We don't deny altering hardware. In fact, if we (likely) install backdoors into hardware used by foreign intelligence targets; but don't worry, we're not interested in the casual user. As the US Government relies on commercial hardware, we make sure that only the US Government can access the backdoors. We're angry that this was made public, and we can't prove that it jeopardizes human lives.
It also sheds some new light on the "China-hardware is bad for you" media campaign that was run right before Snowden happened. It seems that not buying American means keeping the American intelligence community out of ones network.
But I guess you _actually_ can't trust the Chinese either. That doesn't leave many hardware vendors for heavy-duty network equipment to choose from.
Sure you can. The Chinese are 10,000 miles away and don't really care about Western domestic politics. It might be different if you are an arms or pharma company, but for the average citizen concerned about civil liberties, you really can trust the Chinese in this case.
China cares a great deal about Western politics. Their two biggest markets are the United States and Europe.
Check out the Chinese support of Hillary and Bill Clinton.
There has been a ton of illegal Chinese money all over US elections for decades. Read up on the scandals from the 1990's revolving around this, or the Chinese money that flowed to Hillary in 2008.
Obama.com is (was?) even owned by a money bundler out of China.
Or check out the Chinese hackers that targeted the Romney & Obama campaigns.
It is not about you and the government, but rather about hackers that found out and are digging for these government approved exploits/backdoors/what-have-you.If they do alter piece by piece different bit of hardware then O.K. but somehow I doubt thats how this works, would be too work intensive and sloppy - error prone.
This reminds me of a story about a TOR developer who suspected her keyboard from Amazon was intercepted and implanted, because the redirection was included in the delivery log. Seems quite likely it was, in light of Glenn's latest slides release.
The Dulles area is known as a hub for US spook-agency headquarters and activities.
It's not obvious tho that this is suspicious - there's also a big airport there and it could be just a shipping facility. I guess the argument is that it is an unnecessary detour if it could have gone right to Alexandria.
I'd like to see (a) other CA shipments, say non-computer items, to Alexandria - and whether they go via Dulles and (b) a followup indicating whether Shepard found anything of interest.
How much hardware is actually made in the USA anymore? Most HW is manufactured in Taiwan, China, Korea, Thailand, Malaysia or maybe Mexico. I used to work for a router manufacturer that manufactured all of its equipment in Taiwan and Mexico. When we shipped to someone in Europe(for example) we shipped directly from Taiwan to Europe, not through the US. So I have to wonder how much of this stuff the NSA could actually get their hands on.
The other question I have is what happens when there is an RMA, or the equipment is sent back for repair? Might someone notice that it's been tampered with? We need more specifics to really understand what was going on here. So many questions, no real answers.
This is not based upon any particular knowledge or expertise, but upon many years of casual observation, general news reporting, and anecdote from friends and whomever: Given their position as well as long-standing ties both politically and militarily as well as economically, I have to -- in my own mind -- seriously question the independence of anything of real interest to the U.S., that's happening in Taiwan.
I don't mean that the Taiwanese aren't their own people with their own interests; nonetheless, I would expect to find their various systems rather thoroughly and effectively infiltrated.
Again, I don't have any real knowledge in this regard. I'd welcome more knowledgeable comments in response to mine.
I get the feeling that if every router was being intercepted, that picture would look more like a giant series of assembly lines rather than three people casually sitting around a Cisco box.
Guess I should've been clearer: any equipment they're interested in that ships from the US is at risk. They don't need to go after all equipment. They only need to go after equipment being shipped to backbone providers abroad, and specific targets they are interested in that are "tough to crack."
Further, if one believes that TAO is limiting themselves to terrorists buying Cisco equipment, I have a bridge to sell you. That's absurd considering they produly boast about their economic espionage, their spying on activists such as Wikileaks supporters and other "radicals," and their partners bragging about how they DDoS IRC chat rooms of hacktivists.
I don't expect them to be limiting themselves to terrorists - they're a foreign intelligence agency. I expect them to be gathering info on foreign governments, militaries, etc. (along with spying on terrorists).
I've written about the NSA porno article before, so I'll just post the link to that thread[1]. The TLDR is that Greenwald seems to have left a good deal out of his reporting in order to both sensationalize and avoid discrediting his own argument. I haven't read his new book; maybe he addresses it in there.
No, but that's their justification the vast majority of the time. They don't limit it to foreign governments or militaries either. They do engage in economic espionage, fact. They do single out anyone they don't like which isn't limited to terrorists in these campaigns: "radicals", among them Wikileaks supports, fact.
Stewart Baker has discredited himself[1], his opinion is worth jack shit frankly. I wouldn't trust anything he says, not only because he was behind many of these programs as council but also because of Eben Moglen's interactions with him during the almost-prosecution of Phil Zimmerman, and suggest you do the same.
That the documents are 'sensationalized' is the favorite refuge of NSA goons: when Keith Alexander's comment about collecting it all became public, SEXINT, PRISM, etc. He talks about all of those and leaves no doubt that this characterization is horse shit after the third chapter.
I simply cannot fathom how the NSA could hope to intercept and physically mess with every single piece of $10 to $10,000 router sold.
If true, and I have a hard time believing it is not, either this is done at the design level (and not just on router chips), or only for big ticket backbone and/or enterprise equipment.
It doesn't have to be every $10 router. Plant one compromised router at each router factory, check when primary target X, Y or Z orders routers, intercept that shipment and hack each router.
I'm not sure how much is shipped directly from the over seas manufacturer to the customer. However, the NSA could be intercepting RMA hardware as well.
What are the hidden router capabilities being exploited here? What piece of COTS hardware couldn't be exploited by an attacker with unlimited physical access to it prior to delivery?
Indeed. Somehow a story about NSA tampering with devices after manufacture is being twisted into "all commercial products are deliberately backdoored". If you actually use logic, these are separate issues.
Actually, if anything, the story is proof that the routers are not backdoored from the start, otherwise why would they have to intercept shipments?
Actually, if anything, the story is proof that the routers are not backdoored from the start
Let me preface my response by saying I think there are probably more non-malicious (accidental) vulnerabilities than intentional backdoors.
Schneier has seen many of the original documents, and his constant refrain is that NSA programs are robust -- that they have multiple totally unrelated ways to accomplish any one goal. Quoting one of his articles:
"First and foremost, the surveillance state is robust. It is robust politically, legally, and technically. I can name three different NSA programs to collect Gmail user data. These programs are based on three different technical eavesdropping capabilities. They rely on three different legal authorities. They involve collaborations with three different companies. And this is just Gmail. The same is true for cell phone call records, Internet chats, cell-phone location data."
Rumors about this have been around for a long time but as far as I know, nobody has proven anything.
The safest guess right now is that if an American intelligence agency wants to infiltrate your corporate network, they'll take the IPMI route. With that they probably wouldn't even have to rely on a backdoor but could use the existing security holes.
If you have the ability to insert backdoors on widely used hardware with no realistic alternative implementations, without anyone other than a very select few (who all have plenty to lose if they reveal anything) knowing about it; AND the only thing you'll use it for is National Security (preventing someone from building a nuke to drop on your country), why would you NOT go through with it?
How can we protect ourselves from this type of interception? It seems impossible. Why would any non-american customers buy US made devices? Any protections that are added can/will be bypassed if the US gov gets physical access (or even remote).
Just about the time of the previous revelation of computers from outside the US being intercepted by TLAs, my new Lenovo was delayed for a long time in some customs facility (according to UPS tracking).
Software is not a concern as I blew away the preinstalled and put a relatively trusted OS on. But hardware - I haven't had time to look into it but I'm still wanting some sort of guide on what to look for after unscrewing the case.
The scary part is that blowing away the OS install won't save you completely. There are BIOS, firmware attacks, to name a couple. Take a look at the following link with information about persistent root access via hard drive firmware hacking. Even if you reinstall the OS, your box will continue to be owned:
I wish they posted more details surrounding the implants, what they can do, and how they work. Knowing this would help us detect when devices were compromised.
"Do you mean a car designed in the US and built in China, or a Japanese car built in Ohio?" I'm pretty sure that given how few choices of mainstream hardware there are you are screwed no matter what you buy.
I've started doing the same. Of course, I wouldn't be shocked if either or both of the following were true:
1. Other countries collude with America in this practise;
2. Other countries are also practising this.
Open source is a potential solution to this problem. It doesn't guarantee security (heartbleed anyone?), but it does allow anyone, anywhere, any time (assuming capability) to verify. My router runs Open-WRT, so I feel safer.
Thinking about this more, there's a little problem for those living in "the land of opportunity": given that the government has access to all communication via its dragnet, they're aware of your purchase and can intercept it at customs. Now you might try to be smart and buy it in person while on holiday. But remember, the airport NSA can take it off your without reason and of course do what they want to it.
We don't deny altering hardware. In fact, if we (likely) install backdoors into hardware used by foreign intelligence targets; but don't worry, we're not interested in the casual user. As the US Government relies on commercial hardware, we make sure that only the US Government can access the backdoors. We're angry that this was made public, and we can't prove that it jeopardizes human lives.