8 Oct
2018
8 Oct
'18
1:15 p.m.
On Mon, 08 Oct 2018 08:53:55 -0500, Daniel Taylor said:
Especially when you have companies out there that consider VPN a reasonable way to handle secure data transfer cross-connects with vendors or clients.
At some point, you get to balance any inherent security problems with the concept of using a VPN against the fact that while most VPN software has a reasonably robust point-n-drool interface to configure, most VPN alternatives are very much "some assembly required". Which is more likely? That some state-level actor finds a hole in your VPN software, or that somebody mis-configures your VPN alternative so it leaks keys and data all over the place?