Juniper warns about spy code in firewalls

23 Dec 2015 | Author: | No comments yet »

‘Unauthorized code’ that decrypts VPNs found in Juniper’s ScreenOS.

Networking giant Juniper Networks Inc. has made the somewhat embarrassing admission that it’s found “spying” code implanted into certain versions of ScreenOS, the operating system for its NetScreen firewall and VPN products.An operating system used to manage firewalls sold by Juniper Networks contains unauthorized code that surreptitiously decrypts traffic sent through virtual private networks, officials from the company warned Thursday.And on The Register’s reading of the situation, the unauthorised code may have been present since 2008, an assertion we make because Juniper’s notice about the problem says it impacts ScreenOS 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20.

“During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker to gain administrative access to NetScreen® devices and to decrypt VPN connections. The admission is an alarming one mainly because it smacks of some kind of state-sponsored spying initiative, and because the code has been present for at least three years. At this time, we have not received any reports of these vulnerabilities being exploited; however, we strongly recommend that customers update their systems and apply the patched releases with the highest priority.”

We’ve asked Juniper if it has any theories about the origin of the code and have been told the company has nothing to say on the matter beyond the post we’ve linked to above and canned statements from its PR team. That’s an unfortunate error with potentially terrifying consequences, but also a rather “better” reason than our second scenario: parties unknown snuck the code into ScreenOS in order to do ill to Juniper customers. However, The Register surmises that it’s either due to an internal error that left rejected code in the production release of ScreenOS, or, more likely, due to parties unknown surreptitiously inserting the code so they can spy on Juniper’s customers. There is no way to detect that this vulnerability was exploited.” Word that the VPN-breaking code was the result of unauthorized code, as opposed to an inadvertent programming flaw, touched off immediate concern that ScreenOS had been deliberately tampered with. Irrespective of where the code stems from, it’s bad news for Juniper, whose customers have potentially been spied upon for years without their knowledge.

Interestingly, the compromise of Juniper’s software by malicious code inserted explicitly for spying purposes echoes the tactics described by whistleblower Edward Snowden in documents leaked to the press in 2013. Classified documents leaked by former NSA subcontractor Edward Snowden showed NSA agents intercepting network gear from Cisco Systems as it was being shipped to a customer. Germany’s Der Spiegal revealed a fifty page catalog of hardware and software tools the NSA was using to infiltrate networking equipment back in December 2013. As involved as that process was, getting unauthorized code covertly installed into an official operating system and keeping it there for years would appear to be an even more complicated—and brazen—undertaking. The article spoke of a technique called “FEEDTROUGH” the NSA uses to insert two kinds of software implants inside NetScreen firewalls, which remain even if the device is rebooted or upgraded.

This 2013 article published by Der Spiegel reported that an NSA operation known as FEEDTHROUGH worked against Juniper firewalls and gave the agency persistent backdoor access. “This malware burrows into Juniper firewalls and makes it possible to smuggle other NSA programs into mainframe computers,” the article reported. “Thanks to FEEDTROUGH, these implants can, by design, even survive ‘across reboots and software upgrades.’ In this way, US government spies can secure themselves a permanent presence in computer networks. The catalog states that FEEDTROUGH ‘has been deployed on many target platforms.'” Of course, it’s also possible the backdoor was installed some other way.

Here you can write a commentary on the recording "Juniper warns about spy code in firewalls".

* Required fields
All the reviews are moderated.

BMW and Nissan roll out dual-plug EV chargers across the US

24 Dec 2015 | Author: | No comments yet »

BMW and Nissan partner to create joint fast-charger network in the US.

BMW and Nissan announced Monday that they have teamed up to launch a public network of fast-charging stations across the country, challenging Tesla’s Supercharger network.CNN Money calls the Tesla Model X “the new king of crossover SUVs.” In its round-up of its favorite luxury SUVs of 2015, CNN places the electric ute on the top of its list.

The Model X’s EV powertrain, excellent acceleration and handling and cool design and technology features (including much attention paid to its slick Falcon Wing doors) earn it high praise. With dual 50 kW DC Fast-charging station with both CHAdeMO and CCS (Combo) connectors incorporated into each station, Nissan LEAF and BMW i3 drivers will be able to travel virtually range-anxiety-free. The breadth of Nissan and BMW’s fast-charger buildout is expansive, with fast chargers now available in California, Connecticut, Florida, Georgia, Illinois, Indiana, Maryland, Minnesota, Missouri, New Mexico, Nevada, New York, North and South Carolina, Ohio, Pennsylvania, Tennessee, Virginia and Wisconsin.

These 50 kW stations can charge EVs from Nissan and BMW up to 80 percent in about 20-30 minutes, as compared to the longer time required to recharge at a Level 2 (240V) charger, currently the most commonly available public charging station. When the network will be completed, however, is not yet known. “Drivers can easily locate the chargers with ConnectedDrive in the BMW i3 — either using the in-vehicle Navigation or by using the BMW i Remote App — or via the Nissan EZ-Charge smartphone app,” read the joint press release. “Additionally, these chargers are compatible with the Nissan EZ-Charge cards.” This is a significant move. Since the launch of Nissan LEAF – the world’s best-selling electric car – Nissan has reinforced its commitment to zero-emission mobility with investments in EV charging infrastructure to serve the needs of LEAF drivers in markets across the U.S.

Nissan also recently introduced the new 2016 LEAF, which has available best-in-class range of 107 miles, making it the first affordable EV to get more than 100 miles on a single charge. All LEAF models feature an 80kW AC synchronous motor that generates 107 horsepower and 187 lb-ft of torque, providing a highly responsive, fun-to-drive experience. BMW i is focused on the development of visionary vehicles and mobility services, inspiring design, and a new understanding of premium that is strongly defined by sustainability.

Here you can write a commentary on the recording "BMW and Nissan roll out dual-plug EV chargers across the US".

* Required fields
All the reviews are moderated.
Our partners
Follow us
Contact us
Our contacts

ICQ: 423360519

About this site