US Reviews Possible Back Door In Juniper Networks Code

Megalith · Dec 20, 2015

The company suggests that the vulnerability has not been exploited yet but that customers should, naturally, update their systems and apply the patched releases as soon as possible. Thanks to Rylan for the heads up.

Juniper warned customers on Thursday that it had uncovered "unauthorized code" in the software that runs its firewalls, saying it could be exploited to allow an attacker to unscramble encrypted communications. CNN reported Friday that the Federal Bureau of Investigation was probing the matter. An FBI representative declined comment to Reuters. A former Juniper security executive said the flaw appeared to be a "back door", a reference to rogue code secretly inserted into a product to enable attackers to eavesdrop on users.

evilsofa · Dec 20, 2015

Calm down, citizens, nothing to look at here, we're just keeping you safe from terrorism by inserting backdoors into everything, move along.

sean.b · Dec 20, 2015

so this was either caught immediately (they didnt seem to specify, which makes me think this isnt the case.. because it's the best case and you'd want to claim this if it were) or it's been there and made it past testing, QA, etc?

dafuq? I smell some Palo Alto and Cisco salesmen having new material.

Dead Parrot · Dec 20, 2015

Based on the firmware versions listed as compromised, it has been in there for over 5 years. Oddly, the version I have on my SSG5 isn't in the range listed as bad. Several versions prior and after are. This makes the question of how the backdoor got in there even more interesting.

Juniper wants real money for a yearly firmware update agreement. More then the cost of a used unit. So far, this patch doesn't seem to be an exception to that rule.

macksomerville · Dec 20, 2015

Got in there very easily... compromised employee and either China, Russia, Israel or the Alphabet Agencies (more then likely in this case its our own Agencies)

Crotan · Dec 20, 2015

macksomerville said:
Got in there very easily... compromised employee and either China, Russia, Israel or the Alphabet Agencies (more then likely in this case its our own Agencies)

my bet is on US agencies. That have had their fill of using this backdoor on foreign/US/ whoever companies for some time, and it's usefulness or their agreement with Juniper has come to an end.

LonerVamp · Dec 21, 2015

Or someone found it. Out of band sniffer would see this.

SFB · Dec 22, 2015

Some Analysis of the Backdoored Backdoor
http://rpw.sh/blog/2015/12/21/the-backdoored-backdoor/

Quartz-1 · Dec 22, 2015

evilsofa said:
Calm down, citizens, nothing to look at here, we're just keeping you safe from terrorism by inserting backdoors into everything, move along.

More likely the Chinese intelligence services.

westrock2000 · Dec 22, 2015

You guys are not watching enough mainstream news.....it's obvious who this is.....North Korea hackers!

US Reviews Possible Back Door In Juniper Networks Code

Megalith

24-bit/48kHz

evilsofa

[H]F Junkie

sean.b

Limp Gawd

Dead Parrot

2[H]4U

macksomerville

[H]ard|Gawd

Crotan

Gawd

LonerVamp

Limp Gawd

SFB

Weaksauce

Quartz-1

Supreme [H]ardness

westrock2000

[H]F Junkie