nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NSA able to compromise Cisco, Juniper, Huawei switches

From: Jay Ashworth <jra () baylink com>
Date: Mon, 30 Dec 2013 22:51:13 -0500 (EST)
----- Original Message -----

From: "Ray Soucy" <rps () maine edu>



I hope when [if] the truth is learned it is a lot less prevalent than
it sounds, but I'm not optimistic.

This is why we need all infrastructure to be implemented using open
standards, open hardware designs, and open source software IMHO.

I hope Cisco, Juniper, and others respond quickly with updated images
for all platforms affected before the details leak.


I hate to be Even More Paranoid Than That (and if I go off-air for more than
about a week, assume those Black Eyeshades types whose mention got me kicked 
off the list after Katrina came for me :-), but contemplate this:

===

If you were the NSA, and you had a spandy new image with lots of great 
backdooring and kill-switching all ready to do, and you'd plunked it in
Cisco's TAC download site (with or without their knowledge)...

...what do you suppose you'd do?

Wouldn't you want some way to motivate everyone to grab that new image and 
plonk it on all their devices as fast as possible?

Wouldn't it be the definition of irony if the way you got everyone to install
your bug on their router ... was because they were afraid you already had?

Is Ken Thompson turning over in his grave yet?

===

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra () baylink com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA               #natog                      +1 727 647 1274
Previous By Date Next
Previous By Thread Next

Current thread: