Cisco Removed Its Seventh Backdoor Account This Year, and That's a Good Thing

An anonymous reader quotes a report from ZDNet: Cisco, the world's leading provider of top networking equipment and enterprise software, has released today 15 security updates, including a fix for an issue that can be described as a backdoor account. This latest patch marks the seventh time this year when Cisco has removed a backdoor account from one of its products. Five of the seven backdoor accounts were discovered by Cisco's internal testers, with only CVE-2018-0329 and this month's CVE-2018-15439 being found by external security researchers. The company has been intentionally and regularly combing the source code of all of its software since December 2015, when it started a massive internal audit. Cisco started that process after security researchers found what looked to be an intentional backdoor in the source code of ScreenOS, the operating system of Juniper, one of Cisco's rivals.

Juniper suffered a massive reputational damage following the 2015 revelation, and this may secretly be the reason why Cisco has avoided using the term "backdoor account" all year for the seven "backdoor account" issues. Instead, Cisco opted for more complex wordings such as "undocumented, static user credentials for the default administrative account," or "the affected software enables a privileged user account without notifying administrators of the system." It is true that using such phrasings might make Cisco look disingenuous, but let's not forget that Cisco has been ferreting these backdoor accounts mainly on its own, and has been trying to fix them without scaring customers or impacting its own stock price along the way.

A good thing

[alvinrod]

It's a good thing the headline pointed out that it was a good thing. I'd never be able to have figured it out for myself if I hadn't been told. Now could someone please tell me what products to consume?

Re:good thing? pigs arse it is

[jonwil]

Any hardware manufacturer that allows backdoors to even end up in a shipping device clearly has something wrong with the way they do software development. And when they do find things like this, they need to backtrack via version control and see who allowed this crap to happen (in terms of the developer and the all the different levels of people who were supposed to review that developers code before it got out there) and give the people who allowed it to happen or should have caught it a good talking to so the people involved change the way they do things so it cant happen again.

Then again, given what Snowden has told us, all these backdoors in all these internet connected things may well be intentional and only closed or covered up when someone not sworn to secrecy finds one...

I beat my wife 65% less , and that's a good thing.

[king+neckbeard]

Yes, the direction the code is moving in is an improvement, but that's not good, that's less awful. But the fact that there were seven backdoor accounts to remove is a huge problem.

Cisco isn't flying with the angels.

[Excelcia]

Backdoors don't just magically appear on their own. Someone at Cisco had to put them there. Someone at Cisco had to be told to put them there. It is impossible that Cisco didn't know these backdoors were there.

Exactly. And as per Snowden's revelations years ago. Cisco was pointed to as purposefully backdooring its products at the behest of the NSA years ago, and today they are suddenly on the side of the angels because they have graciously patched out a few of them?

Meanwhile, what has the NSA already installed on those systems through those backdoors? If they are getting patched out now, it's only because Cisco's keepers don't need it any more.