[tptacek]

To a first approximation every country in the world has an interest in backdooring Cisco routers, so if the vector for accomplishing that is as dumb as default passwords, why exactly would you single NSA out for that? Nobody's saying it couldn't have been NSA --- like China, Russia, France, Israel, &c NSA also backdoors foreign routers --- only that this story doesn't point to NSA directly.

The moral drama in this story is much less interesting than the technical phenomenon, especially when we barely have an inkling of what's happening technically.

[kbenson]

I agree it doesn't point to the NSA directly, but I'm interested in how they use the default password as an infection vector. There are theoretically very interesting and sophisticated ways to do that, such is other infected routers on the network identifying source traffic from factory booted routers and initiating the infection at that point, which would have an extremely high chance of succeeding. In that case what would have been discovered is the reproduction method, and possibly not the initial infection method.