You are viewing a single comment's thread from:

RE: A Combination of IPSEC, Multiple Wan's and 802.3ad Link Aggregation for Top Secure TCP transmission

in #security7 years ago (edited)

I like how it's heading too, but actually I'm not the fan of Defcon nor BSD at all :)

As stated, BSD has been used for a while as a method to put sneaky vulnerabilities that indirectly finish in OpenSource projects through ports, making it close to impossible to accuse gov. agencies for them, since porting is not fully legal. It was a sneaky way to infect other distros. Even Apple dropped their line of products such as Time Capsule / AirPort express (BSD based) over many flaws they were unable to control. I would say it needs to take time to get my confidence back. Personally, I prefer Gentoo for mission critical systems, or Debian for less sensitive work.

Def Con, again, too much gov. sponsored. It's close impossible to present something that really affects millions of users. Such as: https://hal.archives-ouvertes.fr/hal-01759199/document :)

When I demonstrated the ability to forward any mobile number through SS7 flaws at GSMA / MWC back in 2013 in front of security audience, the unofficial talks with Def Con reps was something like "It's far better to push MNO's to fix the issues, rather then cause a pandemic attacks by making it further publicly visible". - Right :) If I found some flaws in ZTE or Huawei, that would probably get into the headlines. Millions of affected users - who cares :) It was not the flaw, it was the design.

But not much into it lately. Assuming you were poking about being a fan of BSD and def-con :)

Sort: