 | View Replies]
To: JohnyBoy
If you think someone can't find out your name, address and from there your employer just because you are posting anonymously you are mistaken. I wouldn't do that to one of Jim and John Robinson's guests, but there are people that would.

If you are in the business and want to know how that can be done (so you don't go around spreading company info "anonymously" in the future) Freepmail me and I'll give you a brief rundown of the process. Then you can FedEx me that bottle of Scotch.
63 posted on 09/17/2017 11:15:55 AM PDT by Garth Tater (Gone Galt and I ain't coming back.)
[ Post Reply | Private Reply | To 46 | View Replies]
To: Hat-Trick

While it is true that the Struts jars can (and should!) reside in a central directory on the appserver, that is not necessarily the case. If the programmers are allowed to download whatever software they like, and build these jars into their .war files, then they really don’t know what they have and aren’t in a position to fix it.

This is how everything started with J2EE programming and Open Source at most shops. The necessary controls came later. But if you have a lot of legacy applications, you may have a wide variety of open source releases stuffed into your applications, and not even know it.

The only way the auditors can find out what is going on is by taking all the production .war files, unjarring them, and seeing what is inside. This sort of audit is unlikely to happen. Most auditors will just interview developers, asking what their practices and procedures are, and believe what they say. What they say may even be true right now, but will not reflect all the apps that have been moved to production in the past ten or fifteen years.

There are probably automated application scanning tools that will help. But first you have to find all the production servers and the applications - many places can’t even do that.


64 posted on 09/17/2017 11:29:51 AM PDT by proxy_user
[ Post Reply | Private Reply | To 56 | View Replies]
To: lightman

Come to think of it, all three Obamas were affirmative action hires.


65 posted on 09/17/2017 2:27:50 PM PDT by Fireone (No more Kennedys, Bushes, Clintons, or Obamas....(or their kids)ever!)
[ Post Reply | Private Reply | To 7 | View Replies]

Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-65 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search		 News/Activism
Topics · Post Article
FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson