[167942] in North American Network Operators' Group
Re: NSA able to compromise Cisco, Juniper, Huawei switches
daemon@ATHENA.MIT.EDU (Randy Bush)
Wed Jan 1 13:23:52 2014
Date: Wed, 01 Jan 2014 08:23:35 -1000
From: Randy Bush <randy@psg.com>
To: North American Network Operators' Group <nanog@nanog.org>
In-Reply-To: <CEE897AC.10824%wbailey@satelliteintelligencegroup.com>
<20140101095537.GA21572@pob.ytti.fi>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
--pgp-sign-Multipart_Wed_Jan__1_08:23:26_2014-1
Content-Type: text/plain; charset=US-ASCII
Warren Bailey <wbailey@satelliteintelligencegroup.com>
> I find it insanely difficult to believe cisco systems has a backdoor
> into some of their product lines with no knowledge or participation.
actually, i suspect a mix of both, the usg encouraging calea gone bad
(while committing to bad-mouth huawei), and the TAO crew developing
serious attacks based on unintended product vulnerabilities.
> Google has some deniability, as their networks were compromised
> without their knowledge.
i doubt we will ever learn the extent of surprise vs culpability of
google, apple, twitter, msoft, ...
Saku Ytti <saku@ytti.fi>
> Is this legal?
ROFL
> If this is as widespread as claimed, and if we'll gain knowledge how
> to see if you are affected, there are potentially repercussions on
> geopolitical scale, as I'm sure many on these lists would go public
> and share information if they'd find being targeted.
we are dealing with a world in which there are attackers and victims and
very few white hats to be seen. exposure via journalism, thanks
@ioerror, wikileaks, ... and constructive hacking to make protocols and
products more resistant are the main paths available to us.
and if you want to be ambarrassed for our peers, see the ietf pissing
all over itself deciding whether they can make simple statements that
these things are attacks and the ietf needs to do something about its
protocols.
---
https://www.youtube.com/watch?v=cOCWTRJCnf0
randy
--pgp-sign-Multipart_Wed_Jan__1_08:23:26_2014-1
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: GPGTools - http://gpgtools.org
iQEcBAABCgAGBQJSxF0lAAoJEMzMBey4OgLt0WwIAILkqDefgm49QApG6UTTcqC2
I7oj8R0hAkXWnsUHuzx6VTGX7OodRZ/feohrWOot5gitRj2bLXqnHmCLTn59JMVq
dunqCEJE9uBlPYy8WmS1u7PmUjEOkXpQeWsum7ubtq0Iz4ngML4W4P1JmyT4PRFZ
zM1LyjKqkJnVT3raFWKvoiGV5KhXfflKCOc+CtcjFRvMFX/ENRpYWlU99qazz85B
OktFX+dLnGOjjDor4XSWAqPcaR22/qPgVZwvAM1TWTiaIsifEbHuOplNMbP/jGwW
cyGA91AXiIWOTvlSQ8kFazgCKYsZM2Jc3mb0xOgzMWN9tU/ZMiCBsnTtbrml+og=
=7VL/
-----END PGP SIGNATURE-----
--pgp-sign-Multipart_Wed_Jan__1_08:23:26_2014-1--
