This shit looks huge.
info: http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html
>>52002040
No one gives a shit?
Israel probably hacked protonmail also
https://cryptome.org/2015/11/protonmail-ddos.htm
>>52002315
What's scary is that nobody seems to care.
>>52002339
What's even more scary is that no one is replying to my shitpost. S-someone please pay attention to me ;(
>>52002315
>hacked
>ddos
Get out.
>>52002417
Hey anon, welcome to /g/, here we like to discuss technology.
You should probably give a look at >>>/b/, that's where retarded underage faggots like you usually hang out.
>>52002339
Why care about something you have no control over?
>>52002040
I've said all I needed to say on it. May as well say it again here.
ScreenOS seems to have always had an NSA backdoor in it (Dual_EC_DRBG - a "public key"-based elliptic curve RNG, shitty for every reason except if you want a backdoored RNG - was used as the RNG, and the thing that was supposed to 'whiten' it, well, didn't, looks like it probably never even did).
Someone (don't know who) changed the keys. Juniper just changed them back. (To the NSA ones.) It's STILL backdoored. Silence from Juniper about that, but they mentioned it before? Odd, that.
Someone (maybe the same someone, but maybe not) also put a really much simpler backdoor password in there, obfuscated merely by the fact that it looks like a format string.
Of course, if it wasn't backdoored in the first place, it wouldn't have been so fucking convenient and so easily overlooked that the key had been changed. It's also been in place for years, and nobody squeaked about it.
Cisco say that they've done an audit of their stuff, just in case, and haven't found anything. That's very interesting.
Time to start demanding open-source routers, even if only for auditability.
Couldn't attribute it well, but NSA are definitely responsible for putting the crypto backdoor in in the first place, so the lion's share of the blame falls on them. Replacing the parameters would realistically be someone who owns enough transit to observe lots of Juniper VPNs and wants lots of SIGINT from it - this was an untargeted attack. That is NOT .il. More likely .uk (yes they're in FVEY but GCHQ are just like that), .fr, .de. It doesn't feel like .cn or .ru.
The backdoor password was more reckless. That could fit with just about anyone, may not be the same actor.
>>52002315
Not Israel's style. The packets are traversing via Israel but they don't have any of the keys. It wouldn't be any harder or easier to perform an attack for them than it was before.
>>52002483
Whoa it looks like no one cares. Big surprise. Saged, now please get >>>/out/
What is a Juniper?
>>52002040
old news slowpoke, get with the times
>>52003273
Network equipment
>>52002499
Sadly this post is very relevant but still why give up?
>>52002040
>>52005024
>>>52002040 (OP)
No fucks given, toilet cleaner of nsa
>>52005024
fuck, I can't read this
Just a heads-up
The feds? are ????(monitoring?) this threat/thread?
>>52005304
>"Just a heads up the feds are monitoring this thread"
Old picture. Look at the file name
>>52005331
>>52002040
We patched all our ScreenOs to 6.3 R21 the other night. Went smooth, new backdoors installled. Our juniper sales engineers didnt want to talk about it at all. So shady.
Wasnt worried about the ssh and telnet exploit as it only affected us internally but the vpn exploit, how do you even test its fixed :(
>>52005464
And it was an old image then.
>>52005464
not the dumb shit who said look at the filename, but the picture is old as fuck you fucking idiot
My university uses Juniper stuff for VPN connections.
>>52005515
>the picture is old as fuck you fucking idiot
i know it's old. i'm the one who posted it.
I haven't even heard of ScreenOS.
What is it used for?
>>52005738
it make screen go pixel if driver is not