Dailydave mailing list archives

Re: Question re: Juniper

From: Laurens Vets <laurens () daemon be>
Date: Thu, 20 Apr 2017 21:21:26 -0700

On 2017-04-20 12:37, Dave Aitel wrote:

Did Juniper actually fix the many bugs that led to the potential for backdoor access via the trojaned random number 
generator, or just change the key back to the original? 

In other words, if I have the private key, can I still decrypt Juniper VPN traffic, or no? 

-dave


If you're talking about the Dual_EC stuff in ScreenOS, yes, allegedly
Juniper completely removed that RNG: 

https://arstechnica.com/security/2016/01/juniper-drops-nsa-developed-code-following-new-backdoor-revelations/

_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Current thread:

Question re: Juniper Dave Aitel (Apr 20)
- Re: Question re: Juniper Joshua (Apr 21)
  - Re: Question re: Juniper Dave Aitel (Apr 21)
- Re: Question re: Juniper Laurens Vets (Apr 21)