RE : Re: NSA able to compromise Cisco, Juniper, Huawei switches

[Michael Hallgren <m.hallgren () free fr>]

+1, I fully agree. And not only concerning the "domestic" use by country, but also with regards to "information 
peering" with neighbors, and such. 

Enjoy '14! 

mh

-------- Message d'origine --------
De : Ray Soucy <rps () maine edu> 
Date :  
A : Blair Trosper <blair.trosper () gmail com> 
Cc : "nanog () nanog org list" <nanog () nanog org> 
Objet : Re: NSA able to compromise Cisco, Juniper, Huawei switches 
 
I think there needs to be some clarification on how these tools get used,
how often they're used, and if they're ever cleaned up when no longer part
of an active operation.  Of course we'll never get that.

The amount of apologists with the attitude "this isn't a big deal, nothing
to see here, the NSA does this kind of thing" is kind of shocking for this
community; especially with the information that's been released over the
past few months.

This whole backdoor business is a very, very, dangerous game.




On Tue, Dec 31, 2013 at 12:19 AM, Blair Trosper <blair.trosper () gmail com>wrote:

> To supplement and amend what I said:
>
> These are the KINDS of things we want the NSA to do; however, the
> institutional oversight necessary to make sure it's Constitutional,
> warranted, and kept "in bounds" is woefully lacking (if any exists at all).
>   Even FISA is unsatisfactory.
>
> At any rate, I agree that the current disposition of the NSA (or, at least,
> what's been leaking the last few months) is simply unacceptable and cannot
> be allowed.  I say that last part from the perspective of a US citizen,
> though I'd imagine most people of other nationalities would agree with me,
> but probably for different reasons.
>
>
> On Mon, Dec 30, 2013 at 11:08 PM, Jimmy Hess <mysidia () gmail com> wrote:
>
> > On Mon, Dec 30, 2013 at 10:41 PM, Blair Trosper <blair.trosper () gmail com
> > wrote:
> >
> > > I'm torn on this.  On one hand, it seems sinister.  On the other, it's
> not
> > > only what the NSA is tasked with doing, but it's what you'd EXPECT them
> to
> > > be doing in the role as the NSA.
> > [snip]
> >
> > The NSA's role is not supposed to include subterfuge and undermining the
> > integrity or security of domestic enterprise infrastructure
> >
> > With any luck, we'll hopefully find absolutely nothing, or that it was
> > "targetted" backdooring against specific targets only.
> >
> > And people have a need to know that the security agencies haven't left a
> > trail of artificially inserted bugs and backdoors in common IT equipment
> > providing critical infrastructures services,  and that the agencies
> haven't
> > prepared a collection of instant-root 0days,  that are no more protected
> > then the agencies' other poorly guarded "secrets".
> >
> > There would be a risk that any 'backdoors' are ready to be exploited by
> > other unintended nefarious actors!
> > Because the NSA are apparently  great at prepping the flammables and
> > setting fires,    but  totally incapable of  keeping the fires contained,
> > once they  (or someone else)  lights it.
> >
> >
> > It is not the least bit necessary for the NSA itself to be a nefarious
> > actor  exploiting things or even complicit;  for the mere presence of
>   any
> > backdoor or surreptitious code to eventually have the potential for
> serious
> > damage.
> >
> > It could well be a rogue ex-employee of the NSA, such as Snowden,  or
> > others,  that happened to be aware of technical details, hackers, or
> > members of a foreign nation state,  who will just happen to have the time
> > and energy to track down open doors waiting for the taking,  AND  figure
> > out how to abuse them  for evil purposes.
> >
> >
> > There are enough potential 0day risks, without intentional ones,  waiting
> > for bad guys to co-opt!
> >
> > --
> > -JH



-- 
Ray Patrick Soucy
Network Engineer
University of Maine System

T: 207-561-3526
F: 207-561-3531

MaineREN, Maine's Research and Education Network
www.maineren.net