[Dailydave] Question re: Juniper
Laurens Vets
laurens at daemon.be
Fri Apr 21 00:21:26 EDT 2017
On 2017-04-20 12:37, Dave Aitel wrote:
> Did Juniper actually fix the many bugs that led to the potential for backdoor access via the trojaned random number generator, or just change the key back to the original?
>
> In other words, if I have the private key, can I still decrypt Juniper VPN traffic, or no?
>
> -dave
If you're talking about the Dual_EC stuff in ScreenOS, yes, allegedly
Juniper completely removed that RNG:
https://arstechnica.com/security/2016/01/juniper-drops-nsa-developed-code-following-new-backdoor-revelations/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20170420/16632f12/attachment.html>
More information about the Dailydave
mailing list