Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Announcing pfSense plus

    Scheduled Pinned Locked Moved Messages from the pfSense Team
    152 Posts 53 Posters 108.7k Views 43 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • dennypageD Offline
      dennypage @rcfa
      last edited by

      @rcfa said in Announcing pfSense plus:

      closed source nature would go straight back to the security through obscurity paradigm

      It's wrong to equate "closed source" and "security through obscurity." They are not the same thing.

      Cool_CoronaC rcfaR 3 Replies Last reply Reply Quote 0
      • Cool_CoronaC Offline
        Cool_Corona @dennypage
        last edited by

        @dennypage When you work in intelligence you know that statement in not true.

        Any closed source product has backdoors built in for snooping and thats what opensource should hinder.

        dennypageD 1 Reply Last reply Reply Quote 0
        • dennypageD Offline
          dennypage @Cool_Corona
          last edited by

          @cool_corona said in Announcing pfSense plus:

          When you work in intelligence you know that statement in not true.
          Any closed source product has backdoors built in for snooping and thats what opensource should hinder.

          Wow.

          Cool_CoronaC 2 Replies Last reply Reply Quote 0
          • Cool_CoronaC Offline
            Cool_Corona @dennypage
            last edited by

            @dennypage Every US product has to have behind the scenes access for intelligence purposes.

            And thats a fact. Not an option.

            1 Reply Last reply Reply Quote 0
            • Cool_CoronaC Offline
              Cool_Corona @dennypage
              last edited by

              @dennypage Thats why a lot of countries in the EU is skipping Chinese and US products and begun to develop own forks.

              JeGrJ 1 Reply Last reply Reply Quote 0
              • rcfaR Offline
                rcfa @dennypage
                last edited by

                @dennypage said in Announcing pfSense plus:

                @rcfa said in Announcing pfSense plus:

                closed source nature would go straight back to the security through obscurity paradigm

                It's wrong to equate "closed source" and "security through obscurity." They are not the same thing.

                In my book they are: it’s either “blind trust” (obscure) or “trust, but verify” (transparent).

                There is by definition no transparency without open source, because, how would you inspect code that’s not open? Reverse compilation? Hack the server and steal the source?
                I think it’s obvious how impractical/illegal any acquisition of transparency of a closed source project would be…

                1 Reply Last reply Reply Quote 0
                • rcfaR Offline
                  rcfa @dennypage
                  last edited by

                  @dennypage said in Announcing pfSense plus:

                  @rcfa said in Announcing pfSense plus:

                  closed source nature would go straight back to the security through obscurity paradigm

                  It's wrong to equate "closed source" and "security through obscurity." They are not the same thing.

                  In my book they are: it’s either “blind trust” (obscure) or “trust, but verify” (transparent).

                  There is by definition no transparency without open source, because, how would you inspect code that’s not open? Reverse compilation? Hack the server and steal the source?
                  I think it’s obvious how impractical/illegal any acquisition of transparency of a closed source project would be…

                  1 Reply Last reply Reply Quote 0
                  • JeGrJ Offline
                    JeGr LAYER 8 Moderator @Cool_Corona
                    last edited by

                    @cool_corona said in Announcing pfSense plus:

                    @dennypage Thats why a lot of countries in the EU is skipping Chinese and US products and begun to develop own forks.

                    Yeah right. That's a very optimistic view on things. So every closed source product has a backdoor, huh. I call bullshit, but hey that's just my opinion. But stating that as a fact is lying as I certainly doubt you have the insight to every freakin' software on the planet that isn't published via an open source license because of different reasons whatever they may be. That's just an opinion of a subset you perhaps know about, but other then that, it's just that - your opinion. A fact would have proof and review.

                    Also - you really think the top reason for the EU to build their own shit is because of "no backdoors"? I'd rather say they don't like others having the possibility to introduce/force their way into a software but you really think they wouldn't do it themselves? Huh. Weird.

                    @rcfa said in Announcing pfSense plus:

                    In my book they are: it’s either “blind trust” (obscure) or “trust, but verify” (transparent).

                    "Trust but verify" in a software context can be achieved easily by an external audit of which Netgate/pfSense already had one. So perhaps there will be another one in the future? Wouldn't count against it as it's likely to happen for requirements of various reasons (like needs to be certified etc. blah)
                    "Trust but verify" profits from code being publicly available or open source. But it doesn't need it. OSS is no guarantee for a better product, but it sure can help to achieve it. But all those cries for OpenSource sound a bit stale if noone actually does the work, reads the code, checks the state it is in. And most that argue about it don't.

                    @rcfa said in Announcing pfSense plus:

                    There is by definition no transparency without open source, because, how would you inspect code that’s not open? Reverse compilation? Hack the server and steal the source?

                    Huh? Never heard of audits under contract? They are done all the time. Even big corporations like "evil Microsoft" have contracts with companies so they get access to the source for development or security auditing reasons.

                    Cheers

                    Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                    If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                    Cool_CoronaC 1 Reply Last reply Reply Quote 3
                    • Cool_CoronaC Offline
                      Cool_Corona @JeGr
                      last edited by

                      @jegr I work closely with people in intelligence and foreign Ministry departments regarding embassy and consulates.

                      US Intelligence has backdoors built in everything thats coming from the US or has US ownership.

                      https://www.reuters.com/article/us-usa-security-congress-insight-idUSKBN27D1CS

                      noplanN 1 Reply Last reply Reply Quote 0
                      • noplanN Offline
                        noplan @Cool_Corona
                        last edited by

                        @cool_corona said in Announcing pfSense plus:

                        US Intelligence has backdoors built in everything thats coming from the US or has US ownership.

                        That's bloody f@#&* bullshit

                        In other words if true and not concerning the obligation in smojecaround the patriot act all us hardware must be banned emediatally from official European institutions

                        BR Q

                        Cool_CoronaC 1 Reply Last reply Reply Quote 0
                        • Cool_CoronaC Offline
                          Cool_Corona @noplan
                          last edited by

                          @noplan And here we go....

                          https://www.popularmechanics.com/technology/security/a34533340/nsa-tech-back-doors-software/

                          https://edri.org/our-work/foreign-authorities-are-banning-google-and-microsoft-services-from-schools-the-czech-republic-is-floundering/

                          https://www.zdnet.com/article/nsa-backdoors-us-hardware-headed-overseas-greenwald/

                          Lets not discuss this further. Its pointless.

                          R 1 Reply Last reply Reply Quote 0
                          • R Offline
                            rcoleman-netgate Netgate @Cool_Corona
                            last edited by

                            @cool_corona said in Announcing pfSense plus:

                            Lets not discuss this further. Its pointless.

                            Indeed. Take it into https://forum.netgate.com/category/2/off-topic-non-support-discussion

                            Ryan
                            Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                            Requesting firmware for your Netgate device? https://go.netgate.com
                            Switching: Mikrotik, Netgear, Extreme
                            Wireless: Aruba, Ubiquiti

                            1 Reply Last reply Reply Quote 1
                            • R rcoleman-netgate locked this topic on
                            • M mwatch unpinned this topic on
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.