http://www.golem.de/news/it-planungsrat-hardware-darf-keine-schadenstiftende-software-haben-1603-119867.html Published: 18/03/2016 14:43
has The IT Planning new contract terms for the purchase of hardware released. Manufacturers have to ensure that their devices do not have “features for unwanted initiation of data”.
Almost three years after the Snowden revelations, the IT Planning federal and state the terms and conditions for the purchase of hardware (EVB-IT purchase) supplemented. Accordingly, manufacturers must assure in the contract that their devices do not contain malicious software and no backdoors. The IT Planning in 2010 as “central body for federal cooperation in Information Technology” launched. The new regulations were adopted at the 19th meeting of the Planning Council during Cebit.
accusations against Juniper, Huawei and ZET
The so-called supplementary conditions of contract for the procurement of IT services (EVB-IT) are binding on federal agencies. The countries are to provide for the most part identical or similar obligations.
In most Behördendenglisch in the new conditions is now: “The contractor will deliver the hardware free from harm-creating software, such as in-box drivers or firmware..” This must before are dedicated to providing tested and assured by the manufacturer. In addition, the hardware may not have back doors, that is, functions for “unwanted discontinuation / exit of data (…), the undesired change / manipulation of data or the flow logic or (…) the unwanted introduction of data “ or unwanted feature enhancements.
undesirability is then a function, “if the activity so neither requested by the client in its terms of reference, still offered by the contractor under concrete description of the activity and its effects, even in individual cases expressly authorized by the client ( ‘opt-in’) was “. to the ” damage-causing software “According to the EVB include viruses, worms and Trojans. You have “at least also the purpose (…), the availability of data, resources or services, data confidentiality or integrity of data to endanger or affect”.
With the revelations of Edward Snowden had become known that the NSA NSA has built in numerous hardware devices backdoors. Last came the router manufacturer Juniper provide explanations because its products contain the questionable random number generator dual_ec_drbg which is most likely a product of the NSA and contains a backdoor. In the products of Chinese manufacturers Huawei and ZTE is the US Congress considers potentially a security risk to the US and its systems. (Fg)
Related articles:
Fortinet: More backdoors, more patches
(25.01. 2016 10:35, http://www.golem.de/news/fortinet-mehr-hintertueren-mehr-patches-1601-118720.html)
Fortigate firewalls: SSH back door even with Fortinet?
(01.13.2016 12:45, http://www.golem.de/news/fortigate-firewalls-ssh-hintertuer-auch-bei-fortinet-1601-118501.html)
random number generator: Juniper for backdoors in Erklärungsnot
(01.11.2016 12:18, http://www.golem.de/news/zufallszahlengenerator-juniper-wegen-hintertueren-in-erklaerungsnot-1601-118457.html)
NSA Committee: Steinmeier defends cooperation with US intelligence
(17/03/2016 18:22 http://www.golem.de/news/nsa-ausschuss-steinmeier-verteidigt-kooperation-mit-us-geheimdiensten-1603-119849.html)
Voice over LTE: presented attacks on mobile IP telephony
(29.12.2015 14:02, http://www.golem.de/news/voice-over-lte-mobile-ip-telefonie -can-bugged-be-1512-118236.html)
No comments:
Post a Comment