 |
 |
> While an SSL VPN connection initiated by a PC does not make the campus > network visible to other machines in the case where the machine isn't > otherwise compromised, it's only a matter of time before some user's > machine is infected and allows some unknown third party to see into a > network they wouldn't otherwise have access to. You weren't trusting those machines staff and students have at home, were you? You weren't trusting those home routers to be secure in the first place, were you? You weren't trusting stuff more because it was on the campus network, were you? You weren't assuming there are no consumer-grade routers on the campus network, were you? You weren't trusting machines in the VPN address space more than anything else coming from off campus, were you? If your trust model is sane, a another home router vulnerability will make roughly zero difference to you. If your trust model isn't sane, fixing a home router vulnerability will make roughly zero difference to you. De