Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: markomalley

The linked article is most interesting.

It seems like TDLS has to be carefully implemented. The standard put in all sorts of checks to make sure the devices establishing a TDLS connection were on the same network, but it seems like this vendor left in code that allows send a tunneled probe request without even having a TDLS connection. That was probably for convenience in debugging, but when you move something to production you’re supposed to take these hooks out.

Looking at the overall architecture described in the article, it looks pretty much like a kludge. They probably had multiple programmers working on it, and had to allow executable code in the stack to maintain memory-management discipline among the team.


5 posted on 04/04/2017 7:37:32 PM PDT by proxy_user
[ Post Reply | Private Reply | To 1 | View Replies ]

To: proxy_user

‘Production’ environments (outside of specialized domains) have been In Name Only for close to a decade.

He who shoves crap out fastest in two week (or less) sprints is now winner.


6 posted on 04/04/2017 7:52:39 PM PDT by Mr. M.J.B.
[ Post Reply | Private Reply | To 5 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson