Firewall Wizards mailing list archives
RE: bodacion
From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Wed, 22 May 2002 02:02:40 -0700
Date: Mon, 20 May 2002 16:05:59 -0700 From: "Christopher Gripp" <cgripp () axcelerant com> To: "Dave Piscitello" <dave () corecom com>, <firewall-wizards () nfr com> It seems to me the 'security' of this server is based on secrecy = regarding the 'OS'. Even though they claim it is has no OS. There HAS = to be software designed to control the hardware of a specific = data-processing system in order to allow users and application programs = to make use of it. Therefore by definition this server HAS an OS. I = wouldn't put much faith in it lasting very long in the public domain. = One may never be able to take control of the system but I would be = willing to wager there are dozens of DoS attacks that this system, just = like OTHER appliances, are vulnerable to. Maybe someone will find an = exploit for SSL tomorrow. Suddenly their precious server becomes = exploitable. Christopher Gripp=20 Systems Engineer=20 Axcelerant
In looking at the Bodacion site, one comes to the conclusion that their main claim-to-fame is a mathematical algorithm for creating random (or "predictably random") numbers. It seems that the main applications they are touting for this technology is to replace existing number generators for things like key generation, session ID creation on webservers and IP sequence number generation. Now while that sounds somewhat interesting, they also claim that because their box is an "embedded system", it somehow becomes magically impenetrable. Hahaha. My marketing double-talk detector goes off when I start to read stuff like this: "With no command line, no shell, no access to critical system files, and no superfluous processes, HYDRA is totally secure." "Based on a patent-pending biomorphic sequence.." Biomorphic. Oh! That must be the thing that makes me want to *vomit* when I read it. <g> Phil -- Philip J. Koenig pjklist () ekahuna com Electric Kahuna Systems -- Computers & Communications for the New Millenium _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://list.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: bodacion Crispin Cowan (May 21)
- Re: bodacion Dave Piscitello (May 21)
- <Possible follow-ups>
- Re: bodacion David Klann (May 21)
- Re: bodacion Carric Dooley (May 22)
- RE: bodacion Christopher Gripp (May 21)
- RE: bodacion Philip J. Koenig (May 22)