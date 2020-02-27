Expert On Report: Zyxel 0day Affects Its Firewall Products By Security Experts February 27, 2020 54 0 Dot Your Expert Comments Facebook Twitter WhatsApp Google LinkedIn Email In response to the Krebs on Security report indicating that Zyxel 0day affects firewall products, experts offer perspective. EXPERTS COMMENTS Andre Gironda, VP, Cerberus Sentinel February 27, 2020 Zyxel just made a mistake and has made good with patched firmware to help their customers in the short, mid, and long term. Zyxel, Taiwanese-owned, and similar to other Taiwanese device manufacturers such as Acer, ASUS, D-Link, HTC, Gigabyte Technology, Microtek, and QNAP Systems, makes commodity consumer hardware that is bound to have security bugs. However, Zyxel isn't bebugging (i.e., purposefully placing security bugs in code to be used later as would the other kind of bugs made famous during the Cold War era for t ....[Read More >>]Zyxel, Taiwanese-owned, and similar to other Taiwanese device manufacturers such as Acer, ASUS, D-Link, HTC, Gigabyte Technology, Microtek, and QNAP Systems, makes commodity consumer hardware that is bound to have security bugs. However, Zyxel isn't bebugging (i.e., purposefully placing security bugs in code to be used later as would the other kind of bugs made famous during the Cold War era for their functionality as ranged listening devices) like Chinese-borne vendor, Huawei. -- notorious to the NSA as Enemy Number One. Zyxel just made a mistake and has made good with patched firmware to help their customers in the short, mid, and long term. There are some things Zyxel and these others could do that will really change the game. App development languages such as Rust not only feature better code-level protections against memory corruption attacks, but also lever Machine Learning and Artificial Intelligence modules through crates (Rust language terminology similar to Java class libraries) such as Rust datafusion. OWASP has proposed safety languages and secure frameworks since mid inception when OWASP released the ESAPI and ASVS projects for secure APIs and appsec verification standards. Many embedded systems vendors adding Rust and ML/AI to their base Operating Systems and dependencies will integrate OWASP standards to achieve a higher level of privacy and hardened-grade security. Let's start shipping this paradigm today. Share Like(0) If you are an expert on this topic: Dot Your Expert Comments SUBSCRIBE to alert when new comments are posted on this news. : Subscribe In this article Expert Comments
