Date: Wed, 18 Apr 2018 23:53:26 +1000 From: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au> To: freebsd-hackers@freebsd.org Subject: Re: us report on russian hacking Message-ID: <a63fb959-b171-fb99-af31-6eb2a653246c@heuristicsystems.com.au> In-Reply-To: <CADWvR2hvWWjy64y6FabLrqB2sPp0hh%2BUqs8nz4TLZWGKccWE8Q@mail.gmail.com> References: <b2800666-d162-796c-e8c3-cdb93accdb2e@freebsd.org> <alpine.BSF.2.20.1804181106490.68272@mp2.macomnet.net> <CADWvR2hUQXt4Axy31EEyjcm9tR-w_4pcwu5umymFFiELUoktnw@mail.gmail.com> <alpine.BSF.2.20.1804181455250.68272@mp2.macomnet.net> <CADWvR2hvWWjy64y6FabLrqB2sPp0hh%2BUqs8nz4TLZWGKccWE8Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
It is useful for us to be ahead of the issues that we will be asked to comment on, and advise our clients & friends. If Julian's email is read carefully, it is not a political statement. US Cert did need to communicate the issue, but did not need to attribute any nation as instigator (or threat). Though US-Cert's apparatus seems to be unreliable as this was (& should have been) a critical issue, particularly for SMI users in Feb, 2017 (#1) Did it need to be in freebsd-hackers? Perhaps, though I suspect freebsd-security might be better? Thanks Igor for the csoonline reference, as background/context its helpful. Though I did laugh at 'don’t call it a vulnerability, but a “protocol misuse issue.”' (Hello George? Hello, is that you, George Orwell?) Kind (g)regards. :) #1: Refer to https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170214-smi (indirectly from Igor's earlier email) -- Influence national support against IP address spoofing (pretending to be someone else), refer: http://www.bcp38.info/index.php/Main_Page
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?a63fb959-b171-fb99-af31-6eb2a653246c>