Re: Broadband Router Comparisons

--- >https://www.kickstarter.com/projects/shieldapparel/shield-the-world-s-first-signal-proof-headwear https://www.etsy.com/listing/55473505/knit-tinfoil-hat-made-to-order -- There is just no end to stoopid. There's apparently an infinite quantity available.

Re: Broadband Router Comparisons

>> Based over what has been leaked, announced, or passed as pork barrel since >> 9/11, its probably time a tin foil hat factory was created to speed up the >> issuance of said hats. > >https://www.kickstarter.com/projects/shieldapparel/shield-the-world-s-first-signal-proof-headwear No need to wait

Re: Broadband Router Comparisons

On Sun, 27 Dec 2015 22:12:25 -0600, Josh Reynolds said: > Based over what has been leaked, announced, or passed as pork barrel since > 9/11, its probably time a tin foil hat factory was created to speed up the > issuance of said hats. https://www.kickstarter.com/projects/shieldapparel/shield-the-w

Re: Broadband Router Comparisons

Based over what has been leaked, announced, or passed as pork barrel since 9/11, its probably time a tin foil hat factory was created to speed up the issuance of said hats. On Dec 27, 2015 10:10 PM, "Hugo Slabbert" wrote: > On Sun 2015-Dec-27 20:58:18 -0600, Josh Reynolds > wrote: > > And now th

Re: Broadband Router Comparisons

On Sun 2015-Dec-27 20:58:18 -0600, Josh Reynolds wrote: And now that the new bill has passed, they (along with many others) will be "mishandling" your data often and legally with 3 letter agencies and other corporations. :( On Dec 27, 2015 8:48 PM, "James Downs" wrote: > On Dec 27, 2015, at

Re: Broadband Router Comparisons

On Sun 2015-Dec-27 09:58:50 -0800, Michael Thomas wrote: Nice, but i want my router to have an android environment itself, not just to be controlled by my phone (which i want as well, of course). Sure. My message was strictly in response to: This is, I imagine, why Google bought Nest: th

Re: Broadband Router Comparisons

> On Dec 27, 2015, at 20:00, Keith Medcalf wrote: > They end up with ALL the data they can capture; they have COMPLETE management > control; and, can execute whatever code they want, without your prior > approval or choice, on the device at any time they please, including > permanent changes

RE: Broadband Router Comparisons

On Sunday, 27 December, 2015 19:46, James Downs said: > > On Dec 27, 2015, at 09:43, Hugo Slabbert wrote: > > Hence: https://on.google.com/hub/ > The device looks cool, and sounds cool, but what data does google end up > with, and what remote management can they do? Their policy pages aren’t

Re: de-peering for security sake

> On Dec 26, 2015, at 12:34, Owen DeLong wrote: > > Also, note that the only difference between a good long passphrase and a > private key is, > uh, wait, um, come to think of it, really not much. Are you equating a long PSK with PKE? They’re quite different.

Re: Broadband Router Comparisons

On 12/27/2015 19:56, Mike wrote: On 12/27/15, 4:57 PM, Larry Sheldon wrote: On 12/26/2015 23:49, Mike wrote: [snip] Firstly, they are all junk. Every last one of them. Period. Broadband routers are designed to be cheap and to appeal to people who don't know any better, and who respond well (

Re: Broadband Router Comparisons

And now that the new bill has passed, they (along with many others) will be "mishandling" your data often and legally with 3 letter agencies and other corporations. :( On Dec 27, 2015 8:48 PM, "James Downs" wrote: > > > On Dec 27, 2015, at 09:43, Hugo Slabbert wrote: > > > Hence: https://on.goog

Re: Broadband Router Comparisons

> On Dec 27, 2015, at 09:43, Hugo Slabbert wrote: > Hence: https://on.google.com/hub/ The device looks cool, and sounds cool, but what data does google end up with, and what remote management can they do? Their policy pages aren’t exactly clear, and they’ve mishandled personal data a number o

Re: Broadband Router Comparisons

> On Dec 27, 2015, at 17:56, Mike wrote: > The device would be cisco or juniper branded, internal redundancy / failover > features to allow hitless upgrades or module failures, have dual (preferably, After the last week or so, I wouldn’t trust a service provider who insisted on installing ju

Re: Broadband Router Comparisons

On Sun, 27 Dec 2015 17:56:02 -0800, Mike said: > NO SUCH DEVICE EXISTS, because you can't afford it. If I were to take > you seriously however - and we're talking about eliminating all excuses > and simply getting down to it and making a marginally qualified showing > at expecting uninterrupted se

RE: Broadband Router Comparisons

On Sunday, 27 December, 2015 17:58, Larry Sheldon said: > On 12/26/2015 23:49, Mike wrote: > > [snip] > > > Firstly, they are all junk. Every last one of them. Period. Broadband > > routers are designed to be cheap and to appeal to people who don't know > > any better, and who respond well (eg: m

Re: Broadband Router Comparisons

On 12/27/15, 4:57 PM, Larry Sheldon wrote: On 12/26/2015 23:49, Mike wrote: [snip] Firstly, they are all junk. Every last one of them. Period. Broadband routers are designed to be cheap and to appeal to people who don't know any better, and who respond well (eg: make purchasing decisions) bas

Re: de-peering for security sake

Also think of it from the perspective of the authenticating host. That SSH connection relies *only* on the key for authentication. It requires nothing else. How you protect that key is irrelevant. All that matters is that the host is accepting a single form of authentication. It's clearly sing

Re: de-peering for security sake

> On Dec 27, 2015, at 14:33 , Baldur Norddahl wrote: > > > > On 27 December 2015 at 22:08, Owen DeLong > wrote: > This is a bit of a tangent, really. The discussion was about authentication > factor > counts and Baldur tried to use PCI-DSS acceptance of password-encry

Re: Broadband Router Comparisons

On 12/27/2015 02:19, valdis.kletni...@vt.edu wrote: On Sun, 27 Dec 2015 08:37:25 +0100, Mikael Abrahamsson said: If someone like Consumer Reports or similar agency started testing and rating devices on these things like long-time support, automatic updates, software quality etc, and not just tes

Re: Broadband Router Comparisons

On 12/26/2015 23:49, Mike wrote: [snip] Firstly, they are all junk. Every last one of them. Period. Broadband routers are designed to be cheap and to appeal to people who don't know any better, and who respond well (eg: make purchasing decisions) based on the shape of the plastic, the color sch

Re: Broadband Router Comparisons

On 12/26/2015 23:49, Mike wrote: On 12/23/2015 06:49 PM, Lorell Hathcock wrote: All: Not all consumer grade customer premises equipment is created equally. But end customers sure think it is. I have retirement aged customers buying the crappiest routers and then blaming my cable network for a

Re: de-peering for security sake

On 27 December 2015 at 22:08, Owen DeLong wrote: > This is a bit of a tangent, really. The discussion was about > authentication factor > counts and Baldur tried to use PCI-DSS acceptance of password-encrypted > private key authentication as two-factor to bolster his claim that it was, > in fact

Re: de-peering for security sake

> On Dec 27, 2015, at 11:26 , Christopher Morrow > wrote: > > On Sun, Dec 27, 2015 at 1:59 PM, wrote: >> On Sun, 27 Dec 2015 05:35:19 +0100, Baldur Norddahl said: >> >>> SSH password + key file is accepted as two factor by PCI DSS auditors, so >>> yes it is in fact two factor. >> >> They al

Re: de-peering for security sake

"please cite useful numbers" For what? IDS? SIEM? Log aggregation in general? For companies that have none of that, spinning up the best practice systems can easily cost half a mil a year (QRadar is 200k for our sized environment; a good netflow system is like 50 [100k+ for something like Lanc

Re: de-peering for security sake

On Sun, Dec 27, 2015 at 3:32 PM, Mike Hale wrote: > "done right the cost shouldn't be super much more." > I disagree. Done wrong, it's not super much more. > > Done right, it's massively more. please cite useful numbers... It's not (I think) really all that much more. Sure it's a new expense (no

Re: de-peering for security sake

> The costs add up really fast without a corresponding return. i think there is a corresponding return, just not one that is perceived by the pointy heads. yet. but that is changing as more and more get pwned and the public and legal costs become greater and more apparent. patience. randy

Re: de-peering for security sake

"done right the cost shouldn't be super much more." I disagree. Done wrong, it's not super much more. Done right, it's massively more. Like Randy said, compare salaries alone. A good security employee will run you, what, 100k or more in the major job markets? And how many do you need, full tim

Re: de-peering for security sake

On Sun, Dec 27, 2015 at 2:49 PM, Mike Hale wrote: > "really isn't a whole lot different from 'lock your damned doors and > windows' brick/mortar security." > > Except it's *massively* more expensive. > is it? how much does a datacenter pay for people + locks + card-key + pin-pad + ... vs the r

Re: de-peering for security sake

> 'cyber security' really isn't a whole lot different from 'lock your > damned doors and windows' brick/mortar security. hellofalot more holes to cover. and the salaries of the guards are a bit higher for the net; so more incentive for pointy heads to skimp. randy

Re: IPv4 shutdown in mobile

--- > North America is by far the leader in number of IPv6 enabled customers On the top ten country list, I see 6 European countries (Belgium, Germany, Luxembourg, Estonia, France, Norway) 1 African country (Liberia) 1 North American country (USA) 1 Oceanian country (

Re: de-peering for security sake

"really isn't a whole lot different from 'lock your damned doors and windows' brick/mortar security." Except it's *massively* more expensive. On Sun, Dec 27, 2015 at 11:26 AM, Christopher Morrow wrote: > On Sun, Dec 27, 2015 at 1:59 PM, wrote: >> On Sun, 27 Dec 2015 05:35:19 +0100, Baldur Nord

Re: de-peering for security sake

On Sun, Dec 27, 2015 at 1:59 PM, wrote: > On Sun, 27 Dec 2015 05:35:19 +0100, Baldur Norddahl said: > >> SSH password + key file is accepted as two factor by PCI DSS auditors, so >> yes it is in fact two factor. > > They also accept NAT as "security". If anything, PCI DSS is yet another > examp

Re: de-peering for security sake

On Sun, 27 Dec 2015 05:35:19 +0100, Baldur Norddahl said: > SSH password + key file is accepted as two factor by PCI DSS auditors, so > yes it is in fact two factor. They also accept NAT as "security". If anything, PCI DSS is yet another example of a money grab masquerading as security theater (

Re: IPv4 shutdown in mobile

Mikael Abrahamsson writes: > North America is by far the leader in number of IPv6 enabled customers > which > > https://www.stateoftheinternet.com/trends-visualizations-ipv6-adoption-ipv4-exhaustion-global-heat-map-network-country-growth-data.html#networks > > shows. On the top ten country list,

Re: Broadband Router Comparisons

Nice, but i want my router to have an android environment itself, not just to be controlled by my phone (which i want as well, of course). The proximity sensor for app developers would be fun to play with, for example. Mike On 12/27/2015 09:43 AM, Hugo Slabbert wrote: From: Michael T

Re: Broadband Router Comparisons

From: Michael Thomas -- Sent: 2015-12-27 - 08:49 > > > On 12/26/2015 11:37 PM, Mikael Abrahamsson wrote: >> Providing security updates is just a cost, there is no upside, because >> these boxes sit in a closet, unloved until they stop working, and >> they're thrown out and replaced by

Re: Broadband Router Comparisons

On 12/26/2015 11:37 PM, Mikael Abrahamsson wrote: Providing security updates is just a cost, there is no upside, because these boxes sit in a closet, unloved until they stop working, and they're thrown out and replaced by a new unloved box that goes into the closet until it stops working agai

Re: Broadband Router Comparisons

On 12/26/2015 11:37 PM, Mikael Abrahamsson wrote: If someone like Consumer Reports or similar agency started testing and rating devices on these things like long-time support, automatic updates, software quality etc, and not just testing wifi speed as a factor of distance, we might get somewhere.

Re: de-peering for security sake

> On Dec 26, 2015, at 20:35 , Baldur Norddahl wrote: > > Owen you misunderstood what two factor is about. It is not practical to > brute force the key file. Nor is it practical to brute force a good > passphrase or password. Both have sufficient strength to withstand attack. This simply isn’t a

Re: Broadband Router Comparisons

On Sun, 27 Dec 2015, valdis.kletni...@vt.edu wrote: As finally we come full circle to the original question "who, if anybody, has a list of which things are crap and which aren't" :) Yep, and as far as I know, this list doesn't exist because people doesn't care enough so that someone would pu

Re: Broadband Router Comparisons

On Sun, 27 Dec 2015 08:37:25 +0100, Mikael Abrahamsson said: > If someone like Consumer Reports or similar agency started testing and > rating devices on these things like long-time support, automatic updates, > software quality etc, and not just testing wifi speed as a factor of > distance, we mig