[j-nsp] Meltdown and Spectre
Saku Ytti
saku at ytti.fi
Mon Jan 8 06:10:17 EST 2018
On 8 January 2018 at 12:58, Benoit Plessis <b.plessis at doyousoft.com> wrote:
> I can SCP any binary i want on any JunOS platform i own (EX,SRX,QFX),
> QFX 5100 let you run arbitrary VM !
Pretty sure Gert meant that the binaries need to be signed since maybe
last 10years.
But I think if you can configure the box, you can change rootPW, turn
off signature verification and boot the box, unsure.
At any rate, I think it's uninteresting and unimportant topic, if you
can't trust people configuring your network, it's decidedly HR problem
and no amount of code or hardware will fix that.
--
++ytti
More information about the juniper-nsp
mailing list