@moonman haven't been long in that business so far but I can attest to the total lack of security knowledge or protocol in many of these people. Certification is mostly a sham.
@moonman our security auditors ran some weird testing for open X11 connections that was made to trick me into giving them root on my machine, but because i was running the X server on windows, it failed in a way that gave me root terminal on theirs
@moonman humph, i bet he sends that to all the girls
@moonman I had a consultant insist I use his pgp private key to decrypt. I had to inform him that “my private key is private.” And if there was one thing I learned in my encryption class, it was that.