December 23, 2015 08:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/koInQDoy5vA/the-juniper-vpn-backdoor-buggy-code-with-a-dose-of-shady-nsa-crypto
The Juniper VPN Backdoor: Buggy Code With a Dose of Shady NSA Crypto
itwbennett writes: Security researchers and crypto experts now believe that a combination of likely malicious third-party modifications and Juniper's own crypto failures are responsible for the recently disclosed backdoor in Juniper NetScreen firewalls. 'To sum up, some hacker or group of hackers noticed an existing backdoor in the Juniper software, which may have been intentional or unintentional — you be the judge!,' Matthew Green, a cryptographer and assistant professor at Johns Hopkins University wrote in a blog post. 'They then piggybacked on top of it to build a backdoor of their own, something they were able to do because all of the hard work had already been done for them. The end result was a period in which someone — maybe a foreign government — was able to decrypt Juniper traffic in the U.S. and around the world. And all because Juniper had already paved the road.'Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/koInQDoy5vA/the-juniper-vpn-backdoor-buggy-code-with-a-dose-of-shady-nsa-crypto
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot