Our security auditor is an idiot. How do I give him the information he wants? (2011)
8 points by gurjeet
by rurban
0 subcomment
This is hilarious. Unfortunately not entirely fake. I myself had an totally unqualified idiot to do a security audit on a TLS implementation. He probably came from web security audits and insisted to get mime checks for the private and public keys. Ha! These keys where files on disc.
I told him he was wrong. Management was helpful to bypass the idiotic parts.
by SilverElfin
2 subcomments
Is this real? Some auditor is asking for everyone’s raw passwords?
Hacker News