Juniper Pulls Suspected NSA Firewall Backdoor

Juniper Networks has announced a change of software for its NetScreen firewalls that removes what many believed was a backdoor for National Security Agency (NSA) surveillance. The news was shared in a corporate blog that detailed results from an investigation into unauthorized code found in the software run by their NetScreen products. Their solution involves aligning the NetScreen code with the same random number generators used for cryptography in their other products. Juniper noted that:

The investigation of the origin of the unauthorized code continues.

However, many reason that the NSA was the likely source of the code. Dan Goodin of Ars Technica provides a well-researched but very readable summary of the security hole, how it was detected, and the evidence that links it to the NSA; you can read his article here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.