Comment by hovav
3 years ago
I don't think Juniper used BSAFE in ScreenOS -- they seem to have put together their own Dual EC implementation on top of OpenSSL, sometime around 2008. (This doesn't change your point, of course.)
3 years ago
I don't think Juniper used BSAFE in ScreenOS -- they seem to have put together their own Dual EC implementation on top of OpenSSL, sometime around 2008. (This doesn't change your point, of course.)
Yeah, I think you're right; the Juniper revelation also happened months after the BULLRUN stuff --- I remember being upset about how Greenwald and his crew had hidden all the Snowden docs in a SCIF to "carefully review them", with the net result that we went many months without knowing that one of the most popular VPN appliances was backdoored.