This JVM bug seems to be getting some high-level attention in the IT press so I thought I’d lay out the issue where CF is concerned: History The bug is in the JVM (it has been since ~2001) and so ColdFusion running on Sun JVMs are affected. Someone out there has obviously made the link [...]

The PCI-DSS standards are designed to help protect card-holder data. The specific section we’re interested in is section 4.1 of the v1.2 revision of the standards which are available for download here: https://www.pcisecuritystandards.org/security_standards/pci_dss_download_agreement.html The standards layout that you should use strong cryptography and security protocols when transmitting card data over open, public networks (ie the [...]