What he said ;-) -- Hugo h...@slabnet.com: email, xmpp/jabber also on Signal
---- From: Aaron Dewell <aaron.dew...@gmail.com> -- Sent: 2015-12-26 - 15:08 ---- > > While that may be completely correct (while not completely provable, it is > entirely reasonable to assume it), the immediate question was whether this > particular vulnerability affected JunOS also, or only ScreenOS. > > The answer to that more narrow question is that it only affects ScreenOS. > > I think we can assume that most of the software we use today (Windows, MacOS, > IOS, JunOS, Linux, FreeBSD, etc.) all contain some form of government-induced > weakness. Exactly what those are have yet to be discovered. I for one am > confident that they all contain at least one if not many. > > However, the question asked only concerned this particular vulnerability, for > which JunOS is not affected. The malicious code in question was introduced > into ScreenOS source code and not into JunOS. > >> On Dec 26, 2015, at 3:21 PM, Chris Cappuccio <ch...@nmedia.net> wrote: >> >> Hugo Slabbert [h...@slabnet.com] wrote: >>> >>> Am I missing something that indicates this is known to affect Junos as well? >>> >> >> I just gave you a link to a formal NSA/GCHQ "TOP SECRET" documentation -- >> from >> 2011 -- which says they are DOING IT. It only takes NSA ~90 days to develop >> a new vulnerability in this class of software. >> >> I think the best we can hope is that Juniper was privately informed and has >> quietly patched any JunOS vulnerabilities. >> >> Juniper has a lot of international business to lose from public >> vulnerabilities in core Internet infrastructure. Cisco already took a large >> hit. >> >> I don't know what else to say. Anyone who thinks that the NSA did not develop >> this capability in 2011 needs to read. Anyone who thinks NSA can't develop >> this capability again (once their old vulnerabilities are burned) does not >> understand the class of this attacker. >> _______________________________________________ >> juniper-nsp mailing list juniper-nsp@puck.nether.net >> https://puck.nether.net/mailman/listinfo/juniper-nsp > >
signature.asc
Description: PGP/MIME digital signature
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp