From owner-freebsd-questions@freebsd.org Sat Nov 28 23:24:41 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9C904A3B9A4 for ; Sat, 28 Nov 2015 23:24:41 +0000 (UTC) (envelope-from lobo@bsd.com.br) Received: from mail-qg0-x22f.google.com (mail-qg0-x22f.google.com [IPv6:2607:f8b0:400d:c04::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 519C31E17 for ; Sat, 28 Nov 2015 23:24:41 +0000 (UTC) (envelope-from lobo@bsd.com.br) Received: by qgeb1 with SMTP id b1so95303529qge.1 for ; Sat, 28 Nov 2015 15:24:40 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsd.com.br; s=capeta; h=date:from:to:cc:subject:message-id:in-reply-to:references :organization:mime-version:content-type:content-transfer-encoding; bh=vxwZbj/zqbiiEGVmlCNiZ2Jo+o3RwqyQS+SMHHvfFzY=; b=csC98zB6yyow2ghVd2TeAN7dcu/6+3V0BLdD+t7dDqIizCgArbsD4wfpV/P2NAZnfz 7hiH3wgv9Sc3pgKZt751JFonxetm8cmxQV1vJQCDqYNkrLCvrhByqEo+xnn+nz8QChYY C1kmKmDqEGcyfR6Ba57xXuatPut4g0v+/2fpE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:organization:mime-version:content-type :content-transfer-encoding; bh=vxwZbj/zqbiiEGVmlCNiZ2Jo+o3RwqyQS+SMHHvfFzY=; b=BLjM/rGr3pKFoFlWloufm+4VEaNkuWbIhhDDNJ2BILSALDEhKFvaDqUsW2jTrg0HvW JEWih7bqCLV8zLj5ej8wtZ9adjEk55VsSxY0NK2s4Ko73nlTkITygZpmmjOJlWH0YGfh yZmgJEOh74I6Ad7oAjP7GXNN17GbisyDRcPD5xVo9IjOXk4tYxywYNeAtSS76eSty9W/ VE7ARstsUnUi6i94wSvW9tBJru+//z8v7JtBXgHJ5r5BYoBOt9Y/6sfKgNfpvhTGgRsd v5ZzOZqOsDJOM5OSdMSan5XLhgAyltNNMmMbZYdP7zbGjiBdKbY9pr5lk7XPwfXyQ3RL zVzA== X-Gm-Message-State: ALoCoQkQ5dZJbVY+DzayCwY42rBHwm6E51YlXiTemRaRO0sFj/mac2VmNIOtU7eAYUIaVIEBORpl X-Received: by 10.140.101.130 with SMTP id u2mr62698541qge.2.1448753080200; Sat, 28 Nov 2015 15:24:40 -0800 (PST) Received: from Papi ([179.181.63.21]) by smtp.gmail.com with ESMTPSA id n67sm12206153qkh.18.2015.11.28.15.24.38 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 28 Nov 2015 15:24:40 -0800 (PST) Date: Sat, 28 Nov 2015 20:29:38 -0300 From: Mario Lobo To: freebsd-questions@freebsd.org Subject: Re: VPN security breach Message-ID: <20151128202938.067da47a@Papi> In-Reply-To: References: <20151127104401.7fdfd5fd@Papi> Organization: BSD X-Mailer: Claws Mail 3.12.0 (GTK+ 2.24.25; amd64-portbld-freebsd10.2) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 28 Nov 2015 23:24:41 -0000 On Fri, 27 Nov 2015 15:13:03 -0500 Michael Powell wrote: > Adam Vande More wrote: > > > On Fri, Nov 27, 2015 at 7:44 AM, Mario Lobo wrote: > > > >> Any comments on this? > >> > >> https://thehackernews.com/2015/11/vpn-hacking.html > > > > > > Seeing as how it's not Apr 1, I can only assume that site is a > > clown show. > > > > > Serendipitous timing aside, I had a chance to run this by a friend > this morning. They've known all about it for years but it is against > their interest to divulge. He just laughed and said: "This is just > the tip of the iceberg as far as we're concerned". > > This is just civilians eventually discovering something that has been > known by some for quite a while. Then the infotainment media needs to > use it to make a buck by crying wolf and the sky is about to fall. > Click bait and advertising revenue. > > The major computer/network security issues aren't technical. > Technical issues are readily addressable by those competent enough to > do so. The real problem is the social office, and the psychology of > office power-politics. Until the hierarchical human dynamic changes > OPM style hacks will remain a dime a dozen, ad infinitum ad nauseum. > > -Mike Thanks to all that cared to comment ! -- Mario Lobo http://www.mallavoodoo.com.br FreeBSD since 2.2.8 [not Pro-Audio.... YET!!] "UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things."