We chose to record here a few of the security screw ups that provide more profound insights into what on earth was actually happening during 2015 in security. On the surface it was the standard batch of commercial avarice unskilled programming as well as an inclination to underestimate the durations attackers will go to sabotage systems as a piece of small scale targeted attacks. There was some bad luck.

However, a significant security tendency was brought by the year into unpleasantly sharp focus – yet large the risk from outside attackers it’s the inadvertent flaws built into services or technology which represent the most serious security challenge of all. After years of information violations, this is a deep realisation that however awful an enterprise’s enemies, it’s its buddies that might do us the most damage.

Rumours of back doors in networking gear were largely blown off as specialized paranoia and have been kicked around for some time but the tremendous weakness uncovered in the VPN component of Juniper’s NetScreen firewall kit before Christmas 2015 indicate the stresses have material.

Who created the back door- a manner of eavesdropping on allegedly protected encrypted VPNs used by big businesses – is a puzzle but on the grounds of records leaked by Edward Snowden the first RNG weakness seems to have been something the NSA was not unaware of. It remains possible that a foreign power planted the back door and found the defect; either manner, the NSA seems for what’s in effect a double pwn culpable.