Shocking security revelations: Linux bootloader and Juniper Networks ScreenOS

Another day, another hack: Iranian hackers gained access to the U.S. power grid networks. But even shockingly scarier still, recently it’s been revealed that Linux and Juniper Networks ScreenOS contain backdoors which may have been the work of America’s top spy agency, the NSA.

Almost all Linux systems use GRUB (Grand Unified Bootloader). Researchers have discovered that by hitting Backspace 28 times grants access to a Linux system. But thanks to the open source nature of Linux, there’s a digital trail of source code contributors and the changes that were made. Somebody’s already thinking NSA

Juniper Networks also suffered a serious vulnerability in the ScreenOS software used on its networking products. It essentially rendered Juniper firewalls useless and VPN traffic readable. Serious enough that the Department of Homeland Security is working with the company to investigate how the unauthorized code got into its software.

Rapid7’s Hdmoore reports that he and his team have confirmed that “unauthorized code” is a backdoor whose secret password enables the wielder to telnet or ssh into Juniper’s appliances. The password is <<< %s(un=’%s’) = %u, “presumably chosen so that it would be mistaken for one of the many other debug format strings in the code.” Rapid7 was able to easily locate 26,000 Juniper devices that are vulnerable to this attack.

Backdoors are absolutely a terrible idea.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s