Article which I wanted to share with all is on the vulnerability found in the Juniper systems. The vulnerability was found in the Net Screen line of device which is an Enterprise firewall and that too a High- performance and incorporated VPN solution. This is surely a top of line security product from a reputed company like Juniper.
What went wrong?
Though when we see a router or other hardware device we at times do not anticipate the software sitting inside it and how securely or insecurely it is providing service to business. In this current case as well what we now know that the software (source code) chipped into the firewall had backdoor. This is quite a serious and scary scenario just to build an analogy we bought services one of the finest security services and these guys instead started surveillance on customer.
However to discuss the vulnerability more technically but less than a geek , there were two vulnerabilities one which pertains to authentication suddenly bad guy mixed himself to be a security guard and second where the non-accessible area of my office (VPN) turned into glass room with bad (invisible) guy eavesdropping to my conversations plans etc.
Unfortunately the response of Security office Head office is questionable as they kept quiet and did not come out transparently to the situation.
Though we come across vulnerabilities and all the time decimation of security protocol versions but this security event in my own mind is special where a reputed highly critical and sophisticated security device turned against its own subscriber.
You may like to read more on the below in interesting analysis: