R. DuFresne writes: > > Marcus Ranum, if I recall correctly, has an outstanding reward for > anyone with proof that fw-1 was ever backdoored by the Israeli's, it > has never bee collected
Well, even if I'd find it, I'd _really_ be scared to "get collected" by Mossad. It has happend before. http://www.google.com/search?q=vanunu > An open backkdoor should be able to be gleened from port mapping > techniques, the port has to be openly accesible for it to be used, No. You could require a certain "port-scan-pattern" to be present to open it. > yes? A review/audit of the code for the > product might further provide evidence, but, would require much more > time as well as skill level <i.e. one would need to know C or C++ > quite well, or whatever code base the application./device was written > in An examination of theunderlying OS, before and after install, if > this is not a drop and place and configure blackboox device might > prove useful also. Only code audit is useful. You can't rely on anything else. As Checkpoint has licensed the source to differnt parties, it is unlikely that a potential backdoor was contained in there. Danger is not on this front. The soft- and hardware to control the suveillance of telephone-calls is partly built by companies that are either subcontractor of Mossad or are rumoured to be "controlled" by Mossad. TELCOs are concered by this, because, at least in Germany, every TELCO has to have a wiretap-mechanism in place for Secret Service or other Police-Forces. These wiretaps must be (qua definitionem) undetectable by the victim when used, and undetectable by the TELCO itself ! If one of these devices were backdoored (by an "enemy force"), the integrity of the whole telecommunication infrastructure would be, well, non-existant. Of couse, the TELCOs also (or mostly, let's be honest) the high costs associated with this system. I have no direct (English) link for this, just this one: http://www.heise.de/tp/deutsch/html/result.xhtml?url=/tp/deutsch/inhalt/te/9 395/1.html&words=Geheimdienst but surf around the Heise Telepolis site and get a feeling of just what is in stock for us... http://www.heise.de/tp/english/special/enfo/default.html cheers, Rainer -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rainer Duffner Munich [EMAIL PROTECTED] Germany http://www.i-duffner.de Freising ======================================== When shall we three meet again In thunder, lightning, or in rain? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
