![nanog logo](/images/nanog-logo.png)
nanog mailing list archives
Re: NSA able to compromise Cisco, Juniper, Huawei switches
From: Saku Ytti <saku () ytti fi>
Date: Wed, 1 Jan 2014 11:55:37 +0200
On (2013-12-31 23:04 +0000), Warren Bailey wrote:
that RSA had a check cut for their participation (sell outs..), would it be out of the realm of possibility cisco knowingly placed this into their product line? And would it be their mistake to come out with a “we had no idea!” rather than “guys with badges and court orders made us do it!”?
Is this legal? Can NSA walk in to US based company and legally coerce to install such backdoor? If not, what is the incentive for private company to cooperate? If legal, consider risk to NSA. Official product ran inside company to add requested feature, hundred of people aware of it. Seems both expensive to order such feature and almost guaranteed to be exposed by some of the employees. Alternative method is to presume all software is insecure, hire 1 expert whose day job is to search for vulnerabilities in IOS. Much cheaper, insignificant risk. Which method would you use?
techniques isn’t a surprise to me, what is a surprise to me is the level of acceptance the IT community has shown thus far on NANOG.
This seems like generalization, majority opinion seems to be, government has no business spying on us. Someone contacted me yesterday, after reading how I'd love to see some of these attacks dissected and analysed to gain higher quality data than screenshot of PDF. He told me, he and his employer are cooperating with their vendor right now looking at attack done against router they operate and claimed they are aware of other operators being targeted. Unfortunately he couldn't share any specifics, so hopefully we'll soon have situation where someone can dissect publicly any of the attacks. If this is as widespread as claimed, and if we'll gain knowledge how to see if you are affected, there are potentially repercussions on geopolitical scale, as I'm sure many on these lists would go public and share information if they'd find being targeted. -- ++ytti
Current thread:
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Florian Weimer (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Paul Ferguson (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Warren Bailey (Dec 31)
- <Possible follow-ups>
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Saku Ytti (Jan 01)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Randy Bush (Jan 01)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Valdis . Kletnieks (Jan 01)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Jimmy Hess (Jan 01)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Eugeniu Patrascu (Jan 01)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Saku Ytti (Jan 02)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Eugeniu Patrascu (Jan 02)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Paul Ferguson (Dec 31)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Brandon Butterworth (Jan 01)
- Re: NSA able to compromise Cisco, Juniper, Huawei switches Marco Teixeira (Jan 01)