Juniper has been in the news a lot recently, after discovering that their firewalls exposed virtual private networks ‘secure’ data. It was then revealed that this went one step further, with groups like the NSA and GCHQ working together to hack Junipers firewalls. If this wasn’t bad enough, Juniper fell silent on the matter before it was revealed that the software that was vulnerable was still located within their software. This is set to change though with Juniper releasing a second patch, designed to remove the software responsible for their “insecure” software.
In a post titled “Advancing the Security of Juniper Products“, the use of Dual_EC and ANSI X9.31 will be replaced with a different number generator, one that is used in other products. Dual_EC is the software that is considered flawed and therefore, the greatest security risk, even though it was only added to the software a year after the issues were publically revealed.
This action comes as part of a “detailed investigation” of their software’s code, resulting in patches and the removal of “unauthorized code”. While these actions are well welcomed the questions remain as to why this all started. Where did the “unauthorized code” come from and if Stephen Checkoway, a computer science lecturer from the University of Illinois in Chicago, is correct, the addition of Dual_EC actually reduced the security on Juniper’s software, making it easier to access it through a backdoor.
According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…
A new AMD processor in the form of an engineering model has been leaked in…
SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…