Hi Giles
On 2013-10-10 12:39, Giles Coochey wrote:
On 10/10/2013 09:38, Thinker Rix wrote:
On 2013-10-10 01:13, Przemysław Pawełczyk wrote:
On Thu, 10 Oct 2013 00:05:22 +0300
Thinker Rix <thinke...@rocketmail.com> wrote:
Well, actually I started this thread with a pretty frank,
straight-forward and very simple question.
That's right and they were justified.
Thank you!
BTW, you pushed to the corner the (un)famous American hubris (Obama: US
is exceptional.), that's the nasty answers from some.
Yes, I guess I have hit a whole bunch of different nerves with my
question, and I find it to be highly interesting to observe some of
the awkward reactions, socioscientificly and psychologically.
I have been insulted, I have been bullied, I have been called to
self-censor myself and at the end some users "virtually joined" to
give the illusion of a majority an muzzle me, stating, that my
question has no place at this pfSense mailing list. Really amazing,
partly hilarious reactions, I think.
These reactions say so much about how far the whole surveillance and
mind-suppression has proceeded already and how much it has influenced
the thoughts and behavior of formerly free people by now. Frightening.
Thinker Rix, you are not alone at your unease pressing you to ask
those questions about pfSense and NSA.
Thank you for showing your support openly!
I too was surprised to see some activity on the pfsense list, after
seeing only a few posts per week I checked today to find several dozen
messages talking about a topic I have been concerned with myself - as
a network security specialist, how much can I trust the firewalls I
use, be they embedded devices, software packages, or 'hardware' from
manufacturers.
Exactly. The firewall is the neuralgic point of each of the networks
that we administer. Thinking - and talking - about it's integrity is the
most natural and most important thing on earth, IMO.
There are many on-topic things to discuss here:
1. Which Ciphers & Transforms should we now consider secure (pfsense
provides quite a few cipher choices over some other off the shelf
hardware.
2. What hardware / software & configuration changes can we consider to
improve RNG and ensure that should we increase the bit size of our
encryption, reduce lifetimes of our SAs that we can still ensure we
have enough entropy in the RNG on a device that is typically starved
of traditional entropy sources.
You made some highly relevant and interesting suggestions here, and I
sincerely hope that a fruitful discussion will develop upon this so that
we all can benefit of it!
This is so much on-topic, I am surprised that there has been a
movement to call this thread to stop, granted - it may seem that the
conversation may drift into a political one, with regard to privacy
law etc... however, that is a valid sub-topic for a discussion list
that addresses devices that are designed and implemented to safe-guard
privacy.
This echoes my sentiments exactly!
Regards
Thinker Rix
_______________________________________________
List mailing list
List@lists.pfsense.org
http://lists.pfsense.org/mailman/listinfo/list