Re: NSA able to compromise Cisco, Juniper, Huawei switches

[Randy Bush <randy () psg com>]

Warren Bailey <wbailey () satelliteintelligencegroup com>
> I find it insanely difficult to believe cisco systems has a backdoor
> into some of their product lines with no knowledge or participation.

actually, i suspect a mix of both, the usg encouraging calea gone bad
(while committing to bad-mouth huawei), and the TAO crew developing
serious attacks based on unintended product vulnerabilities.

> Google has some deniability, as their networks were compromised
> without their knowledge.

i doubt we will ever learn the extent of surprise vs culpability of
google, apple, twitter, msoft, ...

Saku Ytti <saku () ytti fi>
> Is this legal?

ROFL

> If this is as widespread as claimed, and if we'll gain knowledge how
> to see if you are affected, there are potentially repercussions on
> geopolitical scale, as I'm sure many on these lists would go public
> and share information if they'd find being targeted.

we are dealing with a world in which there are attackers and victims and
very few white hats to be seen.  exposure via journalism, thanks
@ioerror, wikileaks, ... and constructive hacking to make protocols and
products more resistant are the main paths available to us.

and if you want to be ambarrassed for our peers, see the ietf pissing
all over itself deciding whether they can make simple statements that
these things are attacks and the ietf needs to do something about its
protocols.

---

https://www.youtube.com/watch?v=cOCWTRJCnf0

randy

Attachment: _bin
Description: