• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Backdoor found: should I still buy this Juniper SRX100 router?

Should I buy this Juniper SRX100 router?

  • Total voters
    15
Kursah

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,673 (2.29/day)
Location
Missoula, MT, USA
System Specs
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
True it's older, but I wouldn't think for a second that there's absolutely no backdoors exploitable or conveniently hidden in any appliance OS, PF Sense included. That kind of assumption is dangerous. With that said, PF Sense is probably one of the better bets for users.
 
qubit

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.99/day)
Location
Quantum Well UK
System Specs
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
OneMoar said:
again as much as the people in this thread like controversy and tin foil hats the backdoor had nothing todo with the NSA
think about it if the nsa wanted to have a backdoor they would certainly do a better job of hiding it there are far more secure approaches to putting in a back door then what is shown here
Click to expand...
It's actually the first article that I linked to citing the NSA putting it in there, not us. Also, the article is giving reasons why it's actually likely not the NSA, despite rumours that it is.

Whether they'd do a better job of it than this I have no idea. :)
 
taz420nj

taz420nj

Joined
Jul 21, 2015
Messages
501 (0.16/day)
Kursah said:
True it's older, but I wouldn't think for a second that there's absolutely no backdoors exploitable or conveniently hidden in any appliance OS, PF Sense included. That kind of assumption is dangerous. With that said, PF Sense is probably one of the better bets for users.
Click to expand...

Bugs are one thing, but pfSense is open source - whether it is on a PC or an appliance it's still the same program. It's pretty tough to "hide" a back door in something with so many eyes that can look at it...
 
Rhyseh

Rhyseh

Joined
Jul 3, 2008
Messages
174 (0.03/day)
System Specs
Processor Intel Core i7 5820k
Motherboard MSI X99S-GAMING7
Cooling Corsair H105
Memory 16GB G.SKILL DDR4
Video Card(s) Gigabyte GTX1070 Gaming G1
Storage Samsung 840 Evo 256GB
Display(s) Acer Predator XB271HU
Case Corsair 800D
Audio Device(s) ASUS XONAR
Power Supply Corsair HX850i
Mouse Logitech G502
Keyboard Filco Majestouch
Software Windows 10
From a networking perspective is a very inelegant solution. Your better off having something embedded in the device (read hardware) to upload logging data.

Chances are this is a backdoor that the dev team use and neglected to remove.
 
Kursah

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,673 (2.29/day)
Location
Missoula, MT, USA
System Specs
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
taz420nj said:
Bugs are one thing, but pfSense is open source - whether it is on a PC or an appliance it's still the same program. It's pretty tough to "hide" a back door in something with so many eyes that can look at it...
Click to expand...

True, bugs are one thing and yes pfSense is open source...but that doesn't mean it's impossible, just far less likely to be seen if someone really wanted to hide it. Regardless doesn't mean it will not and cannot happen, and it's simply unsafe to assume it cannot. Less likely, absolutely...impossible..not even close. :toast:
 
taz420nj

taz420nj

Joined
Jul 21, 2015
Messages
501 (0.16/day)
Kursah said:
True, bugs are one thing and yes pfSense is open source...but that doesn't mean it's impossible, just far less likely to be seen if someone really wanted to hide it. Regardless doesn't mean it will not and cannot happen, and it's simply unsafe to assume it cannot. Less likely, absolutely...impossible..not even close. :toast:
Click to expand...

Not saying it can't, but the odds that it would are astronomical. If they tried it do you realize what that would do to their credibility once it was found - since it IS impossible to hide something surreptitious in open source code? It would become non existent instantly. They'd never be trusted again, they'd lose the vast majority of their userbase overnight and it would be the end of ESF.
 
Kursah

Kursah

Super Moderator
Staff member
Joined
Oct 15, 2006
Messages
14,673 (2.29/day)
Location
Missoula, MT, USA
System Specs
System Name Kursah's Gaming Rig 2018 (2022 Upgrade) - Ryzen+ Edition | Gaming Laptop (Lenovo Legion 5i Pro 2022)
Processor R7 5800X @ Stock | i7 12700H @ Stock
Motherboard Asus ROG Strix X370-F Gaming BIOS 6203| Legion 5i Pro NM-E231
Cooling Noctua NH-U14S Push-Pull + NT-H1 | Stock Cooling
Memory TEAMGROUP T-Force Vulcan Z 32GB (2x16) DDR4 4000 @ 3600 18-20-20-42 1.35v | 32GB DDR5 4800 (2x16)
Video Card(s) Palit GeForce RTX 4070 JetStream 12GB | CPU-based Intel Iris XE + RTX 3070 8GB 150W
Storage 4TB SP UD90 NVME, 960GB SATA SSD, 2TB HDD | 1TB Samsung OEM NVME SSD + 4TB Crucial P3 Plus NVME SSD
Display(s) Acer 28" 4K VG280K x2 | 16" 2560x1600 built-in
Case Corsair 600C - Stock Fans on Low | Stock Metal/Plastic
Audio Device(s) Aune T1 mk1 > AKG K553 Pro + JVC HA-RX 700 (Equalizer APO + PeaceUI) | Bluetooth Earbuds (BX29)
Power Supply EVGA 750G2 Modular + APC Back-UPS Pro 1500 | 300W OEM (heavy use) or Lenovo Legion C135W GAN (light)
Mouse Logitech G502 | Logitech M330
Keyboard HyperX Alloy Core RGB | Built in Keyboard (Lenovo laptop KB FTW)
Software Windows 11 Pro x64 | Windows 11 Home x64
taz420nj said:
Not saying it can't, but the odds that it would are astronomical. If they tried it do you realize what that would do to their credibility once it was found - since it IS impossible to hide something surreptitious in open source code? It would become non existent instantly. They'd never be trusted again, they'd lose the vast majority of their userbase overnight and it would be the end of ESF.
Click to expand...

It would be far far worse than what Juniper is facing to say the least. Let's hope that day never comes...
 
qubit

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.99/day)
Location
Quantum Well UK
System Specs
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
taz420nj said:
Not saying it can't, but the odds that it would are astronomical. If they tried it do you realize what that would do to their credibility once it was found - since it IS impossible to hide something surreptitious in open source code? It would become non existent instantly. They'd never be trusted again, they'd lose the vast majority of their userbase overnight and it would be the end of ESF.
Click to expand...
This is one of the reasons why I like IPCop so much, which I've been using for about a decade, now. As you say, any funny business like this and they'd be dead in the water.

Confession: the old Compaq D510 PC it was running on developed a very noisy CPU or PSU fan a few months ago. I then turned it off and returned to my old ISP supplied router temporarily. The shame of it is that I never got round to fixing the PC and I'm still on it! :oops::oops: That Juniper doesn't look like it's got a fan so at least an annoying fault like this won't be a problem, lol.
 
Rhyseh

Rhyseh

Joined
Jul 3, 2008
Messages
174 (0.03/day)
System Specs
Processor Intel Core i7 5820k
Motherboard MSI X99S-GAMING7
Cooling Corsair H105
Memory 16GB G.SKILL DDR4
Video Card(s) Gigabyte GTX1070 Gaming G1
Storage Samsung 840 Evo 256GB
Display(s) Acer Predator XB271HU
Case Corsair 800D
Audio Device(s) ASUS XONAR
Power Supply Corsair HX850i
Mouse Logitech G502
Keyboard Filco Majestouch
Software Windows 10
Nope. No fan. It's really very low power draw overall.
 
qubit

qubit

Overclocked quantum bit
Joined
Dec 6, 2007
Messages
17,865 (2.99/day)
Location
Quantum Well UK
System Specs
System Name Quantumville™
Processor Intel Core i7-2700K @ 4GHz
Motherboard Asus P8Z68-V PRO/GEN3
Cooling Noctua NH-D14
Memory 16GB (2 x 8GB Corsair Vengeance Black DDR3 PC3-12800 C9 1600MHz)
Video Card(s) MSI RTX 2080 SUPER Gaming X Trio
Storage Samsung 850 Pro 256GB | WD Black 4TB | WD Blue 6TB
Display(s) ASUS ROG Strix XG27UQR (4K, 144Hz, G-SYNC compatible) | Asus MG28UQ (4K, 60Hz, FreeSync compatible)
Case Cooler Master HAF 922
Audio Device(s) Creative Sound Blaster X-Fi Fatal1ty PCIe
Power Supply Corsair AX1600i
Mouse Microsoft Intellimouse Pro - Black Shadow
Keyboard Yes
Software Windows 10 Pro 64-bit
Ok, I've had the router for a couple of days now and have just gotten around to playing around with it this insomniac night.

Turns out I won't be keeping it, unfortunately. While it's very nice, it doesn't actually log intrusion attempts the way that IPCop does. With that, I can see a daily record in the web interface of every single attempt on every single day that it's running. In particular, it's the number of attempts I get each day that I like to see, so I can't see the point in spending significant money just to get something that loses me a critical feature. The SRX100 does have a lot of advanced features though and I can see why companies would want to use it, it's just not for me.

I'm just gonna have to get off my ass and fix/replace the fan in that old PC now. :laugh:
Thanks for all your help though, especially @Rhyseh. :toast:
 
You must log in or register to reply here.
Top