I have no interest in looking smart to anyone here just like I would have no interest in looking ethical. If I'm the owner of a company and have the ability to make more money by taking advantage of a loophole in whatever system, then I'm going to do it. Unless there's a legal punishment, then why not? If I don't then someone else will and in the business world the advantage goes to whomever does.
Unfortunate as is may be, nice guys usually do not finish first. Sorry.
It's not like they hacked the website to post links for Goatse and Lemonparty; they did so to remove the anti-American/European propaganda and replaced it with the truth about the horrible acts of violence bestowed upon those civilians by Al-Qaeda. But I guess it's their right to kill innocent people in the name of some imaginary fairy in the sky, and we should just mind our own business and stay the hell out of their country and off their servers.
Say what you want about the political aspects or reasons to "invade" or not to...I don't give a shit about any of it, but there's nothing that makes it OK to harm innocent people and then lie about it. Much of the indigenous population supports Al-Qaeda because of they're simply not aware that the terrorists cover up their own disgusting actions.
I think they should be applauded, for using the word "unlikely" instead of "incontheevable".
FTFY
From the PCI Security Standards Council "PCI Data Storage Do's and Don'ts":
Do not store any payment card data in payment card terminals or other unprotected endpoint devices, such as PCs, laptops or smart phones
And
At a minimum, PCI DSS requires PAN to be rendered unreadable anywhere it is stored – including portable digital media, backup media, and in logs.
Based on that information, I would say that PCs and, certainly in this case, game platforms (since the Xbox is really just a PC) would fall under the "endpoint device" category. Especially since the end-user has no control over whether or not that information is stored on their device because only Microsoft can alter the code that allows or disallows the storage.
Fortunately "reasonable" doesn't have to come into play here. PCI auditing standards exist so the human fallacies (potentially) of reason and common sense are mitigated by explicitly defined controls that anyone who deals with credit cards at all must adhere to. Someone like Microsoft, thankfully, would probably be even more scrutinized by auditors, not only because they are Microsoft, but because Microsoft would want to make sure they are compliant.
That being said, PCI, in part, states that credit card info must never be stored, cached, saved...etc., in any device that is directly accessible to the customer or attached to the vendor's network unless sufficiently encrypted with even more controls guarding the public and private encryption keys. Basically, no XBOX should ever store credit card information, only account information at the very least. Even then, the credit card info that CAN be saved on Microsoft's servers can contain the CC number, cardholder name, service code and expiration date (cardholder data), but it CANNOT store the PIN, magentic stripe data or CAV2 code (card authentication data).
I think the goal here is to make it so patients can see this information regardless of the physicians' practice management system. Granted, it's very cool that some EMR systems will produce these records, but wouldn't it be even better if they could all produce a standard format that could be read by other systems and not in some proprietary format (as they all currently are, except maybe a few open systems like OpenEMR)? This way other medical providers, not just patients, could have access to ANY patients' chart without having to get a signed release from the patient (assuming they are conscious) and then having to wait for their primary care physician to fax the barely-legible records over. Imagine the time saved in an emergent situation if all this information was just a few clicks away.
Of course, any time data is widely available like this you run the risk of having it leaked or stolen, but it's really the inevitable solution and the company that comes up with the standard format and develops a way in which all these practice management systems can share their electronic records while providing reasonable security for transmitting and storing these records, is the company that will change the way medical information is shared and will ultimately save lives, whilst no doubt becoming very, very rich.
All great discoveries are made by mistake. -- Young