Firewalls: Re: Pulling out Checkpoint-1 firewalls

Firewalls
(June 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Pulling out Checkpoint-1 firewalls
From:	Mark Teicher <mht @ clark . net>
Date:	Fri, 27 Jun 1997 00:32:19 -0400
To:	mjr @ clark . net, Firewalls @ GreatCircle . COM
In-reply-to:	<199706270216 . WAA02690 @ mail . clark . net>
References:	<199706260407 . VAA06809 @ honor . greatcircle . com>

Marcus,

I forwarded the original post of to support @
 checkpoint and the US CEO of
Checkpoint and have not heard back.. I even posted to their mailing list,
and no response. I even logged trouble ticket on this.. The ticket has been
opened since I saw the posting..  Why hasn't Checkpoint responded in public
???


/mark


At 10:14 PM 6/26/97 +0000, Marcus J. Ranum wrote:
>Vin Writes:
>> This particular rumor, however, seems to fail the Test of Reason.
>
>I think that part of the confusion results from the fact that
>a lot of Israeli computer security technologies spring from
>folks at the Israeli DOD who commercialize things they
>invented/developed for the government. Not unlike other
>fine products in the US that were developed by cleaning
>up ARPA-funded research.
>
>The notion that Mossad would put a trapdoor in Checkpoint
>is laughable. That's not how they operate; they are more
>professional than that. I've run into the rumor several times,
>including from some Big Shot Consultants who subsequently
>weren't able to remember who their "sources" were when
>I called them on the phone. I suspect that if anyone's the
>Mossad agents, it's the Big Shot Consultants. :) There are a
>lot of useless know-nothing wankers who are jumping on
>the security bandwagon now that it's a "hot area" and
>are trying to cash in. Such individuals' stock in trade is
>spooky-sounding hush-hush stuff that makes them sound
>very important. Any studly Big Shot Consultant who *KNEW*
>that Checkpoint had a trapdoor would have posted the
>disassembled subroutines in question years ago.
>
>Indeed, for amusement value, I hereby offer a $3,000US
>cash prize out of my pocket to the first person who posts
>a verifiable disassembly of a dliberate trapdoor in a
>Checkpoint. Rules are that 2 other experts of my choice
>verify it. But first, let's apply the test of logic: a Big Shot
>Consultant who *KNEW* of such a hole and found it
>would get 15 minutes of fame on CNN and be the (/tmp)
>darling of the Information Warfare Lunatics. That's
>publicity worth the effort. If it was real. Casting aspersions
>is always easier than shedding light.
>
>mjr. (Secret Agent XZ3)
>-----
>Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
><A HREF=http://www.clark.net/pub/mjr>Personal</A>
><A HREF=http://www.nfr.net>Work</A>
><A HREF=http://www.clark.net/pub/mjr/websec>New Book!!</A>
>
>
#########################################################
'Turn on, Boot Up, Jack in' 
#########################################################

Follow-Ups:

Re: Pulling out Checkpoint-1 firewalls
From: Michel Lavondes <lavondes @ tidtest . total . fr>

References:

Re: Pulling out Checkpoint-1 firewalls
From: "Marcus J. Ranum" <mjr @ nfr . net>

Indexed By Date	Previous:	RE: Are there any NFS clients to mount filesystem on UNIX? From: Dana Bourgeois <fg @ portal . com>
Indexed By Date	Next:	RE: Are there any NFS clients to mount filesystem on UNIX? From: Jesse Brown <bextreme @ geek . ptw . com>
Indexed By Thread	Previous:	Re: Pulling out Checkpoint-1 firewalls From: "Marcus J. Ranum" <mjr @ nfr . net>
Indexed By Thread	Next:	Re: Pulling out Checkpoint-1 firewalls From: Michel Lavondes <lavondes @ tidtest . total . fr>