Displaying 1 result from an estimated 1 matches for "bleakinquiry".
2015 Jul 10
0
[Bug 764] fully remove product and version information
...nimize revealing metadata by
default, or at least have the option to do so.
Over in Debian, there's a similar Bug [0], which states that this
version string "is used as a selector in NSA's XKEYSCORE queries in
conjunction with the metadata database of potentially exploitable
services (BLEAKINQUIRY) by the NSA group 'S31176' for targeted exploit
and compromise [1][2]".
I respect the argument, that it might be "necessary to use the version
for protocol compatibility tweaks". So keep it in, and leave it enabled
by default.
But I see no reason why an operator if an SSHd...