|Main Archive Page > Month Archives > full-disclosure-uk archives|
No, the source is VERY good. They just don't admit it openly on their website like Vocera's documentation.
From: JxT [mailto:firstname.lastname@example.org]
Sent: Thursday, February 21, 2008 8:21 AM To: George Ou
Subject: Re: [Full-disclosure] Cisco and Vocera wireless LAN VoIP devices don't check certificates
On 2/21/08, George Ou <email@example.com> wrote: "I am also waiting for verification on Cisco's wireless VoIP handsets. I heard that the Cisco devices have the same design flaw, but it's fairly simple to confirm if you have one of those wireless LAN VoIP handsets."
So you just generalize and make assumptions about a product based on heresay? If the product is vulnerable, that's one thing. Go ahead and write about it, but if you can't confirm the vulnerability of the product, don't attempt to use a company to garner more attempts at reading your article. Perhaps your title should have read. "I think Cisco is vulnerable, but I don't know?" We all know Cisco is no better than anyone else when it comes to bugs/issues, but don't just go making assumptions and posts without proof. That's just sad journalism!