Firewall Wizards mailing list archives

RE: bodacion

From: "Philip J. Koenig" <pjklist () ekahuna com>
Date: Wed, 22 May 2002 02:02:40 -0700

Date: Mon, 20 May 2002 16:05:59 -0700
From: "Christopher Gripp" <cgripp () axcelerant com>
To: "Dave Piscitello" <dave () corecom com>, <firewall-wizards () nfr com>

It seems to me the 'security' of this server is based on secrecy =
regarding the 'OS'.  Even though they claim it is has no OS.  There HAS =
to be software designed to control the hardware of a specific =
data-processing system in order to allow users and application programs =
to make use of it.  Therefore by definition this server HAS an OS.  I =
wouldn't put much faith in it lasting very long in the public domain.  =
One may never be able to take control of the system but I would be =
willing to wager there are dozens of DoS attacks that this system, just =
like OTHER appliances, are vulnerable to.  Maybe someone will find an =
exploit for SSL tomorrow.  Suddenly their precious server becomes =
exploitable.

Christopher Gripp=20
Systems Engineer=20
Axcelerant



In looking at the Bodacion site, one comes to the conclusion that 
their main claim-to-fame is a mathematical algorithm for creating 
random (or "predictably random") numbers.

It seems that the main applications they are touting for this 
technology is to replace existing number generators for things like 
key generation, session ID creation on webservers and IP sequence 
number generation.

Now while that sounds somewhat interesting, they also claim that 
because their box is an "embedded system", it somehow becomes 
magically impenetrable.  Hahaha.  My marketing double-talk detector 
goes off when I start to read stuff like this:

"With no command line, no shell, no access to critical system files, 
and no superfluous processes, HYDRA is totally secure."

"Based on a patent-pending biomorphic sequence.."


Biomorphic.  Oh!  That must be the thing that makes me want to 
*vomit* when I read it.  <g>


Phil



--
Philip J. Koenig                                       pjklist () ekahuna com
Electric Kahuna Systems -- Computers & Communications for the New Millenium

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

Re: bodacion Crispin Cowan (May 21)
- Re: bodacion Dave Piscitello (May 21)
- <Possible follow-ups>
- Re: bodacion David Klann (May 21)
  - Re: bodacion Carric Dooley (May 22)
- RE: bodacion Christopher Gripp (May 21)
- RE: bodacion Philip J. Koenig (May 22)