[167846] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Randy Bush)
Mon Dec 30 21:42:20 2013
Date: Mon, 30 Dec 2013 16:41:46 -1000
From: Randy Bush <randy@psg.com>
To: Roland Dobbins <rdobbins@arbor.net>
In-Reply-To: <4055C305-ADE1-4765-9B82-F096318862AE@arbor.net>
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>> So this isn't an issue of the NSA working with Cisco and Juniper to
>> include back doors, it's an issue of the NSA modifying those releases
>> after the fact though BIOS implants.
>
> Yes, I see this now, thanks.
>
> AFAICT, the Cisco boxes listed are ASAs and PIXes, which are
> essentially Linux PCs running a bunch of userland firewall stuff and
> which have BIOSes and so forth; they aren't routers/switches.
you may want to read the more complete, well let's say extensive
http://leaksource.wordpress.com/2013/12/30/nsas-ant-division-catalog-of-exploits-for-nearly-every-major-software-hardware-firmware/
