NSA hacked Huawei, totally penetrated its networks and systems, stole its sourcecode


#1

[Permalink]


#2

At what point are people allowed to retaliate?


#3

Crazy. We need a better conversation about this here in the US. Snowden at SXSW was a good start and I even watched some of the NSA's respone (though I wasn't very impressed).
Thanks for the front page on this, BB


#4

Just as a reminder, for balance:

I have a hard time siding with anyone on this one.


#5

Yeah, this...bothers me. The release, I mean. We do, in fact, have plenty of evidence that the Chinese government is working with some Chinese tech companies to perform espionage against the US, so the NSA infiltrating Huawei looks suspiciously like legitimate espionage in the national interest. We were told that the holders of the Snowden files weren't just releasing stuff willy-nilly but focusing on indisputably sinister actions against the American public and innocent internationals, and until now that's been true, AFAIK. This is a whole lot more grey, and puts our side in a bit of a bad light.


#6

Retaliate how? By performing infiltration and espionage against us? There's substantial evidence that they already were, and the NSA was trying to mitigate that.

This is the first Snowden leak that I'm not 100% sure needed to be leaked.


#7

I assume you are wondering how long before the world gets sick of us, and fixes their problem permanently? Good question.


#8

This brings up an issue about the Snowden leaks: who is the gatekeeper in terms of publishing these leaks? I mean, Snowden obtained the documents, but as far as I know, he dumped them all off in a big bundle onto a bunch of news organizations and told them to publish the leaks at their discretion. Obviously, someone who is not Snowden decided to publish this. I sometimes wonder if Snowden himself read through the reams of documents he procured before dumping them in a hurry and fleeing from HK.


#9

Well, they (the NSA) could have put some effort into securing the network for everyone, instead of squealing like little girls at a puppy show as they exploited the situation.

Instead they not only didn't make things better, they actively made things worse. It is clear now that Huawei kit definitely cannot be trusted, but it cannot be trusted because of the US government, not the Chinese govt. It's just flat out industrial espionage, which has nothing to do with national security.


#10

Isn't referring to the NSA program as SHOTGIANT contrary to your spell-things-wrong resolution, Cory?

Should just be Shotgiant, right?


#11

FTFA:

I resolve to minimize my use of incaps when writing about commercial products and companies.

1) 'minimise' != 'eliminate'
2) The NSA is not a commercial company
3) SHOTGIANT is not a commercial product.
4) the military has been capitalising proper names (especially, but not only, operation names) since Adam was knee high to a grasshopper. It's done to emphasise key pieces of information, rather than to try and sell you something. Stylistically everyone else is certainly free to capitalise or not at their whim, rather than slavishly following military protocol, but there's no difference between, say, Operation OVERLORD, Operation Overlord, or Operation Overlord. It comes down to personal choice and what the writer feels is most appropriate.

You need to find yourself a new hobby horse.


#12

Snowden has not personally "decided" to publish anything. Those decisions are made by the media organisations themselves.

Also, he collected the information himself so I'm sure he's seen every single thing in the trove. He made decisions about what to include and what not to.


#13

H scraped up a lot of shit with scripts, so he might well not have seen every document. I'm not saying he didn't, just that there's no reason to assume he did.


#14

You're right that there's no absolute facts here, but I imagine he did see everything he was taking because it seems he didn't have a problem with what the NSA does (he went to work for them, after all), unless it is unconstitutional or undermines the operation of the internet as we know it. He chose the things he took for their specific meaning in the broader narrative. I'm sure he saw a hell of a lot of insane, scary things that he did deem to be within the reasonable operations of the NSA's mission which didn't make it to the trove he took.

I imagine he used those tools to scrape the NSA intranet, then went through when he got to see what was important to make his case. In the end: who knows... I just hope his life in Russia is reasonably tolerable.


#15

I have to say I agree. Even if China wasn't the bogeyman-du-jour, their use of Huawei for censorship and repression, especially of Falun Gong, makes me feel like anybody who hacks them gets +1 Deer.


#16

Cory,
Please read Glenn's article at https://firstlook.org/theintercept/2014/03/23/facts-nsa-stories-reported/ and consider replacing your first few works "A new Snowden leak" with something that explains that NYT and der Speigel actually published the pieces based on the full dump that Snowden gave them back in June 2013.


#17

To those complaining that this particular story isn't a big deal, consider a news story we'll never see:

NSA helps fix security flaw in Huawei equipment
Today NSA officials reported that their analysts discovered last year that Huawei products - widely used in US and international communications networks - contained a number of security vulnerabilities. NSA security experts provided advice to Huawei on how to fix the flaws, including testing the proposed resolution. NSA were able to use their trusted position to assist Huawei in getting the fix roled out to all deployed equipment by the end of January this year. Officials believe that this prompt and thorough response prevented any exploitation of the flaw. As a result of this collaboration US and international communications networks are now safer than before from hostile governments and criminal organisations. Global financial markets reacted positively to this development.

That story is technically possible (well, it was until the NSA blew its stock of trust). Would that outcome have been of value to you?


#18

Eh, I'm with Stephen on this. Cory's "spell things wrong" initiative is hilarious enough that it deserves to be called out at every opportunity.


#19

You're right. This is clearly very different. I wouldn't classify NSA's actions as criminal. Many know these kinds of battles happen out of sight, but some don't.

I hope it's intended as more of a warning around the danger of weakening our network and security. If the NSA can hack Huawei, China's going to find NSA's backdoors and weakening of our Internet and security very helpful.

This is a risky leak. I hope people understand how it fits in with the other materials released to date.


#20

I wouldn't classify NSA's actions as criminal.

'The Huawei revelations are devastating rebuttals to hypocritical U.S. complaints about Chinese penetration of U.S. networks, and also make USG protestations about not stealing intellectual property to help U.S. firms’ competitiveness seem like the self-serving hairsplitting that it is.'
[M]ere legality is insufficient to shield a program from justifiable transparency; conversely, exposure of illegality is not the only form of valid reporting. Take the classic whistleblowing case of the Pentagon Papers: those documents really did not reveal illegality as much as they revealed government deceit, systematic lying to the American people about the Vietnam War. The fact that such official lying may have been legal hardly means that it should have remained concealed.