The problem is that you never know whether the bug that can be exploited to end up in full eavesdropping was just a result of sloppy development practices or whether it was accidental-on-purpose.
Add on to that the possibility that Cisco (and other US manufacturers) kit was being tampered with prior during the export process:-
Hardware/software is nigh on impossible to validate: Is the source code you're looking at the source code that builds the product? Has the build been modified post compilation? Do you trust the compilation tool chain? Has the hardware been scrutinised? Could extra bits (that haven't been assessed) have been snuck in? etc. So called "reproducible builds" are an ongoing unsolved problem in computing.
I personally think that they've suddenly realised that china has had free reign on our networks for a decade.
I'd agree, and I think they're just realising how much of an impact this has had and how much more it will be in the future and that they have no idea how to solve it.
Not publicly, but there's lots of screaming about it in the IT world:
(random article): https://www.tomshardware.com/news/cisco-backdoor-hardcoded-accounts-software,37480.html
The problem is that you never know whether the bug that can be exploited to end up in full eavesdropping was just a result of sloppy development practices or whether it was accidental-on-purpose.
Add on to that the possibility that Cisco (and other US manufacturers) kit was being tampered with prior during the export process:-
https://www.infoworld.com/article/2608141/snowden--the-nsa-planted-backdoors-in-cisco-products.html
Hardware/software is nigh on impossible to validate: Is the source code you're looking at the source code that builds the product? Has the build been modified post compilation? Do you trust the compilation tool chain? Has the hardware been scrutinised? Could extra bits (that haven't been assessed) have been snuck in? etc. So called "reproducible builds" are an ongoing unsolved problem in computing.
I'd agree, and I think they're just realising how much of an impact this has had and how much more it will be in the future and that they have no idea how to solve it.