Dell's Twitter Account Apologizes For The 'Inconvenience' Of Helping NSA Install Spyware

from the time-to-go-off-script dept

There are times when big brands with "social media people" might want to teach those junior level employees to recognize that using one of the standard "scripted" answers might be inappropriate. Take, for example, if you're Dell and a new report has come out suggesting that the NSA has pretty much compromised your servers at the BIOS level with spy bugs, then, when someone -- especially a respected security guy like Martin Wismeijer -- tweets at you, you don't go with the standard scripted "sorry for the inconvenience" response. But, apparently, that's not how Dell handled things this time (thanks to Mike Mozart for the pointer):
In case you can't read that, Wismeijer complained on Twitter about finding out that his Dell server is bugged by the NSA (which might be an exaggeration...) and included the @DellCares account in his tweet. That account wrote:
Thank you for reaching out and regret the inconvenience. Our colleagues at @dellcarespro will be able to help you out.
Wismeijer responded with an expected level of anger. Not only is "regret the inconvenience" probably the inappropriate response to a customer complaining about the NSA installing malware, but the idea that Dell support "will be able to help you out" is similarly questionable.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    icon
    TheResidentSkeptic (profile), Dec 31st, 2013 @ 5:39am

    You missed a fine point, and need a translation..

    "dellcares" does NOT care. Duh.

    "dellcaresPRO" does care, and can help.

    Translation: NSA paid us $50 to put it in; pay our PRO service $250 and they will take it out.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 6:31am

    sidenote

    Can you acquire the skillz of embedding actual tweets mike ?

    Screenshots are good backup but the embedded tweet would be nice. Am sure it's not that hard to do. IDK though.

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Pramod, Dec 31st, 2013 @ 6:35am

    It would be interesting to see Michael Dell's reaction on this story !

     

    reply to this | link to this | view in thread ]

  4.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 6:51am

    so what was going to happen then? was permission going to be asked for to remove the NSA 'bug' and when told 'NO' would lie again to the customer?
    DELL and Twitter should now suffer the consequences and the best way for that to happen is a complete ban on the purchasing and use of the products! the only way any of the companies that have gone down the road of pissing on customers in favour of aiding the NSA and probably other security agencies, is to hit them as hard as possible in the pocket!

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 6:55am

    At least they named their firewall line appropriately! http://www.sonicwall.com/us/en/products/NSA-Series.html

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 6:56am

    Re: sidenote

    How long are tweets like that likely to remain up? For stories like this, a screen shot is best as the screen shot will still be here next week, or year.

     

    reply to this | link to this | view in thread ]

  7.  
    identicon
    KoD, Dec 31st, 2013 @ 7:24am

    Maybe this is wrong, but that looks like a bot response to me, not a person reading a script. Like the email you get from most customer service centers acknowledging that they have received your correspondence.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    JeffR, Dec 31st, 2013 @ 7:25am

    Re: You missed a fine point, and need a translation..

    More accurately, pay their PRO service $250 and they will tell you they took it out... but it'll still be there.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Guess Who, Dec 31st, 2013 @ 7:44am

    DellCares Twitter is a very specific Help account

    If you actually go to the @DellCares Twitter http://www.twitter.com/DellCares they give very tailored responses to the @DellCares Tweets! It wasn't an auto-response!

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Guess Who, Dec 31st, 2013 @ 7:46am

    Plot Twist: That Guy is in Amsterdam Holland

    That NSA Bios Bug was found in a Server bought from the USA and shipped to Amsterdam Holland! No tapping for economic reasons huh?

     

    reply to this | link to this | view in thread ]

  11.  
    icon
    streetlight (profile), Dec 31st, 2013 @ 7:48am

    Who will buy used Dell servers?

     

    reply to this | link to this | view in thread ]

  12.  
    icon
    streetlight (profile), Dec 31st, 2013 @ 7:54am

    Who will buy used Dell servers?

    Those Dell servers in use are now worthless - no one's going to buy them. Trust Dell in the pay of NSA to remove the offending malware, I don't think so. What about folks accessing those servers on the public Internet? Dell's been on the precipice for sometime and this may destroy their server business and cause them to fall over that cliff. I love my Dell laptop, but probably won't be getting another one any time soon. Good bye, Dell.

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    KoD, Dec 31st, 2013 @ 8:04am

    Re: Who will buy used Dell servers?

    I had previously enjoyed owning a Dell laptop as well, but that is over now. Dell used to be on my short list of acceptable preassembled computers. HP has horrible customer service ("Would you like to pay $50 for me to read you the troubleshooting section from the manual we should have included with your device?"), Toshiba's always seemed to burnout too early, but Dell always seemed to stand up to my abuses...

    But seriously, this has to be a knife to Dell's jugular (much like the one in the backs of their customers...). Can there be a less forgiveable crime in the netsec industry? You label your product as a antidote when really it is a poison. To me, this means game over for Dell. Smfh...

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    That One Guy (profile), Dec 31st, 2013 @ 8:07am

    Re: Re: You missed a fine point, and need a translation..

    To be even more accurate, they'll take your money, tell you they got rid of the offending 'feature', and during the 'removal' process install even more invasive programs/code, as obviously the only person who would ever object to such spying is someone up to no good. /s

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Me, Dec 31st, 2013 @ 8:10am

    I agree about the harm to Dell's business. I'm on my 4th or 5th Dell laptop through the years, but the next one won't be Dell. Life's too short to patronize businesses that don't care about their customers.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 8:11am

    So - is it a crime to remove said "bugs" ?

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 8:18am

    Re:

    Its a crime to compromise computer networks.

    Installation of the bugs is the crime that needs prosecuted.

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 8:24am

    Re: Who will buy used Dell servers?

    There are a lot of tech companies who are going to pay for their treason. They are also committing a dreadfully common cardinal sin in business: forgetting that the real boss is always your customers.

    Hopefully we'll see a lot of corporations die and leave a heavy legacy of dread amongst the business world. Even in the myopic short-term corporate world, all one will have to do to make them think twice about selling out their customers is whisper a name like "Dell", "Microsoft", or any other of the fallen titans condemned to Tartarus.

     

    reply to this | link to this | view in thread ]

  19.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 8:53am

    Re: Re:

    "Installation of the bugs is the crime that needs prosecuted."

    The government tends not to prosecute itself very often.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 8:57am

    Open BIOS?

    I wonder if this will make people finally start to consider the value of open BIOS's.

     

    reply to this | link to this | view in thread ]

  21.  
    icon
    Charles (profile), Dec 31st, 2013 @ 9:12am

    Re: Open BIOS?

    I am sure it will. The "next big thing" in computing may very well be open software and hardware.

    Richard Stallman, love him or hate him, is right about a lot of things concerning freedom and privacy, especially related to computing.

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Brazenly Anonymous, Dec 31st, 2013 @ 9:12am

    Re:

    Taking a look through the list of their recent tweets, it doesn't look like they have a bot monitoring the account (scripted responses with no special characters and differing typos). However, they may have opted to move to a different strategy based on this incident.

     

    reply to this | link to this | view in thread ]

  23.  
    icon
    That One Guy (profile), Dec 31st, 2013 @ 9:16am

    Re:

    Whether it was a bot or not, they'll probably try to pass it off as a response from one, though that would seem to be just swapping one problem with another.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Mr. Applegate, Dec 31st, 2013 @ 9:19am

    Re:

    It is a crime to 'reverse engineer' to even look for the bugs (assuming it is encrypted in any way). So how can you even find firmware that you know is not compromised? You can't without breaking the law, even then it will take very knowledgeable people a long time to determine if your firmware is bug free. Even longer if you need to re-write it yourself.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    anonymouse, Dec 31st, 2013 @ 9:51am

    Re:

    This story is nonsenses yes the dell twitter personnel should not have a bot answering posts but have real people deciding whether it is wise to actually even acknowledge the post.

    This is a non story where a bot advised the twitter universe to contact support to discuss the matter no more.

    Must be a very slow news week to have to post this as a story.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    anonymouse, Dec 31st, 2013 @ 9:57am

    Re: sidenote

    You need to sort out your device that you are viewing the articles on, i have a basic pc with standard firefox and i see this twitter screenshot with no problem,just tried on my windows8 phone and i also see it. maybe it is your device blocking images or configured not to allow images to be viewed, Mike has done his job and embedded the screenshot it is not his fault you do not know how to use the technology you have purchased be it a phone or tablet or watch or even your tv all which have setting that should not be touched unless you have a problem like you are having, then you need to go and look at your settings and look for on that block or does not download images that are embedded, if a standard firefox browser like i am using can display the image you have the problem not Mike...

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    anonymouse, Dec 31st, 2013 @ 10:19am

    Re: Re:

    Some laws are made to be broken.And there is no law that prevents you protecting your privacy or hacking into your own purchased equipment no matter what anyone say's.

     

    reply to this | link to this | view in thread ]

  28.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 10:44am

    Re: Re: Open BIOS?

    Stallman always seems like a wild-eyed lunatic.

    Then ten years go by.

    And then Stallman seems far too conservative.

     

    reply to this | link to this | view in thread ]

  29.  
    icon
    John Fenderson (profile), Dec 31st, 2013 @ 11:17am

    Re: Re:

    It is a crime to 'reverse engineer' to even look for the bugs (assuming it is encrypted in any way)


    Technically not so. It may be a crime to bypass the encryption (depending), but it's not a crime to reverse engineer. Sorry, the pedant in me just had to point this out.

     

    reply to this | link to this | view in thread ]

  30.  
    identicon
    KoD, Dec 31st, 2013 @ 11:45am

    Re:

    NAFTA has ISDS provisions, does it not? Wouldn't it be rather amusing if all of the tech companies went after the federal government for robbing them of billions of USD? Maybe it could be arranged that the NSA budget actually has to pay whatever sum is awarded to the companies. Is that like fighting evil with evil?

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 12:27pm

    Fixed that for you.

    ...acknowledging that they have received your correspondence

    ...acknowledging that they have received and ignored your correspondence

     

    reply to this | link to this | view in thread ]

  32.  
    identicon
    KoD, Dec 31st, 2013 @ 1:05pm

    Re: Fixed that for you.

    Thank you, sir.

    That is maddening, especially when you email a software company about a bug that is hindering your use of their software and all you ever get back is that autoreply garbage... I have purchased paid versions of apps simply because of the great customer support. Ti Backup is an excellent example of this. Prompt response = I pay them money.

     

    reply to this | link to this | view in thread ]

  33.  
    identicon
    Anonymous, Dec 31st, 2013 @ 2:50pm

    First their pitchman gets busted for drugs, and now this.

     

    reply to this | link to this | view in thread ]

  34.  
    identicon
    Anonymous, Dec 31st, 2013 @ 2:51pm

    Re: Re: Re:

    Which is why it's up to we the people to take matters into our own hands.

     

    reply to this | link to this | view in thread ]

  35.  
    identicon
    Wangler Glowforth, Dec 31st, 2013 @ 3:09pm

    What Fuckin' Moron Buys Dell?

    Buy crap get crap.

     

    reply to this | link to this | view in thread ]

  36.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 3:18pm

    I don't think Dell cares about their customer's problems or concerns. The "canned" auto-response from Dell's customer support, seems to add weight to this theory.

     

    reply to this | link to this | view in thread ]

  37.  
    identicon
    Jeff Kennedy, Dec 31st, 2013 @ 8:01pm

    What do you expect?

    So you reach out to a Social Media person on Twitter about an alleged NSA spy bug on your computer - what kind of response did you f**king expect?!?!

    "Oh, sorry about that Sir, we've forwarded this concern on to the Police, FBI, CIA and N......" F**king morons.

    Or, how about another response in 160 characters or less... "Dell takes customer privacy and security very seriously, we can confirm that these claims are not true" or some other corporate spin. F**k!!!

     

    reply to this | link to this | view in thread ]

  38.  
    identicon
    Anonymous Coward, Dec 31st, 2013 @ 9:29pm

    Re: sidenote

    People erase shit, images last longer

     

    reply to this | link to this | view in thread ]

  39.  
    identicon
    Anonymous Coward, Jan 1st, 2014 @ 6:16am

    LUA

    The least Dell could have done in this case is provide their customer with the Least Untruthful Answer.

     

    reply to this | link to this | view in thread ]

  40.  
    identicon
    Abhishek kumar jha, Jan 1st, 2014 @ 10:10am

    The twitter account was being handled by some social media marketer

     

    reply to this | link to this | view in thread ]

  41.  
    icon
    DannyB (profile), Jan 2nd, 2014 @ 9:36am

    Re: Re: Re: You missed a fine point, and need a translation..

    they'll take your money, tell you they got rid of the offending 'feature', and during the 'removal' process install even more invasive programs
    You make that sound bad, but it is standard industry practice, called an 'upgrade'. :-)

    If the improved spyware does not perform to your satisfaction, please return it to your local NSA for repair.

     

    reply to this | link to this | view in thread ]

  42.  
    icon
    DannyB (profile), Jan 2nd, 2014 @ 9:38am

    Re:

    Maybe this is wrong, but that looks like a bot response to me, not a person reading a script.
    Um, excuse me, but a 'bot' is what you call a Dell customer service droid.

     

    reply to this | link to this | view in thread ]

  43.  
    icon
    DannyB (profile), Jan 2nd, 2014 @ 9:39am

    Re:

    The Dell dude busted for pot? I thought pot was a Gateway drug.

     

    reply to this | link to this | view in thread ]

  44.  
    identicon
    fwara, Jan 2nd, 2014 @ 10:34am

    geaga

    Sue them.

     

    reply to this | link to this | view in thread ]

  45.  
    icon
    weneedhelp (profile), Jan 2nd, 2014 @ 11:43am

    Re:

    R... O... F... L. No they didnt. Ha ha ha... now that's funny. Unintentional... but funny as hell... The NSA series.

     

    reply to this | link to this | view in thread ]

  46.  
    identicon
    Mr. Applegate, Jan 3rd, 2014 @ 5:52am

    Re: Re: Re:

    It is my understanding that the only legal way to reverse engineer under DMCA is "For Inter-operability between software components." and that any other use would be illegal.


    http://www.gpo.gov/fdsys/pkg/PLAW-105publ304/pdf/PLAW-105publ304.pdf

    "(f ) REVERSE ENGINEERING.Đ(1) Notwithstanding the provisions of subsection (a)(1)(A), a person who has lawfully obtained the right to use a copy of a computer program may circumvent a technological measure that effectively controls access to a particular portion of that program for the sole purpose of identifying and analyzing those elements of the program that are necessary to achieve interoperability of an independently created computer program with other programs, and that have not previously been 112 STAT. 2867PUBLIC LAW 105±304ĐOCT. 28, 1998 readily available to the person engaging in the circumvention, to
    the extent any such acts of identification and analysis do not constitute infringement under this title."
    Is that understanding incorrect, or has it been superseded?

     

    reply to this | link to this | view in thread ]

  47.  
    icon
    btrussell (profile), Jan 3rd, 2014 @ 6:16am

    Re: Re:

    There is a gateway in dells' according to this article.

     

    reply to this | link to this | view in thread ]

  48.  
    identicon
    RubyPanther, Jan 3rd, 2014 @ 11:00am

    Not Sure

    Reading the tweet a few more times, I'm less and less sure what the droid really meant. Less than 500 words, what can you really say? "Thank you for reaching out and regret the inconvenience [to us in having to deal with governmental BS]. Our colleagues at @dellcarespro will be able to help you out [in whatever way they can that you agree to, such as selling a replacement BIOS of a different version.]"

    I think it just... came out wrong in the shortening. It is kindof a tossup which wtf these bottom tier droids blow up with. But they didn't actually say explicitly who is being inconvenienced, only that the information provided by the person was a source of some inconvenience of a regrettable nature.

     

    reply to this | link to this | view in thread ]

  49.  
    identicon
    Anonymous Coward, Jan 4th, 2014 @ 9:43am

    NSA out of control.

     

    reply to this | link to this | view in thread ]

  50.  
    icon
    BillatDell (profile), Jan 6th, 2014 @ 7:04am

    Dell's response

    We have posted an official response to the concerns expressed about this issue.
    http://en.community.dell.com/dell-blogs/direct2dell/b/direct2dell/archive/2013/12/30/comment-on-der- spiegel-article-regarding-nsa-tao-organization.aspx
    "Dell is aware of a story originally reported by Der Spiegel, which has subsequently been picked up in other media outlets, that refers to alleged security ‘backdoors‘ implanted by the United States National Security Agency into products from several technology companies, including Dell.

    Dell has a long-standing commitment to design, build and ship secure products and quickly address instances when issues are discovered. Our highest priority is the protection of customer data and information, which is reflected in our robust and comprehensive privacy and information security program and policies. We take very seriously any issues that may impact the integrity of our products or customer security and privacy. Should we become aware of a possible vulnerability in any of Dell’s products we will communicate with our customers in a transparent manner as we have done in the past.

    Dell does not work with any government – United States or otherwise – to compromise our products to make them potentially vulnerable for exploit. This includes ‘software implants’ or so-called ‘backdoors’ for any purpose whatsoever."

     

    reply to this | link to this | view in thread ]

  51.  
    identicon
    mack, Jan 31st, 2014 @ 3:16pm

    great!!

    that's pretty cool ^^ .

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This