bloomberg on supermicro: sky is falling

valdis.kletnieks at valdis.kletnieks at
Mon Oct 8 17:15:27 UTC 2018

On Mon, 08 Oct 2018 08:53:55 -0500, Daniel Taylor said:
> Especially when you have companies out there that consider VPN a
> reasonable way to handle secure data transfer cross-connects with
> vendors or clients.

At some point, you get to balance any inherent security problems with the
concept of using a VPN against the fact that while most VPN software has a
reasonably robust point-n-drool interface to configure, most VPN alternatives
are very much "some assembly required".

Which is more likely?  That some state-level actor finds a hole in your VPN
software, or that somebody mis-configures your VPN alternative so it leaks keys
and data all over the place?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 486 bytes
Desc: not available
URL: <>

More information about the NANOG mailing list