log
192 entries in 0.494s
mircea_popescu: so communicate that, how hard can it be. "oh, cisco, so last century. white man has made even more cornell-ian cornell nao."
mircea_popescu: in any case -- our objerction to the microshit/cisco/cornell pile is that they're NOT NEARLY WHITE ENOUGH, for our tastes.
Mocky: http://btcbase.org/log/2018-10-19#1864270 >> I don't have everything sorted in my mind. I don't know yet what they need or perceive that they need. or how to position myself with respect to the microsoft/cisco/cornell they have respect so much.☝︎
asciilifeform: betcha it would, if usg.cisco.crapple had built it..
mircea_popescu: because we're not really into measuring shitty nat routers on cisco customer walls per se.
asciilifeform: both types suffer from the sort of brain damage where they're readily taken in by pseudorepublic, where 'bulletproof hosting' served up on cisco and advertised with rounded corners www on rails etc
asciilifeform: i dun disagree with mircea_popescu one bit, in re 'juniper/cisco Must Die'. but their death cannot be made from shoe string and bubble gum.
mircea_popescu: asciilifeform you understand, item by cisco/friends not amounting to a rockchip plant sells to usg.tards for 100k sorta money.
asciilifeform: they put a 4u cisco thing in the basement somewhere and it replaces whole thing
asciilifeform: ( and the linked item is typical, usually it's a laughable hardcoded pw, cisco-style )
asciilifeform: BingoBoingo: at your option, run new piece, and replace my 'cisco' link with yours
Mocky: I've never been, but a look at job listings for mexico city features tons of amzn, cisco, jpmorgn, ibm, honeywell etc.
deedbot: http://qntra.net/2018/05/another-set-of-undocumented-default-static-user-credentials-spotted-in-cisco-gear/ << Qntra - Another Set Of "Undocumented Default Static User Credentials" Spotted In Cisco Gear
a111: Logged on 2018-04-18 11:59 ascii_lander: 'we do not have isolation' is more honest than 'we have cisco-powered isolation'
a111: Logged on 2018-05-06 15:57 asciilifeform: it is in the conveyor, along with 'where from?' stat in 'factor/123' page (e.g. 'debian collection', 'cisco', etc)
asciilifeform: it is in the conveyor, along with 'where from?' stat in 'factor/123' page (e.g. 'debian collection', 'cisco', etc)
mircea_popescu: yeah, they lost that whole thing. intel's getting cisco'd.
asciilifeform: ( other items in phuctor conveyor : display of info re factor in the per-factor pg ( e.g. http://phuctor.nosuchlabs.com/factor/5223 ) when something interesting is known about it -- e.g. 'debian collection', 'nsa.mikrotik', 'cisco', etc
deedbot: http://qntra.net/2018/04/cisco-products-hit-with-vulnerability-in-firms-security-markup-language/ << Qntra - Cisco Products Hit With Vulnerability In Firm's "Security Markup Language"
ascii_lander: 'we do not have isolation' is more honest than 'we have cisco-powered isolation'
ascii_lander: afaik nobody other than cisco and juniper, neither of which i will deal with, sells this item as a prepackaged product.
ckang: if you consider the cost being router/switch and avoiding cisco
ckang: with a cisco like interface
ascii_lander: ckang: we won't use cisco
mp_en_viaje: http://btcbase.org/log/2018-02-01#1779055 << lel. tmsr-cisco cert.☝︎
mircea_popescu: in other openssl gets prizes, today cisco got lenin prize for secure communications.
asciilifeform: and >dozen . remember, cisco has to put it through london and brisbane...
mircea_popescu: trinque talk about "octet quad too hard". check THIS shit out ; i expect qualification here actually exceeds cisco qual.
asciilifeform: rather than waiting for 10,000km of usg.cisco and usg.fiber relays to churn.
mircea_popescu: http://btcbase.org/log/2017-10-19#1726719 << here's model : intel box B behind cisco switch S. NSA N sends magic packet M. S notices packet it received does not match rules operator O set ; S notices M matches rules N baked in and so S lets packet M pass in spite of this breaking its submission to O. B receives packet M, acts accordingly, breaking its submission to O. perhaps B also responds, with packet M'. S notices M' does☝︎
BingoBoingo: Own in the sense I manage the settings on the appliance instead of trusting DC to not assign the task to their jolo. And at desired connection speeds switch handles the routing, unless you wanna go Cisco.
asciilifeform: ( slightly moar expensive if you discard nsa.cisco & nsa.juniper )
asciilifeform: ( after which xilinx & altera market will look like cisco's -- tame idjits only )
mircea_popescu: http://btcbase.org/log/2017-08-30#1706402 yes, but you also think openssh would be tested before using. was not. debian tested before using. was not. cisco routers tested ; not. pantsuited hilarity mail setup ; not. and so on.☝︎
asciilifeform: ( notice how cisco is 'in business as usual', wholly disconnected from whether any actual people would even conceive of buying from it )
mircea_popescu: not cisco right ? that's good.
erlehmann: > Last weekend, in an attempt to get Sky's NOW TV video player (for Mac) to work on my machine, I noticed that one of the Cisco executables contains a private key that is associated with the public key in a trusted certificate for a cisco.com sub domain.
erlehmann: https://it.slashdot.org/story/17/06/20/1526259/cisco-subdomain-private-key-found-in-embedded-executable#comments
mircea_popescu: (i don't mean, item you buy from cisco. i mean, computer.)
asciilifeform: d 1513671; and by a gift from Cisco. P. Lou was supported by the Rachleff Scholars program at the University of Pennsylvania. We are grateful to Cisco for donating much of the hardware used for our experiments.'
asciilifeform: i suspect that if either baikal or elbrus ~existed~ in commercially relevant qtys, it would handily corner the 'fuck cisco and usg crapolade' market worldwide
mircea_popescu: asciilifeform the "not on cisco equipment" part == "incompatible nic".
asciilifeform: 'Whitelist-only networking may help contain the vulnerability, provided of course that it's not implemented on Cisco equipment.' sounded like it was about lan filtration, so not same idea
mats: cisco's not special in that way, just particularly visible
Framedragger: (https://www.wired.com/images_blogs/threatlevel/files/cisco_presentation.pdf &c, for posterity)
asciilifeform: Framedragger: possibly the one meritorious thing cisco ever did, if true.
Framedragger: not sure if falun gong really had done much at that point. but cisco wiretapping was used to track 'em down and kill 'em
Framedragger: i still say 'fuck you cisco' for pitching (and later selling) customised surveillance infrastructure to china by saying that its shit can "combat ‘Falun Gong’ evil religion and other hostiles" (sic)
asciilifeform: ( supposedly confessed and patched in 2012... https://tools.cisco.com/security/center/viewAlert.x?alertId=27612 . supposedly. )
Framedragger: isn't internet backbone basically juniper + cisco still? :(
asciilifeform: various cisco rootkits, also, but these i regard as a snore
asciilifeform: 'Cisco's WebEx extension (jlhmfgmfgeifomenelglieieghnjghma) has ~20M active users, and is part of Cisco's popular web conferencing software. The extension works on any URL that contains the magic pattern "cwcsf-nativemsg-iframe-43c85c0d-d633-af5e-c056-32dc7efc570b.html", which can be extracted from the extensions manifest. Note that the pattern can occur in an iframe, so there is not necessarily any user-visible indication of what is
asciilifeform: also lulzy is the visible to naked eye disjunction between the 'sv world' (the cisco phones) and ye olde Golden Toilets That Worked (the raytheon thing)
mircea_popescu: what next, cisco networking hardware ?
mircea_popescu: of course this leads them to buying no less than two cisco 5596UP. that's 25 grand.
asciilifeform: https://web.archive.org/web/20010123231000/http://www.ftc.gov/opa/predawn/F93/cisco.txt << lel from BingoBoingo's old link
mircea_popescu: can we say #cisco or wut.
BingoBoingo: <mircea_popescu> basically, the whole medieval period lived on hobo wine. cheap, sweetened, etc. the exact thing, midnight thunder or w/e it's called. << Thunderbird, Night Train, Mad Dog, Wild Irish Rose, and Cisco. RIP Ripple.
BingoBoingo: The legally mandated disclaimer on Cisco reads: "This is not a wine cooler 8 servings"
BingoBoingo: <mircea_popescu> ripple, the us take on amontillado ? << Nah, that's Cisco http://www.bumwine.com/cisco.html
asciilifeform: https://archive.is/qZNlh << aaaaand elsewhere in lulzdom, 'Leaked NSA hacking tools are now being used on Cisco customers, according to the tech giant. The company published an advisory on Friday saying that NSA grade hacking tools are now being used against customers.'
mircea_popescu: hard to properly word a "company not around" clause is the problem. according to usg, ibm and cisco are both "still around".
asciilifeform: 'Hungary-based security consultancy SilentSignal has ported a public exploit to newer models of Cisco's Adaptive Security Appliance (ASA). .... The exploit was restricted to versions 8.4.(4) and earlier of ASA boxes and has now been expanded to 9.2.(4).'
asciilifeform: http://www.theregister.co.uk/2016/08/24/equation_group_exploit_expanded_to_target_cisco_924_asa_boxes << in yet other lulz.
asciilifeform: same folks who buy cisco, juniper, huawei (which incidentally...)
asciilifeform: competes, apparently, with cisco et al.
mircea_popescu: html5 had a fighting chance as "not just text" ; it lost. this shit is dumber still, with a larger ground to cover still, with less talent and intellectual capacity involved ; and with the corporate nonsense that formed the original impetuus, from apple "app store" to cisco via intel/amd fritzchips etc dying left and right. the bottom's already fell out of apple store, there's no revenue made, and all these idiots can go back
asciilifeform: ( the thing that is not clear to me is what part of this leak prevents even a single parcel from being intercepted, with old ~or~ new cisco rubbish in it, and patched to admit the cock, supposing any of these devices even ~need~ such treatment, given that the master keys are escrowed already )
mircea_popescu: asciilifeform people stopped buying new cisco cca 2012 anyway.
asciilifeform: i even believe in the authenticity of the cisco crud, it is simply not esp. interesting
asciilifeform: cisco garbage is not 'crown jewel' to asciilifeform .
asciilifeform: https://xorcatt.wordpress.com/2016/08/16/equationgroup-tool-leak-extrabacon-demo << some fella tested one of the cisco payloads. appears to work.
asciilifeform: 'scripts' is misnomer, these are docs, mainly concerning the patching of fw in proprietary shitware (e.g., cisco, fortinet)
mats: don't remember if i mentioned this, but a friend of mine that works at cisco says their calea team is expanding the scope of their work beyond what's in the letter of the law
mircea_popescu: possibly same garbage dump cisco went
fromphuctor: in particular i have the SUSPECT that router from juniper and cisco might build random keys that are not random at all
maqp: hardware you get from mail can be backdoored. https://leaksource.files.wordpress.com/2015/03/nsa-tao-cisco-interdiction.jpg
mod6: <+mircea_popescu> mod6 here's the problem with "Bitcoinos" : you will want it adapted for bitcoin needs, which necessarily means it won't be your tool of choice for doing almost anything else, which necessarily means maintaining it will be a pain in the ass. << agree. I think that what I'm getting at is maybe it ends up being like cisco ios.
asciilifeform: ments to this work come from Accenture, ANZ Bank, Cisco, CLS, Credits, Deutsche Börse, Digital Asset Holdings, DTCC, Fujitsu Limited, IC3, IBM, Intel, J.P. Morgan, London Stock Exchange Group, Mitsubishi UFJ Financial Group (MUFG), R3, State Street, SWIFT, VMware and Wells Fargo.'
assbot: Logged on 20-10-2015 19:06:16; ascii_field: l0l cisco box. mircea_popescu took it off a dead nazi, or what.
pete_dushenski: http://log.bitcoin-assets.com/?date=20-10-2015#1303764 << i bet that cisco box contains shrunken heads of usg wreckers☝︎
mircea_popescu: exactly the right height. all the useful engineering cisco ever did.
ascii_field: l0l cisco box. mircea_popescu took it off a dead nazi, or what.
ascii_field: see, e.g., their 'cisco struck a blow against hackerz!1111' idiocy
assbot: Issue 460 - google-security-research - Cisco AnyConnect Secure Mobility Client v3.1.08009 Elevation of Privilege - Google Security Research - Google Project Hosting ... ( http://bit.ly/1FuR9hF )
thestringpuller: ascii_field: take compulsory remote updates from usg ? << srsly. it's backed by Cisco aka Spookware Incorporated.
asciilifeform: mircea_popescu: you had an article, iirc, about u.s. firms voluntarily bending over by installing cisco and related gear, to avoid the rougher and less lubricated anal inspection of 'national security letter' etc.
thestringpuller: Cisco hardware has been diddle more than catholic school boys.
asciilifeform: Run Moar Cisco !
asciilifeform: http://cdn.arstechnica.net/wp-content/uploads/2014/05/nsa-pwn-cisco-640x373.jpg << them.
mircea_popescu: what next, cisco still sells routers ?
asciilifeform: i think he'd rather move the packets with pencil and paper than so much as look at a 'cisco'
decimation: and yes, I realize we all hate cisco
decimation: cisco 3945e claims to handle 3mpps (64byte) for instance, can be had on ebay for 5-10k
mircea_popescu: it pointedly did not work foir cisco.
BingoBoingo: "sell support" worked for cisco and oracle when marketing to the helpless and overencumbered with bezzle
assbot: Logged on 19-07-2015 19:28:54; jurov: of course, but cisco just moves bits and does not do crypto
jurov: of course, but cisco just moves bits and does not do crypto
decimation: jurov: to be fair, cisco does the same thing (custom logic in router)
assbot: Logged on 30-06-2015 15:57:34; pete_dushenski: "Cisco Systems Inc (CSCO.O) said on Tuesday it would buy OpenDNS, a privately held cloud-based security company, for $635 million in cash and equity awards to beef up its security business." << might as well consolidate the crown corps, save on letterhead.