I mean, didn't the NSA also get caught by Snowden? They intended it to be a secret.
But the Juniper hackers are the NOBUS failure because changing the locks on a backdoor that somebody else had installed is easier than getting one installed yourself.
I don't think you're following. "NOBUS" doesn't mean "nobody but us can ever find out about the backdoor"; it means "nobody but us can actually use the backdoor". Ironically, the Juniper PKRNG backdoor --- I assume it was Chinese --- is also a NOBUS backdoor!
> it means "nobody but us can actually use the backdoor". Ironically, the Juniper PKRNG backdoor --- I assume it was Chinese --- is also a NOBUS backdoor!
Except that it was intended to be "nobody but the us (i.e. the NSA)" and now you've got China using it.
No, we don't. Respectfully, I don't think you're working from an accurate notion of what "NOBUS" means, and I don't think you have your head fully around the Juniper hack. The Juniper hack replaced the existing backdoor; it didn't break it.
NOBUS or not, if your adversary controls your source tree, you're boned. Here, the adversary replaced "our" NOBUS backdoor with theirs. Two different backdoors, different keys, same structure.
But the Juniper hackers are the NOBUS failure because changing the locks on a backdoor that somebody else had installed is easier than getting one installed yourself.