NSA able to compromise Cisco, Juniper, Huawei switches
jeff-kell at utc.edu
Tue Dec 31 04:54:59 UTC 2013
On 12/30/2013 11:06 PM, [AP] NANOG wrote:
> As I was going through reading all these replies, the one thing that
> continued to poke at me was the requirement of the signed binaries and
> microcode. The same goes for many of the Cisco binaries, without direct
> assistance, which is unclear at this point through the cloud of smoke so
> to speak, it would be difficult to load this code post implementation or
Signed binaries?? Surely you jest...
Try download *anything* from Cisco TAC these days with a new browser and
latest Java and see how many exceptions you have to make to get an
"allegedly" legitimate copy of "anything".
If you don't like it, open a TAC case, and count the number of
exceptions you have to make to get to THAT point as well. And of course
they'll want you to upload a "show tech" first thing, and see how many
MORE exceptions you have to make to get that to work.
Geez, just open ASDM today I have to honor Java exceptions.
We're all getting far too conditioned for the "click OK to proceed"
overload, and the sources aren't helping.
More information about the NANOG