Search the Community
Showing results for tags 'SPT'.
As many of you know, I spent some time researching the CSL CS2300-R SPTs last year. I found a series of issues that I think are serious problems. CSL have had 17 months to deal with these issues, and after them dawdling, I opted for co-ordinated disclosure of the issues via CERT/CC. CSL have had 45 days to respond to CERT/CC, and only did so on Friday with a statement that is largely spin and distraction. In summary, the issues found: CSL have developed incredibly bad encryption, on a par with techniques state-of-the-art in the time before computers. CSL have not protected against