orsino wrote:
There's a difference between being able to get onto a network (via wifi maybe?) and getting physical access to a device.
For starters this is a VoIP device (Product Name: SPA-2102), but even if it weren't it makes no difference to me and in the security realm it shouldn't make a difference to anyone else either.
1) I don't have an open network and if you do and are on this list its either going to be a honeypot or for theft of information (bad guys roam this list too)
2) Think about how insanely stupid it would be to "go on a live network" then ping a VoIP device offline. What does this accomplish other then pure stupidity.
3) Where is the vendor contact information. Was this meant to be posted to Bugtrag or Fool Disclosure?
-- ==================================================== J. Oquendo SGFA #579 (FW+VPN v4.1) SGFE #574 (FW+VPN v4.1) wget -qO - www.infiltrated.net/sig|perl http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3AC173DB
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature