NSA able to compromise Cisco, Juniper, Huawei switches

Jimmy Hess mysidia at gmail.com
Tue Dec 31 05:08:53 UTC 2013


On Mon, Dec 30, 2013 at 10:41 PM, Blair Trosper <blair.trosper at gmail.com>wrote:

> I'm torn on this.  On one hand, it seems sinister.  On the other, it's not
> only what the NSA is tasked with doing, but it's what you'd EXPECT them to
> be doing in the role as the NSA.
>
[snip]

The NSA's role is not supposed to include subterfuge and undermining the
integrity or security of domestic enterprise infrastructure

With any luck, we'll hopefully find absolutely nothing, or that it was
"targetted" backdooring against specific targets only.

And people have a need to know that the security agencies haven't left a
trail of artificially inserted bugs and backdoors in common IT equipment
providing critical infrastructures services,  and that the agencies haven't
prepared a collection of instant-root 0days,  that are no more protected
then the agencies' other poorly guarded "secrets".

There would be a risk that any 'backdoors' are ready to be exploited by
other unintended nefarious actors!
Because the NSA are apparently  great at prepping the flammables and
setting fires,    but  totally incapable of  keeping the fires contained,
once they  (or someone else)  lights it.


It is not the least bit necessary for the NSA itself to be a nefarious
actor  exploiting things or even complicit;  for the mere presence of  any
backdoor or surreptitious code to eventually have the potential for serious
damage.

It could well be a rogue ex-employee of the NSA, such as Snowden,  or
others,  that happened to be aware of technical details, hackers, or
members of a foreign nation state,  who will just happen to have the time
and energy to track down open doors waiting for the taking,  AND  figure
out how to abuse them  for evil purposes.


There are enough potential 0day risks, without intentional ones,  waiting
for bad guys to co-opt!

--
-JH



More information about the NANOG mailing list