Date: Thu, 1 Dec 2022 01:06:08 -0500 From: grarpamp <grarpamp@gmail.com> To: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-22:15.ping Message-ID: <CAD2Ti2-TkNWCbeddjCN%2B2Kv4VuCWoghT77FTtMHw56sTQsrv7g@mail.gmail.com> In-Reply-To: <3dc86282-165d-8562-5cba-0da9896557b9@sentex.net> References: <20221130004601.043CE1C623@freefall.freebsd.org> <3dc86282-165d-8562-5cba-0da9896557b9@sentex.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Generally, that ping has no end-to-end security (neither does TLS if relying solely on the silly CA model), and that TLA's [and Tier-n ISP's, VPN's, Tor's, WiFi's, etc] can all MITM at will, and that everyone is a target of some one/entity these days... then this is bad. Which if it applies to Micro$haft Crapple Phones would be even more a convenient gift to various actors. Perhaps the real question is... Why is ping, repeatedly over history, like sendwhale, still being written such that it remains exploitable...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAD2Ti2-TkNWCbeddjCN%2B2Kv4VuCWoghT77FTtMHw56sTQsrv7g>