Juniper Pulls Suspected NSA Firewall Backdoor

Juniper Networks has announced a change of software for its NetScreen firewalls that removes what many believed was a backdoor for National Security Agency (NSA) surveillance. The news was shared in a corporate blog that detailed results from an investigation into unauthorized code found in the software run by their NetScreen products. Their solution involves aligning the NetScreen code with the same random number generators used for cryptography in their other products. Juniper noted that:

The investigation of the origin of the unauthorized code continues.

However, many reason that the NSA was the likely source of the code. Dan Goodin of Ars Technica provides a well-researched but very readable summary of the security hole, how it was detected, and the evidence that links it to the NSA; you can read his article here.

Eric Priezkalns
Eric Priezkalns
Eric is a recognized expert on communications risk and assurance. He was Director of Risk Management for Qatar Telecom and has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and others.

Eric was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He was a member of Qatar's National Committee for Internet Safety and the first leader of the TM Forum's Enterprise Risk Management team. Eric currently sits on the committee of the Risk & Assurance Group. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.

Commsrisk is edited by Eric. Look here for more about Eric's history as editor.