NSA/GCHQ Exploits against Juniper Networking Equipment
The Intercept just published a 2011 GCHQ document outlining its exploit capabilities against Juniper networking equipment, including routers and NetScreen firewalls as part of this article.
GCHQ currently has capabilities against:
- Juniper NetScreen Firewalls models Ns5gt, N25, NS50, NS500, NS204, NS208, NS5200, NS5000, SSG5, SSG20, SSG140, ISG 1000, ISG 2000. Some reverse engineering maybe required depending on firmware revisions.
- Juniper Routers: M320 is currently being worked on and we would expect to have full support by the end of 2010.
- No other models are currently supported.
- Juniper technology sharing with NSA improved dramatically during CY2010 to exploit several target networks where GCHQ had access primacy.
Yes, the document said “end of 2010” even though the document is dated February 3, 2011.
This doesn’t have much to do with the Juniper backdoor currently in the news, but the document does provide even more evidence that (despite what the government says) the NSA hoards vulnerabilities in commonly used software for attack purposes instead of improving security for everyone by disclosing it.
Note: In case anyone is researching this issue, here is my complete list of useful links on various different aspects of the ongoing debate.
EDITED TO ADD: In thinking about the equities process, it’s worth differentiating among three different things: bugs, vulnerabilities, and exploits. Bugs are plentiful in code, but not all bugs can be turned into vulnerabilities. And not all vulnerabilities can be turned into exploits. Exploits are what matter; they’re what everyone uses to compromise our security. Fixing bugs and vulnerabilities is important because they could potentially be turned into exploits.
I think the US government deliberately clouds the issue when they say that they disclose almost all bugs they discover, ignoring the much more important question of how often they disclose exploits they discover. What this document shows is that—despite their insistence that they prioritize security over surveillance—they like to hoard exploits against commonly used network equipment.
Who? • December 28, 2015 9:30 AM
…and this one (I think this URL has been published here last week): http://blog.cryptographyengineering.com/2015/12/on-juniper-backdoor.html
As lots of clever people noted in this blog for years the only way to achieve true security is using open source products. Anything closed source cannot be trusted, not to say commercial products developed by members of the FVEY.