Home
Blogs
Forums
News
Portfolios
Projects
Tutorials
19 users logged in
New? Learn about game development.
Before posting, review our community guidelines.
Follow Us
Chat in the GameDev.net Discord!

🎉 Celebrating 25 Years of GameDev.net! 🎉

Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!

Back to GDNet Lounge

3 years lack of vigilance! Another normal day

Started by
1 comment, last by Binomine 8 years, 7 months ago
Data vigilance and Security has always been a delicate issue so many times, for so long and so often that it has become a non-issue
So I didn't see this headline "router maker finds unauthorised code" as any big deal, until I read:
"The range of products affected suggests that the extra software has been lurking inside different versions of ScreenOS since 2012." and consequently exposing VPN... at least according to this article
For a company that supplies routers to ISPs , this seems like another normal working day! OR is this the mother of all lack-of-vigilance-crime?
... I'm missing something, I thought VPN is supposed to be secured, at least Wikipedia back me up on this

VPNs allow employees to securely access the corporate intranet while travelling outside the office.

Implication: would you trust communication which involves your company's most sensitive data over VPN?

can't help being grumpy...

Just need to let some steam out, so my head doesn't explode...

Advertisement

I thought VPN is supposed to be secured

(emphasis mine)

The only constant in security is that it can be royally fucked up a hundred ways from Sunday, and there's only one right way to do it. Which would be to hire a very expensive team of security experts and engineers, and trust no 3rd-party software whatsoever. For obvious reasons, very few companies operate this way...

would you trust communication which involves your company's most sensitive data over VPN?

Your choices are (a) trust a VPN, or (b) don't communicate over the internet. Since (b) is is clearly not acceptable in this day and age, you trust a VPN. Though apparently, not a Juniper Networks VPN.

Tristam MacDonald. Ex-BigTech Software Engineer. Future farmer. [https://trist.am]


Implication: would you trust communication which involves your company's most sensitive data over VPN?

No. The Snowden documents seem to indicate that VPN is not a problem for the NSA. Even though VPN is secure theoretically, there's a few points of attack, such as everyone using a few seed numbers, that makes it probably not safe if you're trying to hide from the government.

If you're using VPN to hide from your competitors, and your competitors don't really have the pull to use governmental espionage to read your secrets, then you're probably safe.

Relevant XKCD:

https://xkcd.com/538/

This topic is closed to new replies.

Advertisement

Popular Topics

gamelordofdeath
Should you allow modding of your game? Games Business and Law
abyssal
How do you give purpose to a game? Game Design and Theory
Diaspora
9 Slicing in OpenGL, want to have the center of the texture repeat instead of stretch Graphics and GPU Programming
ShapeSpheres
Are game engines typically a static/dynamic library? For Beginners
Calin
0xC0000005: Access violation reading location Engines and Middleware
Advertisement

Recommended Tutorials

Myopic Rhino
SDL & Fonts General and Gameplay Programming
Myopic Rhino
Game Port: Game Development in Singapore Part 2 Business and Law
Myopic Rhino
XGDX 2004 Report Event Coverage
JoshuaWaring
Cache In A Multi-Core Environment General and Gameplay Programming
Myopic Rhino
Multiple Monitor Support Code General and Gameplay Programming

Reticulating splines

About GameDev.net
Community Guidelines
Terms of Service
Privacy Policy
Contact Us
Copyright (c) 1999-2024 GameDev.net, LLC
Back to Top