logoalt Hacker News

Terr_today at 2:18 AM1 replyview on HN

If you're accusing CERT of hypocrisy, what's an example of the second case?


Replies

murderfstoday at 3:26 AM

I'll do better than a second case, here's three:

Barracuda Networks: https://krebsonsecurity.com/2013/01/backdoors-found-in-barra...

Fortinet: https://community.spiceworks.com/t/hard-coded-password-backd...

Korenix: https://sec-consult.com/vulnerability-lab/advisory/backdoor-...

The fact that the password is "rzadmin" makes it a lot more likely that this is just run of the mill stupidity, and not something more nefarious: you'd want a backdoor that isn't blindingly obvious and usable by the CIA.