Another day, another hack: Iranian hackers gained access to the U.S. power grid networks. But even shockingly scarier still, recently it’s been revealed that Linux and Juniper Networks ScreenOS contain backdoors which may have been the work of America’s top spy agency, the NSA.
Almost all Linux systems use GRUB (Grand Unified Bootloader). Researchers have discovered that by hitting Backspace 28 times grants access to a Linux system. But thanks to the open source nature of Linux, there’s a digital trail of source code contributors and the changes that were made. Somebody’s already thinking NSA…
Juniper Networks also suffered a serious vulnerability in the ScreenOS software used on its networking products. It essentially rendered Juniper firewalls useless and VPN traffic readable. Serious enough that the Department of Homeland Security is working with the company to investigate how the unauthorized code got into its software.
Rapid7’s Hdmoore reports that he and his team have confirmed that “unauthorized code” is a backdoor whose secret password enables the wielder to telnet or ssh into Juniper’s appliances. The password is <<< %s(un=’%s’) = %u, “presumably chosen so that it would be mistaken for one of the many other debug format strings in the code.” Rapid7 was able to easily locate 26,000 Juniper devices that are vulnerable to this attack.
Backdoors are absolutely a terrible idea.