From owner-freebsd-hackers@freebsd.org  Wed Apr 18 14:11:33 2018
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6C5E3F8E0F7
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Wed, 18 Apr 2018 14:11:33 +0000 (UTC)
 (envelope-from dewayne.geraghty@heuristicsystems.com.au)
Received: from hermes.heuristicsystems.com.au (hermes.heuristicsystems.com.au
 [203.41.22.115])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "hermes.heuristicsystems.com.au",
 Issuer "Heuristic Systems Type 4 Host CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id A551076D2A
 for <freebsd-hackers@freebsd.org>; Wed, 18 Apr 2018 14:11:32 +0000 (UTC)
 (envelope-from dewayne.geraghty@heuristicsystems.com.au)
Received: from [10.0.5.3] (noddy.hs [10.0.5.3]) (authenticated bits=0)
 by hermes.heuristicsystems.com.au (8.15.2/8.15.2) with ESMTPSA id
 w3IDrQAl000971
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT)
 for <freebsd-hackers@freebsd.org>; Wed, 18 Apr 2018 23:53:31 +1000 (AEST)
 (envelope-from dewayne.geraghty@heuristicsystems.com.au)
X-Authentication-Warning: b3.hs: Host noddy.hs [10.0.5.3] claimed to be
 [10.0.5.3]
Subject: Re: us report on russian hacking
To: freebsd-hackers@freebsd.org
References: <b2800666-d162-796c-e8c3-cdb93accdb2e@freebsd.org>
 <alpine.BSF.2.20.1804181106490.68272@mp2.macomnet.net>
 <CADWvR2hUQXt4Axy31EEyjcm9tR-w_4pcwu5umymFFiELUoktnw@mail.gmail.com>
 <alpine.BSF.2.20.1804181455250.68272@mp2.macomnet.net>
 <CADWvR2hvWWjy64y6FabLrqB2sPp0hh+Uqs8nz4TLZWGKccWE8Q@mail.gmail.com>
From: Dewayne Geraghty <dewayne.geraghty@heuristicsystems.com.au>
Message-ID: <a63fb959-b171-fb99-af31-6eb2a653246c@heuristicsystems.com.au>
Date: Wed, 18 Apr 2018 23:53:26 +1000
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:52.0) Gecko/20100101
 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <CADWvR2hvWWjy64y6FabLrqB2sPp0hh+Uqs8nz4TLZWGKccWE8Q@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
Content-Language: en-AU
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Apr 2018 14:11:33 -0000

It is useful for us to be ahead of the issues that we will be asked to
comment on, and advise our clients & friends.  If Julian's email is read
carefully, it is not a political statement.

US Cert did need to communicate the issue, but did not need to attribute
any nation as instigator (or threat).  Though US-Cert's apparatus seems
to be unreliable as this was (& should have been) a critical issue,
particularly for SMI users in Feb, 2017 (#1)

Did it need to be in freebsd-hackers?  Perhaps, though I suspect
freebsd-security might be better?

Thanks Igor for the csoonline reference, as background/context its
helpful.  Though I did laugh at 'don’t call it a vulnerability, but a
“protocol misuse issue.”'  (Hello George?  Hello, is that you, George
Orwell?)

Kind (g)regards.  :)

#1: Refer to
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170214-smi
(indirectly from Igor's earlier email)
-- 

Influence national support against IP address spoofing (pretending to be someone else), refer: http://www.bcp38.info/index.php/Main_Page