nanog mailing list archives
Re: BGP Experiment
From: Eric Kuhnke <eric.kuhnke () gmail com>
Date: Sat, 26 Jan 2019 12:29:11 -0800
I think a better question is, once a vulnerability has become widespread public knowledge, do you expect malicious actors, malware authors and intelligence agencies of autocratic nation-states to obey a gentlemens' agreement not to exploit something? There is not a great deal of venn diagram overlap between "organizations that will pay $2 million for a zero day remote exploit on the latest version of iOS" and "people who care about whether Randy Bush recommends them for a job". On Sat, Jan 26, 2019 at 8:16 AM Randy Bush <randy () psg com> wrote:
i just want to make sure that folk are really in agreement with what i think i have been hearing from a lot of strident voices here. if you know of an out-of-spec vulnerability or bug in deployed router, switch, server, ... ops and researchers should exploit it as much as possible in order to encourage fixing of the hole. given the number of bugs/vulns, are you comfortable that this is going to scale well? and this is prudent when our primary responsibility is a running internet? just checkin' randy PS: if you think this, speak up so i can note to never hire or recommend you. PPS: Anant Shah, Romain Fontugne, Emile Aben, Cristel Pelsser, and Randy Bush; "Disco: Fast, Good, and Cheap Outage Detection"; TMA 2017 ^^^^^ :)
Current thread:
- Re: BGP Experiment, (continued)
- Re: BGP Experiment valdis . kletnieks (Jan 24)
- Re: BGP Experiment Tom Beecher (Jan 25)
- Re: BGP Experiment Randy via NANOG (Jan 25)
- Re: BGP Experiment Mark Tees (Jan 25)
- Re: BGP Experiment Mark Tees (Jan 25)
- Re: BGP Experiment Randy Bush (Jan 26)
- Re: BGP Experiment Owen DeLong (Jan 26)
- Re: BGP Experiment valdis . kletnieks (Jan 26)
- Re: BGP Experiment Owen DeLong (Jan 26)
- Re: BGP Experiment Randy Bush (Jan 26)
- Re: BGP Experiment Eric Kuhnke (Jan 26)
- Re: BGP Experiment Nick Hilliard (Jan 26)
- Re: BGP Experiment Randy Bush (Jan 26)
- Re: BGP Experiment William Allen Simpson (Jan 27)
- [2019/01/27] Re: BGP Experiment Hansen, Christoffer (Jan 27)
- Re: BGP Experiment Randy Bush (Jan 27)
- Re: BGP Experiment Nick Hilliard (Jan 27)
- Re: BGP Experiment Brian Kantor (Jan 28)