Monday, December 21, 2015

Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors | WIRED

On a related note, see Hillary Clinton on encryption: 'maybe the back door isn't the right door' (The Verge)

"Ronald Prins, founder and CTO of Fox-IT, a Dutch security firm, said the patch released by Juniper provides hints about where the master password backdoor is located in the software. By reverse-engineering the firmware on a Juniper firewall, analysts at his company found the password in just six hours.

“Once you know there is a backdoor there, … the patch [Juniper released] gives away where to look for [the backdoor] … which you can use to log into every [Juniper] device using the Screen OS software,” he told WIRED. “We are now capable of logging into all vulnerable firewalls in the same way as the actors [who installed the backdoor].”"
Secret Code Found in Juniper's Firewalls Shows Risk of Government Backdoors | WIRED

No comments: