On the Juniper backdoor

To sum up, some hacker or group of hackers noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional — you be the judge! They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone — maybe a foreign government — was able to decrypt Juniper traffic in the U.S. and around the world.

And all because Juniper had already paved the road.

Source: A Few Thoughts on Cryptographic Engineering: On the Juniper backdoor

One of the most serious concerns we raise during these meetings is the possibility that encryption backdoors could be subverted. Specifically, that a backdoor intended for law enforcement could somehow become a backdoor for people who we don’t trust to read our messages. Normally when we talk about this, we’re concerned about failures in storage of things like escrow keys. What this Juniper vulnerability illustrates is that the danger is much broader and more serious than that.

“Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

As involved as that process was, getting unauthorized code covertly installed into an official operating system and keeping it there for years would appear to be an even more complicated—and brazen—undertaking. This 2013 article published by Der Spiegel reported that an NSA operation known as FEEDTHROUGH worked against Juniper firewalls and gave the agency persistent backdoor access.

Source: “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic | Ars Technica

Junosphere Lab

Junosphere Lab is a first-of-its-kind offer from Juniper Networks that can reduce the costs of network planning and modeling by as much as 90%. Junosphere Lab provides a virtual environment where you can create and run elements and networks running the Junos operating system. You can use these networks to model your network, plan for new services, or examine “what-if” scenarios.

via Junosphere Lab – Juniper Networks.