“Security researchers believe they have finally solved the mystery around how a sophisticated backdoor embedded in Juniper firewalls works,” Kim Zetter reports for Wired. “Juniper Networks, a tech giant that produces networking equipment used by an array of corporate and government systems, announced on Thursday that it had discovered two unauthorized backdoors in its firewalls, including one that allows the attackers to decrypt protected traffic passing through Juniper’s devices.”
“The researchers’ findings suggest that the NSA may be responsible for that backdoor, at least indirectly,” Zetter reports. “Even if the NSA did not plant the backdoor in the company’s source code, the spy agency may in fact be indirectly responsible for it by having created weaknesses the attackers exploited.”
“Evidence uncovered by Ralf-Philipp Weinmann, founder and CEO of Comsecuris, a security consultancy in Germany, suggests that the Juniper culprits repurposed an encryption backdoor previously believed to have been engineered by the NSA, and tweaked it to use for their own spying purposes,” Zetter reports. “If someone other than the US did plant the backdoor, security experts say the attack on Juniper firewalls underscores precisely why they have been saying for a long time that government backdoors in systems are a bad idea—because they can be hijacked and repurposed by other parties.”
Read more in the full article here.
MacDailyNews Take: Yet another example of why Tim Cook is right to stand firm on strong encryption and protecting privacy.
SEE ALSO:
Apple makes a strong case for strong encryption; some politicians don’t know what they’re talking about – December 22, 2015
Hillary Clinton wants a ‘Manhattan Project’ to cure encryption; Snowden, Andreessen mock – December 21, 2015
Apple launches counteroffensive against UK’s proposed new surveillance law – December 21, 2015
Manhattan DA fires back after Apple CEO Cook defends stance on encryption – December 21, 2015
Apple CEO Tim Cook opposes government back door to encryption – December 21, 2015
Donald Trump: To stop ISIS recruiting, maybe we should be talking to Bill Gates about ‘closing that Internet up in some way’ – December 21, 2015
Hillary Clinton: We need to put Silicon Valley tech firms to ‘work at disrupting ISIS’ – December 7, 2015
Do not let the government snoops weaken encryption – November 4, 2015
Tim Cook attacks Google, U.S. federal government over right to privacy abuses – June 3, 2015
Apple CEO Tim Cook advocates privacy, says terrorists should be ‘eliminated’ – February 27, 2015
Apple’s Tim Cook warns of ‘dire consequences’ of sacrificing privacy for security – February 13, 2015
Apple’s iPhone encryption is a godsend, even if government snoops and cops hate it – October 8, 2014
Short-timer U.S. Attorney General Eric Holder blasts Apple for protecting users’ privacy against government overreach – September 30, 2014
FBI blasts Apple for protective users’ privacy by locking government, police out of iPhones and iPads – September 25, 2014
Apple thinks different about privacy – September 23, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
Apple will no longer unlock most iPhones, iPads for government, police – even with search warrants – September 18, 2014
Would you trade privacy for national security? Most Americans wouldn’t – August 6, 2014
Apple begins encrypting iCloud email sent between providers – July 15, 2014
Obama administration demands master encryption keys from firms in order to conduct electronic surveillance against Internet users – July 24, 2013
U.S. NSA seeks to build quantum computer to crack most types of encryption – January 3, 2014
Apple’s iMessage encryption trips up U.S. feds’ surveillance – April 4, 2013
Tim Cook for President 2016!
And this is why the positions of many of the presidential candidates (most recently Ms. Clinton in the last Dem debate calling for a “Manhattan Project” style effort) are so ill-informed and dangerous.
If there’s a way “the good guys” can get into everyone and every org’s private stuff, anyone with enough tech chops can….
…so this inevitably would only create complete digital insecurity across the whole computing world – exploitable by hackers, terrorists, private enterprises and governments everywhere…..
Criminals and terrorists will adapt, the common citizen will find their privacy and protections eroded. Clinton fails to understand that her “solution” is bound to fail and make life worse for citizens.
I would be okay with a backdoor in the phones of congress members. They do answer to the public after all, we should know what’s in their phones.
The Westminster crowd have actually written into the proposed bill that they will be exempt from the snooping everyone else has to just put up with. About time these people were reminded that they are put their by us to serve, not to rule.
there, not their. Meh.
Reporters should put presidential candidates on the spot and ask for access to the emails on their phones; after all, they have nothing to hide. If they’re not willing to do so, their stance on allowing back doors is hypocritical. 🖖😀⌚️
This debate needs to be over.
Key under the mat is security by obscurity. Changes the whole game, from what you have to what you know.
If Juniper has a back door, you know HP and Cisco have one too.
It’s a good thing no-one cares, or else they would stop using the Internet.
Yeah, but apple is a proud company of the USA though, so theUS could make them change in any way they want. Ah well, at least then the plice will be busy solving more cyber crime, and murderers and thieves can do anything they want in the real world, and electronically too. Imagine being stalked, not being able to turn off location services, your Apple ID compromised, not having enough money to buy a new phone since some guy from Nigeria got into your bank account and is leaving only enough money for food and such, and the police are too busy trying to sort out a crime which was just a distraction from yours. But due to the imcompatancy of the police, it takes a good year to finally discover this and publish a report all the malware on the police computers. By then, you might be dead, a sex slave, a regular slave, or any number of things. But do the government fools realize any of this? Nope, they’re too damn ignorant, stupid, greedy, and reactionary. Ugh!
Sent from my iPhone
>