undefined | Better HN

0 pointsmpyne5mo ago0 comments

Perhaps more importantly to a non-U.S. nations is that there are a lot of military networks that touch the public Internet whose security from outside attack is more or less premised on F5's implementation of mutual TLS to CACs.

Finding a way to subvert that authentication or, better yet, bypass it entirely, could put U.S. military networks that can be reached over the public Internet at risk of remote exploitation. Those networks can often also reach other military networks not directly exposed to the public Internet.

0 comments

wbl5mo ago

The same F5 responsible for the existence of the padding extension in TLS? And that still has predictable TCP sequence numbers by default.

j / k navigate · click thread line to collapse

0 pointsmpyne5mo ago0 comments

0 comments

wbl5mo ago

The same F5 responsible for the existence of the padding extension in TLS? And that still has predictable TCP sequence numbers by default.

j / k navigate · click thread line to collapse