On the Juniper backdoor

Posted on December 23, 2015 by mea

To sum up, some hacker or group of hackers noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional — you be the judge! They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone — maybe a foreign government — was able to decrypt Juniper traffic in the U.S. and around the world.

And all because Juniper had already paved the road.

Source: A Few Thoughts on Cryptographic Engineering: On the Juniper backdoor

One of the most serious concerns we raise during these meetings is the possibility that encryption backdoors could be subverted. Specifically, that a backdoor intended for law enforcement could somehow become a backdoor for people who we don’t trust to read our messages. Normally when we talk about this, we’re concerned about failures in storage of things like escrow keys. What this Juniper vulnerability illustrates is that the danger is much broader and more serious than that.

“Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

Posted on December 18, 2015 by mea

As involved as that process was, getting unauthorized code covertly installed into an official operating system and keeping it there for years would appear to be an even more complicated—and brazen—undertaking. This 2013 article published by Der Spiegel reported that an NSA operation known as FEEDTHROUGH worked against Juniper firewalls and gave the agency persistent backdoor access.

Source: “Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic | Ars Technica

Juniper Targets SDN With Another Core Switch

Posted on March 29, 2013 by mea

The new direction that the switch represents is programmability. As SDN develops, more and more protocols are coming into play. VXLAN from VMware Inc. and NVGRE from Microsoft Corp. would be two examples, both being protocols for moving virtual machines around the network.

via Light Reading – Juniper Targets SDN With Another Core Switch.

Junosphere Lab

Posted on October 1, 2012 by mea

Junosphere Lab is a first-of-its-kind offer from Juniper Networks that can reduce the costs of network planning and modeling by as much as 90%. Junosphere Lab provides a virtual environment where you can create and run elements and networks running the Junos operating system. You can use these networks to model your network, plan for new services, or examine “what-if” scenarios.

via Junosphere Lab – Juniper Networks.

Bucktown Bell

Cut to the chase.

Tag Archives: juniper

On the Juniper backdoor

“Unauthorized code” in Juniper firewalls decrypts encrypted VPN traffic

Juniper Targets SDN With Another Core Switch

Junosphere Lab