Tuesday, January 26, 2016

Is the NSA making friends and influencing people at other agencies?

Because Congress is grilling those other agencies over their use of equipment containing backdoors probably put there by NSA:
A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. 
The House of Representatives' Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen devices were used in federal systems. 
Juniper's ScreenOS software – the firmware that powers in its firewalls – was tampered with by mystery hackers a few years ago to introduce two vulnerabilities: one was an administrator-level backdooraccessible via Telnet or SSH using a hardcoded password, and the other allowed eavesdroppers to decrypt intercepted VPN traffic. The flaws, which were smuggled into the source code of the firmware, were discovered on December 17 by Juniper, and patches were issued three days later to correct the faults.
The speculation is that there aren't many other actors other than the NSA who could have pulled this off.  Speculation, of course - there's no smoking gun, as you'd expect.

But everyone suspects them, which means they're incompetent: either they did this and got caught, or they didn't do this but have made everyone distrust them anyway.  Way to go!

No comments: