NSA able to compromise Cisco, Juniper, Huawei switches

Saku Ytti saku at ytti.fi
Tue Dec 31 17:05:57 UTC 2013

On (2013-12-31 16:22 +0100), nanog at mitteilung.com wrote:

> Since some weeks all my cisco / juniper equipment was replaced with open
> source solutions (sometimes with embedded devices) and that works fine.
> Google as search engine and Facebook accounts are deleted and some more
> things. Cloud solutions outside europe now are forbidden for me. Thank
> you NSA & Co. for your "great" work :-(

Back in 2008 when Sweden publicly stated that their SIGINT police, 'FRA',
starts to spy all traffic coming and going to Swedish borders.

Finnish pirate party had two suggestions to this revelation

1) Finland needs own direct fibre connection to Germany, to by-pass Swedish
  -- sounds good, since only those who tell about spying, spy
  -- germany has flawless recent history record about spying

2) Finland needs goverment operated mandator VPN box in border
  -- Just like other civilized states, like China and Saudi Arabia.

Point I'm making, it's naive to think landscape has changed or that
non-implied instances are safer.
The most local cloud providers I know personally, and conversely they know me
personally, so there is quite high degree of likelyhood for them to come up
with reason to access my data. If I'm worried about the data, I should store
it myself.
If the data is non-encrypted email, there are so many points to intercept it
at, make sure it is something that survives being published. If it's
encrypted, it does not much matter where you store it, as long as you don't
decrypt it there.


More information about the NANOG mailing list