BLU Discuss list archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Discuss] Mothballing Synology NAS
- Subject: [Discuss] Mothballing Synology NAS
- From: richard.pieri at gmail.com (Richard Pieri)
- Date: Mon, 5 Feb 2018 11:50:20 -0500
- In-reply-to: <D69DE299.70BAC%joe@polcari.com>
- References: <8a884270-d6f5-49f0-5359-f52b224d0b3d@gmail.com> <69cedecdf4522a21490a720194a2246d.squirrel@mail.mohawksoft.com> <D69DE299.70BAC%joe@polcari.com>
On 2/5/2018 10:30 AM, Joe Polcari wrote: > I just got an update today which, I think, covers it. The CVE referenced in the release notes fixes a local privilege escalation bug in ipesc. The Meltdown/Spectre CVEs are still listed as "Ongoing" as of this writing: https://www.synology.com/en-us/support/security/Synology_SA_18_01 On 2/5/2018 9:33 AM, markw at mohawksoft.com wrote: > This is common across the industry. EMC, Cisco, IBM, and others have > said basically the same thing. I would dump synology because its > crap, but not because of that. My IBM references rank Meltdown/Spectre as "High Severity". Likewise, my Netapp references rank them as "High Severity". Cisco (network side) does rank them lower because network gear has a much smaller attack surface than general purpose computers. The people on the Unity side rank them much higher. But then, Synology's failure to take these vulnerabilities seriously does put them in the "crap" category. :) -- Rich P.
- Follow-Ups:
- [Discuss] Mothballing Synology NAS
- From: greg at freephile.com (Greg Rundlett (freephile))
- [Discuss] Mothballing Synology NAS
- References:
- [Discuss] Mothballing Synology NAS
- From: richard.pieri at gmail.com (Richard Pieri)
- [Discuss] Mothballing Synology NAS
- From: markw at mohawksoft.com (markw at mohawksoft.com)
- [Discuss] Mothballing Synology NAS
- From: joe at polcari.com (Joe Polcari)
- [Discuss] Mothballing Synology NAS
- Prev by Date: [Discuss] Mothballing Synology NAS
- Next by Date: [Discuss] Mothballing Synology NAS
- Previous by thread: [Discuss] Mothballing Synology NAS
- Next by thread: [Discuss] Mothballing Synology NAS
- Index(es):