NSA able to compromise Cisco, Juniper, Huawei switches
Jared Mauch
jared at puck.nether.net
Tue Dec 31 18:21:15 UTC 2013
On Dec 31, 2013, at 12:49 PM, Enno Rey <erey at ernw.de> wrote:
> Hi,
>
> some approaches were discussed in 2010, by Graeme Neilson from NZ here:
>
> https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf
>
> a later year, at the same conference, he gave a private session demonstrating basically the same stuff for JunOS, as ongoing (and, at the time, non-public) research.
>
> happy NYE to everybody
What I found mildly amusing this summer was most of the outlines of the summer "Snowden" stuff was covered in this book:
http://www.amazon.com/dp/B00DNL1AXE/ref=nosim?tag=pucknethernet-20&linkCode=sb1&camp=212353&creative=380549
If you have no plans for tomorrow and like this type of stuff, go ahead and take a quick read :)
Much of this stuff isn't new. There have been industry groups working on these supply chain assurance and risk models for years. If you are truly paranoid you will be working with these groups already. Pointers available in private if you want them.
- Jared
More information about the NANOG
mailing list