NSA able to compromise Cisco, Juniper, Huawei switches

Randy Bush randy at psg.com
Wed Jan 1 18:23:35 UTC 2014

Warren Bailey <wbailey at satelliteintelligencegroup.com>
> I find it insanely difficult to believe cisco systems has a backdoor
> into some of their product lines with no knowledge or participation.

actually, i suspect a mix of both, the usg encouraging calea gone bad
(while committing to bad-mouth huawei), and the TAO crew developing
serious attacks based on unintended product vulnerabilities.

> Google has some deniability, as their networks were compromised
> without their knowledge.

i doubt we will ever learn the extent of surprise vs culpability of
google, apple, twitter, msoft, ...

Saku Ytti <saku at ytti.fi>
> Is this legal?


> If this is as widespread as claimed, and if we'll gain knowledge how
> to see if you are affected, there are potentially repercussions on
> geopolitical scale, as I'm sure many on these lists would go public
> and share information if they'd find being targeted.

we are dealing with a world in which there are attackers and victims and
very few white hats to be seen.  exposure via journalism, thanks
@ioerror, wikileaks, ... and constructive hacking to make protocols and
products more resistant are the main paths available to us.

and if you want to be ambarrassed for our peers, see the ietf pissing
all over itself deciding whether they can make simple statements that
these things are attacks and the ietf needs to do something about its




-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 527 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20140101/87703863/attachment.sig>

More information about the NANOG mailing list