Presentation is loading. Please wait.

Presentation is loading. Please wait.

Open-Source vs Proprietary Virtual Private Network (VPN) Solutions

Published byBeryl Lucas Modified over 6 years ago

Similar presentations

Presentation on theme: "Open-Source vs Proprietary Virtual Private Network (VPN) Solutions"— Presentation transcript:

1 Open-Source vs Proprietary Virtual Private Network (VPN) Solutions
Keith S. Morgan & Paul S. Graham Los Alamos National Laboratory Institute of Nuclear Materials Management Just Trust Me Workshop March 12-13, 2019 Albuquerque, New Mexico LA-UR

2 Outline Open Source vs Proprietary Just Trust Open Source
Software Licensing Continuum Source Models Business Models Development Models Just Trust Open Source Just Trust Proprietary Case Study: VPN Juniper ScreenOS CVE OpenSSL CVE

3 Software Licensing Continuum
MIT, Apache Who does this anymore? Not licensed GPL Lawyers Public Domain Permissive Protective Freeware Shareware Proprietary

4 Open Source / Free and Open Source
Source Models Open Source / Free and Open Source Closed Source Public Domain Permissive Protective Freeware Shareware Proprietary Open Source 10 requirements: Free and Open Source Software (FOSS) 4 freedoms: Open Source ≠ Free and Open Source See:

5 Business Models Services Open Core Public Domain Permissive Protective
Freeware Shareware Proprietary Open Core Donations Free trial Purchase

6 Development Models Proprietary Open Source Steward / Governance
Company Foundation BDFL Community development processes Limited community contributions Public milestone releases Publicly visible development (source, roadmap, etc.) Open, community driven

7 Just Trust Open Source Pros: Freedom Crowd sourcing Cons:
Audit (provenance, vetting) Control your destiny (bug fixes, features) Crowd sourcing ”Given enough eyeballs, all bugs are shallow." (Linus Torvalds) Cons: Eyeballs also looking for exploits Broad developer base Support varies

8 Just Trust Proprietary
Pros: Support is more common No prying eyeballs (hopefully!) Limited / controlled developer base Financial interests may lead to more focused attention Cons: No freedom No auditing (possibly even discouraged) At the mercy of the code’s owner Potentially fewer resources for vetting Black box development

9 Case Study: VPN What is VPN? (client-to-site, site-to-site)

10 Juniper ScreenOS Operating system for the NetScreen line of security devices from Juniper Networks Acquired by Juniper Networks in $4B acquisition of Netscreen Technologies (2004) Continues to exist in parallel with Junos OS

11 Juniper ScreenOS CVE-2015-7755
“During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections.”

12 Juniper ScreenOS CVE-2015-7755
“gain administrative access”

13 Juniper ScreenOS CVE-2015-7755
“decrypt VPN connections”

14 OpenSSL Software library for secure communications over computer networks; also a general-purpose cryptography library Used by open source web servers like Apache and nginx with a combined 66% market share of active web sites according to Netcraft's April 2014 Web Server Survey Also used to protect servers (SMTP, POP and IMAP protocols), chat servers (XMPP protocol), virtual private networks (SSL VPNs), network appliances and wide variety of client side software 

15 OpenSSL CVE Bug in OpenSSL implementation of TLS heartbeat extension (RFC6520) Allows attacker to read memory of vulnerable systems; compromising private information (e.g. keys, passwords, etc.) and thus enabling an attacker to eavesdrop, steal data and/or impersonate services and users.

16 OpenSSL CVE

17 Conclusion Open Source vs Proprietary: Who do you trust?
Just Trust ... Open Source Freedom to audit Crowd sourcing Just Trust ... Proprietary No prying eyeballs (hopefully!) Limited / controlled developer base No one-size-fits-all solution

18 Credits Slide 3 Slide 4 Slide 5
Graphic Adapted From SQLite Logo By Part of the SQLite documentation, which has been released by author D. Richard Hipp to the public domain. SVG conversion by Mike Toews. - SVG created from sqlite370.eps, distributed with version documentation, Public Domain, Apache HTTP Server Logo By The Apache Software Foundation - From File:ASF-logo (2016).svg, edited in Inkscape: rotated to match the design of File:Apache HTTP server logo (2016).png and some cleanup; optimised using Scour., Apache License 2.0, Linux Logo By Larry Ewing, Simon Budig, Garrett LeSage - garrett/Tux on GitHub, CC0, Doom Logo By Source, Fair use, Windows Logo By Microsoft - File:Windows Server 2012 logo.svg, Public Domain, Slide 4 Slide 5 Red Hat Logo By Source, Fair use, Redis Logo By Source (WP:NFCC#4), Fair use,

19 Credits Slide 6 Slide 9 Slide 10 Slide 11 Slide 12 Slide 13 Slide 14
Apache Software Foundation Logo By The Apache Software Foundation (ASF) - Apache License 2.0, Linus Torvalds Portrait By Krd (photo)Von Sprat (crop/extraction) - File:LinuxCon Europe Linus Torvalds 03.jpg, CC BY-SA 4.0, Android Logo By Google - File:Android robot.svg, CC BY 3.0, OpenSSL Logo By OpenSSL authors - Public Domain, Slide 9 Image By Ludovic.ferre (talk · contribs) - Own work, CC BY-SA 4.0, Slide 10 Image: Slide 11 Source: Slide 12 Image: Slide 13 Source: Slide 14 Slide 15 Source: Image: Slide 16 Image By FenixFeather - Own work, CC BY-SA 3.0,

Download ppt "Open-Source vs Proprietary Virtual Private Network (VPN) Solutions"

Similar presentations

Free Beer and Free Speech Thomas Krichel

Free Beer and Free Speech Thomas Krichel
GNU / Linux A free operating system. Summary History What can you find on a Linux OS Linux Economy.

GNU / Linux A free operating system. Summary History What can you find on a Linux OS Linux Economy.
Popular Web client and server programs This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License. Skills: none IT.

Popular Web client and server programs This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 License. Skills: none IT.
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
CMPTR1 CHAPTER 3 COMPUTER SOFTWARE Application Software – The programs/software/apps that we run to do things like word processing, web browsing, and games.

CMPTR1 CHAPTER 3 COMPUTER SOFTWARE Application Software – The programs/software/apps that we run to do things like word processing, web browsing, and games.
Software of Information Systems Hun Myoung Park, Ph.D., Public Management and Policy Analysis Program Graduate School of International Relations International.

Software of Information Systems Hun Myoung Park, Ph.D., Public Management and Policy Analysis Program Graduate School of International Relations International.
Linux Basics. What is an Operating System (OS)? An Operating System (OS) is an interface between hardware and user which is responsible for the management.

Linux Basics. What is an Operating System (OS)? An Operating System (OS) is an interface between hardware and user which is responsible for the management.
CHAPTER 6 OPEN SOURCE SOFTWARE AND FREE SOFTWARE

CHAPTER 6 OPEN SOURCE SOFTWARE AND FREE SOFTWARE
RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.

RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.
Linux Basics CS 302. Outline  What is Unix?  What is Linux?  Virtual Machine.

Linux Basics CS 302. Outline  What is Unix?  What is Linux?  Virtual Machine.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Intellectual Property Rights An Overview of Laws, Licenses and Copyright Protection A Presentation by Team 9 Perhaps the Greatest Team Ever to Exist…EVER!

Intellectual Property Rights An Overview of Laws, Licenses and Copyright Protection A Presentation by Team 9 Perhaps the Greatest Team Ever to Exist…EVER!
VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District

VPN: An Easy Software / Appliance Solution for Remote Access Robert Gulick, EdD DBA/Technology Trainer Parma City School District
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
LO2 Understand the key components used in networking

LO2 Understand the key components used in networking
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
Operating Systems AOIT Principles of Information Technology.

Operating Systems AOIT Principles of Information Technology.
A Comparison of Linux vs. Windows Bhargav A. Sorathiya B.E. 4 th C.E. Roll no:6456.

A Comparison of Linux vs. Windows Bhargav A. Sorathiya B.E. 4 th C.E. Roll no:6456.
Unit 5- Computer Software.  Identify how hardware & software interact  Explain how a software program works  Describe the difference between application.

Unit 5- Computer Software.  Identify how hardware & software interact  Explain how a software program works  Describe the difference between application.

Similar presentations

Ads by Google