us report on russian hacking
Dewayne Geraghty
dewayne.geraghty at heuristicsystems.com.au
Wed Apr 18 14:11:33 UTC 2018
It is useful for us to be ahead of the issues that we will be asked to
comment on, and advise our clients & friends. If Julian's email is read
carefully, it is not a political statement.
US Cert did need to communicate the issue, but did not need to attribute
any nation as instigator (or threat). Though US-Cert's apparatus seems
to be unreliable as this was (& should have been) a critical issue,
particularly for SMI users in Feb, 2017 (#1)
Did it need to be in freebsd-hackers? Perhaps, though I suspect
freebsd-security might be better?
Thanks Igor for the csoonline reference, as background/context its
helpful. Though I did laugh at 'don’t call it a vulnerability, but a
“protocol misuse issue.”' (Hello George? Hello, is that you, George
Orwell?)
Kind (g)regards. :)
#1: Refer to
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170214-smi
(indirectly from Igor's earlier email)
--
Influence national support against IP address spoofing (pretending to be someone else), refer: http://www.bcp38.info/index.php/Main_Page
More information about the freebsd-hackers
mailing list