On Friday, 15 March 2019 11:40:19 AEDT Andy Farkas wrote: > > Spyware in exported network equipment isn't anything new, it's been > > happening for 20 years. > > Do you have any links to back up this claim?
An Israelii company known as Checkpoint Technologies sold a widely-used commercial firewall in the mid-90's. The Defence Signals Directorate at the time ran an IT security-evaluation service which certified products according to the European E0-E6 classification system, where E0 meant "not assessed" and the lowest useful classification was E3. An E3 or higher rating also required software listings to be submitted. Checkpoint's firewall was rated as E3, but a note on the DSD website stated that it must not be used by Australian government departments. My enquiries there revealed the reason was that Checkpoint refused to submit listings of the VPN software, and other "very reliable" sources said the VPN implementation was widely believed to contain back-doors. Of course backdoor access to a commercial firewall was a fine source of security and commercial secrets. The DSD process could be expensive, but it was about as thoroughly dependable as possible and IMO it's a pity Australia no longer has such a service. David L. _______________________________________________ Link mailing list [email protected] http://mailman.anu.edu.au/mailman/listinfo/link
