nanog mailing list archives
Re: BGP Experiment
From: Töma Gavrichenkov <ximaera () gmail com>
Date: Wed, 9 Jan 2019 21:58:23 +0300
On Wed, Jan 9, 2019 at 9:51 PM Saku Ytti <saku () ytti fi> wrote:
I think this contains some assumptions 1. discovering security issues in network devices is expensive (and thus only those you glean from vendor notices realistically exist) 2. downside of being affected by network device security issue is expensive I'm very skeptical if either are true.
Well, it's significantly harder to look for vulns in closed source firmware which only runs on certain expensive devices. My point is that e.g. FRR is an open source software which is designed to run on the same Intel-based systems as the one which probably powers your laptop. I've received a note from FRR devs stating that they're going to get a CVE number soon. It's a good sign, though it should have happened a bit before roughly a thousand of this mailing list subscribers have been informed about the issue, but anyway. -- Töma
Current thread:
- Re: BGP Experiment, (continued)
- Re: BGP Experiment Job Snijders (Jan 08)
- Re: BGP Experiment Tore Anderson (Jan 08)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Saku Ytti (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Saku Ytti (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Owen DeLong (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Saku Ytti (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Saku Ytti (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- RE: BGP Experiment adamv0025 (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Owen DeLong (Jan 09)
- Re: BGP Experiment Owen DeLong (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)
- Re: BGP Experiment Töma Gavrichenkov (Jan 09)