On Dec 31, 2013, at 12:00 AM, Ray Soucy <rps@maine.edu> wrote:
So this isn't an issue of the NSA working with Cisco and Juniper to include back doors, it's an issue of the NSA modifying those releases after the fact though BIOS implants.
Yes, I see this now, thanks. AFAICT, the Cisco boxes listed are ASAs and PIXes, which are essentially Linux PCs running a bunch of userland firewall stuff and which have BIOSes and so forth; they aren't routers/switches. I don't know much about Juniper gear, but it appears that the Juniper boxes listed are similar in nature, albeit running FreeBSD underneath (correction welcome). I know nothing at all about Huawei gear. Compromising PCs with persistent malware/rootkits is pretty routine, so this isn't really surprising, IMHO. ----------------------------------------------------------------------- Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com> Luck is the residue of opportunity and design. -- John Milton