“Security researchers believe they have finally solved the mystery around how a sophisticated backdoor embedded in Juniper firewalls works,” Kim Zetter reports for Wired. “Juniper Networks, a tech giant that produces networking equipment used by an array of corporate and government systems, announced on Thursday that it had discovered two unauthorized backdoors in its firewalls, including one that allows the attackers to decrypt protected traffic passing through Juniper’s devices.”
“The researchers’ findings suggest that the NSA may be responsible for that backdoor, at least indirectly,” Zetter reports. “Even if the NSA did not plant the backdoor in the company’s source code, the spy agency may in fact be indirectly responsible for it by having created weaknesses the attackers exploited.”
“Evidence uncovered by Ralf-Philipp Weinmann, founder and CEO of Comsecuris, a security consultancy in Germany, suggests that the Juniper culprits repurposed an encryption backdoor previously believed to have been engineered by the NSA, and tweaked it to use for their own spying purposes,” Zetter reports. “If someone other than the US did plant the backdoor, security experts say the attack on Juniper firewalls underscores precisely why they have been saying for a long time that government backdoors in systems are a bad idea—because they can be hijacked and repurposed by other parties.”
Read more in the full article here.
MacDailyNews Take: Yet another example of why Tim Cook is right to stand firm on strong encryption and protecting privacy.
SEE ALSO:
Apple makes a strong case for strong encryption; some politicians don’t know what they’re talking about – December 22, 2015
Hillary Clinton wants a ‘Manhattan Project’ to cure encryption; Snowden, Andreessen mock – December 21, 2015
Apple launches counteroffensive against UK’s proposed new surveillance law – December 21, 2015
Manhattan DA fires back after Apple CEO Cook defends stance on encryption – December 21, 2015
Apple CEO Tim Cook opposes government back door to encryption – December 21, 2015
Donald Trump: To stop ISIS recruiting, maybe we should be talking to Bill Gates about ‘closing that Internet up in some way’ – December 21, 2015
Hillary Clinton: We need to put Silicon Valley tech firms to ‘work at disrupting ISIS’ – December 7, 2015
Do not let the government snoops weaken encryption – November 4, 2015
Tim Cook attacks Google, U.S. federal government over right to privacy abuses – June 3, 2015
Apple CEO Tim Cook advocates privacy, says terrorists should be ‘eliminated’ – February 27, 2015
Apple’s Tim Cook warns of ‘dire consequences’ of sacrificing privacy for security – February 13, 2015
Apple’s iPhone encryption is a godsend, even if government snoops and cops hate it – October 8, 2014
Short-timer U.S. Attorney General Eric Holder blasts Apple for protecting users’ privacy against government overreach – September 30, 2014
FBI blasts Apple for protective users’ privacy by locking government, police out of iPhones and iPads – September 25, 2014
Apple thinks different about privacy – September 23, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
Apple will no longer unlock most iPhones, iPads for government, police – even with search warrants – September 18, 2014
Would you trade privacy for national security? Most Americans wouldn’t – August 6, 2014
Apple begins encrypting iCloud email sent between providers – July 15, 2014
Obama administration demands master encryption keys from firms in order to conduct electronic surveillance against Internet users – July 24, 2013
U.S. NSA seeks to build quantum computer to crack most types of encryption – January 3, 2014
Apple’s iMessage encryption trips up U.S. feds’ surveillance – April 4, 2013