On Mon, Dec 30, 2013 at 8:07 AM, Ray Soucy <r...@maine.edu> wrote: > > I hope Cisco, Juniper, and others respond quickly with updated images for > all platforms affected before the details leak.
So, if this plays out nice (if true, it won't), the fix will come months before the disclosure. Think, if you're leasing a router from your ISP, you might not have the ability to update it (or might violate your contract). So, you need to wait for [manufacturer] to update, test, and release an update, then you need to work with your provider to make sure the update gets pushed correctly. Also, even open hardware isn't completely open - see the Pi - probably the most open of hardware stacks. The CPU isn't completely open. Also, see FreeBSD not using hardware PRNG for this reason.
