> Cisco has already warned customers about two exploits found in the NSA-linked data recently dumped by hackers calling themselves The Shadow Brokers. Now, researchers have uncovered another attack included in the cache, which they claim allows the extraction of VPN passwords from certain Cisco products—meaning hackers could snoop on encrypted traffic.
> Security researcher Mustafa Al-Bassam first documented the hacking tool, which uses the codename BENIGNCERTAIN, in a blog post published Thursday. He coined the attack “PixPocket” after the hardware the tool targets: Cisco PIX, a popular, albeit now outdated, firewall and VPN appliance. Corporations or government departments might use these devices to allow only authorised users onto their network.
> Based on his analysis of the code, Al-Bassam writes that the tool works by sending a packet to the target machine that makes it dump some of its memory. Included in that dump is the VPN’s authentication password, which is used to log into the device.
>NSA forces backdoors to be added to software >backdoor leaks, anyone can use it simply eric
Dominic Gomez
PIX is ancient. It's still a big fucking deal, because quite frankly it's likely the NSA have other tools that can replicate the same shit on other, more modern devices. I don't doubt they built a framework to find remote memory read exploits. There's also SECONDDATE, a tool that, used in conjunction with implants, allows for easy traffic injection.
Noah Lopez
I hope it all burns.
Adrian Young
Best thing all this shit is the hard evidence of hardware being backdoored. I really hope cisco goes bankrupt. It will be a good example for other businesses like CPU manufacturers.
Zachary Hall
Mustafa Al-Bassam aka lulzsec
Ayden Williams
Nothing in those tools indicate Cisco has hardware backdoors in devices. If anything, it indicates the opposite.
It's interesting that they don't feel like patching the PIX vulnerability, but then it is a discontinued product.
Gavin Sanders
I've heard some user saying that it's better to have a vpn in some god-forsaken country (because in-country you're kinda fucked for privacy), but doesn't that mean you're opening yourself to whatever ancientware the guys in Kyrgyzstan are running?
Xavier Mitchell
So, is it worth gettting the Cisco certificates beyond CCNA?
Angel Wright
Nope, sorry. As always, nobody will give a shit.
Jonathan Hill
VPNs aren't really designed for privacy or anonymity in the first place, and using them to try and accomplish that is a Sisyphean task. Be aware of the limitations of the software you're using; IPSec is fucked, and SSL libraries are usually lumbering leviathans full of crypto implementation failures and bugs. If you need anonymity, use Tor. If you need "privacy" on a hostile network, then a VPN (or SSH tunnels) is probably fine against someone running Firesheep or whatever MITM tool is in vogue right now.
Levi Morgan
>implying that's what this is
Ayden Reed
>NSA has to build cracking tools for hardware with backdoors yeah, that totally adds up
Jackson Barnes
Welcome to today's Sup Forums.
Lucas King
>not using OpenBSD on SPARC machines
Henry Watson
>SPARC im sorry but it's just not worth the wattage in many applications
Kevin Russell
What's a better architecture, then? MIPS?
Henry Peterson
>implying Theo's mentalist thinking has anything to do with real security.
When your "proof" of security revolves around not having many listening services, you're doing it wrong.
Install Hardened Gentoo.
William Walker
Cisco international sales have been declining steadily since the Snowden leaks
Parker Phillips
lol, you are like a tech vegan
useless
Daniel Turner
Are you guys just saying this shit, or are you legitimately using it? SPARC, MIPS, and PowerPC development is not very active. The distros which do support them, you still have to jump through hoops to get everything working properly because the one or two maintainers left don't have access to a wide variety of machines to test on. If you don't like x86, arm is the only other platform with legs.
Jose Lopez
Replaced by Huawei, literally the Chinese Cisco. Even full of Cisco source code.
Cooper Lopez
>he doesn't steal electricity from his neighbor
Angel Gomez
>Shadow Brokers
*steps out of the shadows*
Christian Harris
>Cisco PIX, a popular, albeit now outdated that's an understatement i guess if you want to hack factory and hospital equipment this could be cool
Sebastian James
>it's another "all SPARC systems are 16U octa-socket space heaters" episode
>not very active What the fuck does that even mean? Embedded MIPS devices and PowerPC systems both have currently maintained mainstream distros that plenty of people are using just fine. SPARC has the *BSDs as well as Gentoo, plus illumos distributions which also enable you to use the very much actively maintained OpenCSW repos.
>b-but muh shovelware Build it, dipshit. It's not hard.