Parker the first lawsuit is already filed. Merrick Bank versus Savvis for their audit of cardsystems I believe.

Nikole, as much as it has always been my dream to visit South Dakota, I am going to pass this one time. But thanks for the offer and please keep me in mind the next time you are visiting paradise ;-)

Josh, you probably didn't know this but the Iowa Gaming commission hosts the IOWA Hog Farmers World Series of Poker. I bet they Chinese were trying to get the inside scoop on some hog farmers to use in their plot to dominate the pork industry ;-) LOL. I agree this just seems like your run of the mill cyber criminals who may happen to be Chinese!

Your right it does take multiple controls and a layered model. But the point I was trying to make is that we rely on these technologies to work as advertised when it testing they don't really seem to. It means we have to double down on the other layers. Nothing is perfect

HI Rich, thanks for the comment. We agree the input will be the key. Security folks apathy or paranoia does make them hard to convert into contributers. But it really does benefit the community as a whole if they do. Reading the FAQs on the site, I think Boaz wants to discourage vendor submissions as they are just so biased. Maybe a case of that is better than nothing though and let users take that with a grain of salt.
Take care!

Hi Ken

thanks for commenting. Yes the network was not what it is today and we didn't have virtualization either. Though we did have shared notes hosting I believe. I checked out the web site, looks cool. You need to get that blog up to date! Stay in touch.

Nick sorry to confuse you. click on the software-hg link in the article and have a look at the Trustwave badge there. You tell me what you think? What I add in details is great, but what is just a regular user have in the way of details going to that site?

Rafal, are you agreeing that this is a fraudulent company? If so, should trustwave have an obligation to look at this before putting their seal out there? It is sad, but people are fooled by this stuff.

Your right compliance is not security, ethics or merchantability. But when people see the Trustwave logo up there they are going to associate this company with Trustwave endorsing them. How many people read the disclaimers? It is time that the Trustwave's of the world stop hiding behind the fine print. For all intents and purposes they are endorsing this company. Talk about ethics? It isn't about compliance, it is about what are Trustwave's ethics. What are their obligations in being associated with a company!

Gary, despite your repeated calls to not take this into the public you seem to want to. Not sure which friend Mike you are referring to, as I have several friends named Mike. Gary, like I said yesterday, was not my intention to insult you. Sorry you feel that way. Frankly when you hold yourself out as "the father or inventor of NAC" (yes I remember you tried to put that on Wikipedia and it was taken down) and stuff like that, you reap what you sow. Gary I am not angry at all. I enjoy blogging. it gives me a chance to put my 2 cents on what I see out in the world. Maybe you should try it? Of course you could just keep commenting on my blog and if that floats your boat, have at it. I assure you it is more fun to have your own blog. Just get some people to read it. You can reserve your rights, as I do mine. But if you want to get into a public dispute over this, my blog is a great forum. Let me know when you are ready!