​​Have you ever seen yourself in trouble arguing for the sake of OpenSource when it comes to transparency, ​​​security and correctness? Well, the quality of Software isn't defined by whether it is conventional (aka "closed") or OpenSource. There is good/secure closed source software around, as well as there is terrible OpenSource. And vice versa. However, there's a difference.

While with OpenSource, one can actually become knowledgeable about a certain correctness/security level, with closed source one basically has to rely on the vendor. That is nothing particularly bad, as long as you know the vendor is telling the truth - or, even more important: you know who is driving the vendors' interests. If three letter agencies are forcing your trusted vendor to include backdoors, you suffer.

Juniper has just gone through this. Well, and they are still. Just the last days, an SSH backdoor has been discovered in their ScreenOS versions 6.2.0r15 to 6.2.0r18 and 6.3.0r12 to 6.3.0r20. Anyone knowing the statically stored password can log in to and "administer" your firewall/vpn gateway. (CVE-2015-7755).

No big news? Are Cisco users safe? Choose your poison. As Edward Snowden has put it: Juniper just *closed* backdoors in their product. Cisco's still wide open.

Here are some links on the topic, for your own research:

​ You might ask, "what should I do"? Well, I am bad in giving advices, but I use OpenBSD based software​ :)