From owner-freebsd-questions@freebsd.org  Fri Nov 27 20:28:44 2015
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A164BA3A249
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Fri, 27 Nov 2015 20:28:44 +0000 (UTC)
 (envelope-from freebsd-questions@m.gmane.org)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 626891768
 for <freebsd-questions@freebsd.org>; Fri, 27 Nov 2015 20:28:44 +0000 (UTC)
 (envelope-from freebsd-questions@m.gmane.org)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <freebsd-questions@m.gmane.org>) id 1a2POa-0006f4-Rh
 for freebsd-questions@freebsd.org; Fri, 27 Nov 2015 21:13:28 +0100
Received: from pool-72-66-1-32.washdc.fios.verizon.net ([72.66.1.32])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <freebsd-questions@freebsd.org>; Fri, 27 Nov 2015 21:13:28 +0100
Received: from nightrecon by pool-72-66-1-32.washdc.fios.verizon.net with
 local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
 for <freebsd-questions@freebsd.org>; Fri, 27 Nov 2015 21:13:28 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: Michael Powell <nightrecon@hotmail.com>
Subject: Re: VPN security breach
Date: Fri, 27 Nov 2015 15:13:03 -0500
Lines: 30
Message-ID: <n3adh0$vgo$1@ger.gmane.org>
References: <20151127104401.7fdfd5fd@Papi>
 <CA+tpaK39hDp2Gjrd3gXpH3Nn2LSLwpnjsjN2ZgGcV78us7oQ1A@mail.gmail.com>
Reply-To: nightrecon@hotmail.com
Mime-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7Bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: pool-72-66-1-32.washdc.fios.verizon.net
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2015 20:28:44 -0000

Adam Vande More wrote:

> On Fri, Nov 27, 2015 at 7:44 AM, Mario Lobo <lobo@bsd.com.br> wrote:
> 
>> Any comments on this?
>>
>> https://thehackernews.com/2015/11/vpn-hacking.html
> 
> 
> Seeing as how it's not Apr 1, I can only assume that site is a clown show.
> 
> 
Serendipitous timing aside, I had a chance to run this by a friend this 
morning. They've known all about it for years but it is against their 
interest to divulge. He just laughed and said: "This is just the tip of the 
iceberg as far as we're concerned".

This is just civilians eventually discovering something that has been known 
by some for quite a while. Then the infotainment media needs to use it to 
make a buck by crying wolf and the sky is about to fall. Click bait and 
advertising revenue.

The major computer/network security issues aren't technical. Technical 
issues are readily addressable by those competent enough to do so. The real 
problem is the social office, and the psychology of office power-politics. 
Until the hierarchical human dynamic changes OPM style hacks will remain a 
dime a dozen, ad infinitum ad nauseum.

-Mike