[186462] in North American Network Operators' Group
Re: [CVE-2015-7755] Backdoor in Juniper/ScreenOS
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Fri Dec 18 22:43:07 2015
X-Original-To: nanog@nanog.org
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: "Dave Taht" <dave.taht@gmail.com>
Date: Fri, 18 Dec 2015 12:03:40 -0500
In-Reply-To: <8F6A8780-2166-457D-A80A-B385E5E46637@cs.columbia.edu>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On 18 Dec 2015, at 11:52, Steven M. Bellovin wrote:
> On 18 Dec 2015, at 7:28, Dave Taht wrote:
>
>> I think "unauthorized code" is still plausible newspeak for "bug".
>>
>> Why blame finger foo when you can blame terrorists?
>
> It looks like two different holes, one a back door for unauthorized
> console login and one to somehow leak VPN encryption keys. There are
> hints that that latter involved tinkering with certain constants in
> the crypto (https://twitter.com/matthew_d_green/status/677871004354371584);
> that would squarely point the finger at some government's intelligence
> agency.
>
> I don't know who did it, but neither 'bug' nor 'developer debugging
> code' sounds plausible here.
https://twitter.com/sweis/status/677896363070259200
