NSA able to compromise Cisco, Juniper, Huawei switches

Jared Mauch jared at puck.nether.net
Tue Dec 31 18:21:15 UTC 2013


On Dec 31, 2013, at 12:49 PM, Enno Rey <erey at ernw.de> wrote:

> Hi,
> 
> some approaches were discussed in 2010, by Graeme Neilson from NZ here:
> 
> https://www.troopers.de/wp-content/uploads/2012/10/TROOPERS10_Netscreen_of_the_Dead_Graeme_Neilson.pdf
> 
> a later year, at the same conference, he gave a private session demonstrating basically the same stuff for JunOS, as ongoing (and, at the time, non-public) research.
> 
> happy NYE to everybody

What I found mildly amusing this summer was most of the outlines of the summer "Snowden" stuff was covered in this book:

http://www.amazon.com/dp/B00DNL1AXE/ref=nosim?tag=pucknethernet-20&linkCode=sb1&camp=212353&creative=380549

If you have no plans for tomorrow and like this type of stuff, go ahead and take a quick read :)

Much of this stuff isn't new.  There have been industry groups working on these supply chain assurance and risk models for years.  If you are truly paranoid you will be working with these groups already.  Pointers available in private if you want them.

- Jared


More information about the NANOG mailing list