Backdoor password in Juniper's firewall code

Via Ars Technica:

On December 17, Juniper Networks issued an urgent security advisory about “unauthorized code” found within the operating system used by some of the company’s NetScreen firewalls and Secure Service Gateway (SSG) appliances. The vulnerability, which may have been in place in some firewalls as far back as 2012 and which shipped with systems to customers until late 2013, allows an attacker to gain remote administrative access to systems with telnet or ssh access enabled.

This is exactly why creating back doors in to encryption is a really bad thing. We don’t need a ‘Manhattan-like project’ to create more security holes like this one — if you create backdoors, even for legitimate purposes, you’ll simply be increasing the likelihood that incidents like this will continue to happen.