True and now it’s been disclosed by a security researcher and this blows up badly on the vendor in my opinion…. makes you wonder what else they are doing in their software that they are not telling you about - just an example and not suggesting there’s more in this case
> On Nov 13, 2016, at 5:51 PM, Ken Hohhof <[email protected]> wrote: > > Well, it’s not a secret backdoor if you disclose it. > > “You ever flashy thinged me?” > “No.” > “I ain’t playing with you, K, you ever flashy thinged me”? > “No.” > <> > From: Af [mailto:[email protected] <mailto:[email protected]>] On > Behalf Of Paul Stewart > Sent: Sunday, November 13, 2016 3:56 PM > To: [email protected] <mailto:[email protected]> > Subject: Re: [AFMUG] Trango Security Issue > > Different people deploy them different ways … good or bad … > > The biggest problem I have with this is when a vendor doesn’t disclose this > information and that a customer cannot choose to remove this option if the > vendor insists on putting it in place. > > >> On Nov 13, 2016, at 4:35 PM, George Skorup <[email protected] >> <mailto:[email protected]>> wrote: >> >> I don't exactly see the problem, especially with a PTP radio that should >> only be accessible from within your network and possibly only from >> management subnets/VLANs, too. If it's a public facing piece of equipment >> like a router, then sure, I agree. >> >> On 11/13/2016 3:07 PM, Paul Stewart wrote: >>> Totally disagree with this… we would never let a vendor into our network if >>> there was a possibility of this. It puts our network at risk from their >>> stupidity …. >>> >>> We aggressively look at this when new products are coming into the network >>> - realizing that sometimes there’s no way to detect it but it’s a question >>> we ask, tests that we run, and hope that our confidence in this being >>> possible is low. >>> >>> >>>> On Nov 13, 2016, at 11:59 AM, Ken Hohhof <[email protected] >>>> <mailto:[email protected]>> wrote: >>>> >>>> Yep. There are legitimate needs for the factory to have a backdoor
