[167857] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Mon Dec 30 23:34:09 2013
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: "nanog@nanog.org list" <nanog@nanog.org>
Date: Tue, 31 Dec 2013 04:33:52 +0000
In-Reply-To: <52C242C5.70905@armoredpackets.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 31, 2013, at 11:06 AM, [AP] NANOG <nanog@armoredpackets.com> wrote:
> Then looking at things from the evil side though, if they owned the syste=
m which provides the signing then they could sign
> virtually anything they wish.
Or if they owned *people* with the right level of access to do so, or if th=
ere were implementation bugs which could be utilized to bypass or obviate t=
he signing . . .
None of the alleged capabilities described in the purported documents is re=
ally standalone; they all rely upon other methods/mechanisms in order to pr=
ovide the required foundation to accomplish their stated goals.
> I think we need to watch and listen/read over the coming weeks and months=
before we go assuming we have it figured out.
This is the most pertinent and insightful comment made in this thread.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
