Congress Gives Federal Agencies Two Weeks To Tally Backdoored Juniper Kit

itwbennett writes: In an effort to gauge the impact of the recent Juniper ScreenOS backdoors on government organizations, the House of Representatives is questioning around two dozen U.S. government departments and federal agencies. The U.S. House of Representatives' Committee on Oversight and Government Reform sent letters to the agencies on Jan. 21, asking them to identify whether they used devices running the affected ScreenOS versions, to explain how they learned about the issues and whether they took any corrective actions before Juniper released patches and to specify when they applied the company's patches. The questioned organizations have until Feb. 4 to respond and deliver the appropriate documents, a very tight time frame giving that 'the time period covered by this request is from January 1, 2009 to the present.'

ScreenOS is dying anyways

[dreamchaser]

They should be phasing those out regardless. Netscreen devices are EOL. Too many people are still using them. I know I have actively encouraged clients to ditch them. Unfortunately the Juniper SRX firewalls are crap, at least the low end/branch ones. The big iron is alright but still doesn't compare feature wise to Check Point, Palo Alto, Fortinet, etc.

Proscecutions?

[jdwolfe]

Who at Juniper is getting prosecuted for selling backdoor'd routers to the United States Federal Government?

Re:Proscecutions?

[sims+2]

Prosecuted? Somebody's probably going to get an award for thinking ahead. They had their kit backdoored before the government even made it a requirement! Whats good for the goose is good for the gander and all that.

What did you know

[JustAnotherOldGuy]

Q: "What did you know and when did you know it?"

A: We didn't know nothin' then, we don't know nothin' now, and we won't know nothin' next week either."

"Thank you, this meeting is adjourned."

More government idiocy. Consider:

the same morons who want to worry about THIS seem to have no problem with nearly the entire government running a combination of ancient, unmaintained and vulnerable old flavors of Windows and IE, or WORSE the newest flavors of windows that have a permanent, autonomous and continually-active "back-door" built right in. With the most-recent versions of Windows sucking-up all keystrokes and mouse moves and even, in some cases, audio from any built-in microphones, and sending stuff off to headquarters in Redmond (or mirror sites, or shell corporations, etc) should ANYBODY be comfortable with the government storing ANY personal, private, medical, tax, business, security, or other info on computers???????

People need to be hammering every member of congress about this and the government should not be running ANY computer operating system without having the full source-code to it and building it in-house to be certain the object code came from that source code.

Re:In other words

[peragrin]

republicans don't want effective oversight of government. that runs contradictory to small government.

you can't have oversight, and small it doesn't work. Oversight by definition makes things bigger.

Re:In other words

[gtall]

I know this might come as a shock to you, but the U.S. Government is very large. It does multiple things at one time. One part can have a policy contradicting another part. In some cases, the contradiction is mandated by Congress. Government is not a large company where getting out of line can get you fired. There is no line, there are fiefdoms. And you wouldn't want it any other way.