NSA sabotaged exported US-made routers with backdoors


#1

[Permalink]


#2

Weird not seeing and US Citizen complaining... OH WAIT!


#3

This just in: The US makes routers.


#4

Something tells me the market for U.S.-made routers is about to dry up.


#5

Probably not. It's not if someone is spying on you, it's who's spying on you. So pick your manufacturer based upon which nation has the least relevance to your business.


#6

Build your own firewalls people. Look to BSD.


#7

Is this still considered whistleblowing? How so?


#8

Are you serious? How is it not? Revealing that the NSA is illegally or at least unethically sabotaging U.S. technology exports clearly counts as whistleblowing. This isn’t a list of deep-cover field agents or nude selfies of James Clapper here.


#9

That won't do anything if your isp is running a compromised router.

The lesson being taught is to encrypt every single thing you put onto the network.

(Too bad SSL is compromised too! We're pretty much fucked no matter which way you approach it.)


#10

Must. Gouge. Out. Mind's. Eye.


#11

Two questions immediately come to my mind:

1) How exactly does the NSA "interdict" these shipments? Hijacking? Bribery? Willing cooperation of someone in the supply chain?

2) How deeply embedded is this software? Can it be wiped by reinstalling firmware downloaded directly from the vendor?


#12

These are great questions. And they really should be addressed. By the manufacturers. Who are probably cooperation under one of those NSA security letters so they can't talk about it.


#13

Perhaps during "Customs"... Sorry Comrade, this shipment of routers will be held until we receive additional documentation.


#14

Here is the post I wrote that asked these questions. Which US-made Internet Routers Did the NSA Tamper With?


#15

Excellent! Europes tech industry is jumping for joy.

In other news:
The USA becoming the ultimate hypocrite. If it's hypocrisy gets any denser it probably forms some sort of irony singularity.


#16


#17

I think you may misunderstand the problem. We assume internet traffic is compromised and we take steps to reasonably secure that traffic.
Even if your ISP has a compromised router, the only thing the baddies would see is your outgoing and incoming traffic. In other words, they would only see internet traffic. Egress and Ingress traffic can be secured with the use of IPSec VPN or similar technology. As long as anything sensitive is transmitted securely, a compromised ISP router isn't much of a threat.
On the other hand, if your router is compromised, the baddies can see LAN side traffic and that's a whole other can of worms.


#18

Nearly there, look:


#19

No, this is considered "reporting."

The "whistleblowing" part happened a year ago.


#20

Yeah I think you're exactly right. Keep all this stuff under your own roof. Easier to contain that way (usually hah).

And I'm guessing this program is about low-end home & small business routers since those are least likely to get updated. Unless they've infected these devices at such a low level that their tools aren't affected by firmware updates.