[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSA able to compromise Cisco, Juniper, Huawei switches

Subject: NSA able to compromise Cisco, Juniper, Huawei switches
From: mike at mtcc.com (Michael Thomas)
Date: Mon, 30 Dec 2013 08:11:32 -0800
In-reply-to: <[email protected]>
References: <CADb1SusoPKF0n0rhazJ0GKMLLQMh=-EL83ruzu6cyuoVp4L2jA@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CALFTrnNzUUzPf_Lmu8+fLcddpK9-Pknx89AfXcX--VN6d3u0sQ@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]>

On 12/30/2013 08:03 AM, Dobbins, Roland wrote:
> On Dec 30, 2013, at 10:44 PM, <Valdis.Kletnieks at vt.edu> <Valdis.Kletnieks at vt.edu> wrote:
>
>> What percentage of Cisco gear that supports a CALEA lawful intercept mode is installed in situations where CALEA doesn't apply, and thus there's a high likelyhood that said support is misconfigured and abusable without being noticed?
> AFAIK, it must be explicitly enabled in order to be functional.  It isn't the sort of thing which is enabled by default, nor can it be enabled without making explicit configuration changes.
>
>

Also, the way that things are integrated it's usually an explicit 
decision to pull a piece of functionality
in rather than inheriting it. Product managers don't willingly want to 
waste time pulling things
in that a) don't make them money, and b) require support. So I doubt 
very seriously that CALEA
functionality is accidentally included into inappropriate things. Doubly 
so because of the performance
implications.

Mike

References:
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: stenrulz at gmail.com (sten rulz)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: saku at ytti.fi (Saku Ytti)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: ag4ve.us at gmail.com (Shawn Wilson)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: saku at ytti.fi (Saku Ytti)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rps at maine.edu (Ray Soucy)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)

Prev by Date: NSA able to compromise Cisco, Juniper, Huawei switches
Next by Date: NSA able to compromise Cisco, Juniper, Huawei switches
Previous by thread: NSA able to compromise Cisco, Juniper, Huawei switches
Next by thread: NSA able to compromise Cisco, Juniper, Huawei switches
Index(es):
- Date
- Thread