New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Juniper's ScreenOS had unauthorised code that allowed decryption
Juniper Networks has issued a warning after discovering "unauthorised code" in its firewall software.
Analysis of the rogue code shows that it can decrypt scrambled data being sent through virtual private networks.
Apparently this code has been in their software since 2012, but they have no reason to believe it was being actively exploited.
Anyone using it should update as they have released patches.
Comments
It's not just some vague "code" that "allowed decryption"... there's a full blown remote root access backdoor.
http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/
It's that phrase "unauthorized code" that troubles me and demands more information. I don't even know what ScreenOS is so I'm not worried about the compromise itself, I'm worried about how unauthorized code gets into their products and is missed for years.
Rogue employee went unchecked for years? That would indicate a serious lack of accountability.
inb4 "blame the nsa!"
Always
Guess the firewall has quite some lines of code.
Pretty sure some Dev used it for testing or whatever, forgot to remove it or someone put his testing version live without QA.
Seriously... if it works, there is no real reason to review the 'already checked' code and it might just have been reused again and again...
Cheers
To be fair, I would consider this as legit possibility.
http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
That is a legit possibility however, I'm doubtful.