[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

NSA able to compromise Cisco, Juniper, Huawei switches

Subject: NSA able to compromise Cisco, Juniper, Huawei switches
From: cboyd at gizmopartners.com (Chris Boyd)
Date: Tue, 31 Dec 2013 12:55:10 -0600
In-reply-to: <CALFTrnOtGF+Juc54dQcOEfCVC-cmHb_L6bc6h_HG5_6-Y7BaMA@mail.gmail.com>
References: <CADb1SusoPKF0n0rhazJ0GKMLLQMh=-EL83ruzu6cyuoVp4L2jA@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CALFTrnMeLEbVNB+KPQWdgjonrERv04G+h4_Ypfz3QxF+uQXGiA@mail.gmail.com> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <CAA5Ek4dzn2rbO1+g0qUFxNsqQZ1oahStcQ3qAuxVbpy0fFEMuA@mail.gmail.com> <CAAAwwbUiQ8MjBpeJO=0Hky5=AtnhRLFO2xW_UmhkmThD2Zp=nA@mail.gmail.com> <CAA5Ek4ee+v=BvgGcw1OJA9sc+eTJTbeCjsCNmHhNo82p8cs8mw@mail.gmail.com> <CALFTrnOtGF+Juc54dQcOEfCVC-cmHb_L6bc6h_HG5_6-Y7BaMA@mail.gmail.com>

On Dec 31, 2013, at 7:05 AM, Ray Soucy wrote:

> I think there needs to be some clarification on how these tools get used,
> how often they're used, and if they're ever cleaned up when no longer part
> of an active operation.  Of course we'll never get that.

But that's exactly what we need.

Look at CALEA.  It has its warts and issues, but the rules are published so everyone knows how the game is played.  Even with NSLs, there's apparently some oversight, and you can challenge certain aspects (though it's a long and expensive process).

But backdooring gear, servers, BIOS, etc. has no rules.  It's just chaos.  You don't know if a customer has been targeted, so you can't take appropriate steps.  You have no way of knowing if your gear is backdoored or who is using the backdoor.  And simply knowing that there is a backdoor will increase the chances that it will be found and used by others.

The known threat landscape has been increased by orders of magnitude.

--Chris

References:
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: stenrulz at gmail.com (sten rulz)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: erey at ernw.de (Enno Rey)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: sam at circlenet.us (Sam Moats)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rps at maine.edu (Ray Soucy)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: sabri at cluecentral.net (Sabri Berisha)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: nanog at armoredpackets.com ([AP] NANOG)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rdobbins at arbor.net (Dobbins, Roland)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: blair.trosper at gmail.com (Blair Trosper)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: mysidia at gmail.com (Jimmy Hess)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: blair.trosper at gmail.com (Blair Trosper)
- NSA able to compromise Cisco, Juniper, Huawei switches
  - From: rps at maine.edu (Ray Soucy)

Prev by Date: Why are we fixated on Multimode fiber for high bandwidth communication?
Next by Date: NSA able to compromise Cisco, Juniper, Huawei switches
Previous by thread: Juniper SSL VPN
Next by thread: NSA able to compromise Cisco, Juniper, Huawei switches
Index(es):
- Date
- Thread