If there are any vendors out there that STILL have Dual_EC RNG in their code, now would be a great time to remove it lest you get outed by a security researcher.
Juniper will finally(!) replace the Dual_EC pseudo-random number generator in ScreenOS with the same random number generation technology currently used in its products running Junos OS. At the same time, ScreenOS will also stop using the ANSI X9.31 number generator.
If you’re wondering why that news is important, you probably didn’t follow the ruckus started by the December revelation that Juniper’s NetScreen firewall devices running ScreenOS contained vulnerabilities that opened backdoors into the devices and allowed attackers to decrypt of VPN connections undetected.
The revelation sparked additional research and disclosures, as well as speculation about who planted those backdoors.
Today’s post pic is from Wikipedia.org. See ya!