What are the hidden router capabilities being exploited here? What piece of COTS hardware couldn't be exploited by an attacker with unlimited physical access to it prior to delivery?
Indeed. Somehow a story about NSA tampering with devices after manufacture is being twisted into "all commercial products are deliberately backdoored". If you actually use logic, these are separate issues.
Actually, if anything, the story is proof that the routers are not backdoored from the start, otherwise why would they have to intercept shipments?
Actually, if anything, the story is proof that the routers are not backdoored from the start
Let me preface my response by saying I think there are probably more non-malicious (accidental) vulnerabilities than intentional backdoors.
Schneier has seen many of the original documents, and his constant refrain is that NSA programs are robust -- that they have multiple totally unrelated ways to accomplish any one goal. Quoting one of his articles:
"First and foremost, the surveillance state is robust. It is robust politically, legally, and technically. I can name three different NSA programs to collect Gmail user data. These programs are based on three different technical eavesdropping capabilities. They rely on three different legal authorities. They involve collaborations with three different companies. And this is just Gmail. The same is true for cell phone call records, Internet chats, cell-phone location data."
Rumors about this have been around for a long time but as far as I know, nobody has proven anything.
The safest guess right now is that if an American intelligence agency wants to infiltrate your corporate network, they'll take the IPMI route. With that they probably wouldn't even have to rely on a backdoor but could use the existing security holes.
If you have the ability to insert backdoors on widely used hardware with no realistic alternative implementations, without anyone other than a very select few (who all have plenty to lose if they reveal anything) knowing about it; AND the only thing you'll use it for is National Security (preventing someone from building a nuke to drop on your country), why would you NOT go through with it?