
Ripple20 Vulnerabilities in the Supply Chain - soberman
https://www.jsof-tech.com/ripple20/#HN
======
inglor
Hey, this is the same people who wrote the HP firmware analysis article right?

> We also developed a script that companies can run themselves, to identify
> Treck products in their own networks. This will not be 100% effective at
> this stage, but can be an efficient, effective complementary approach, since
> it addresses the difficulty in identifying relevant users in a cloudy supply
> chain trail.

Would be useful to actually get a link to said script? It's pretty vague to
get the reference.

~~~
acepace
Yep, same people.

------
aSplash0fDerp
This goes beyond ripple20, but TCP/IP is like an old friend that has become a
meth addict in their old age.

There are a lot of good memories, but trust as of late is non-existent for
good reason.

The first nerd(s) to go TCP/IP'less will truely be living on a native 21st
century infrastructure (without the baggage/exploitation/vulnerabilities of
20th century protocols).

Going TCP/IP'less is better than inbox-zero.. By far.

