Cisco Shipping Hardware To Bogus Addresses To Throw Off NSA Intercept-And-Implant Efforts
from the 1324-Middle-Finger-Extended-Blvd. dept
Cisco became an inadvertent (and very unwilling) co-star in the NSA Antics: Snowden Edition when its logo was splashed across the web by a leaked document detailing the agency’s interception of outbound US networking hardware in order to insert surveillance backdoors.
It moved quickly to mitigate the damage, sending a letter to the President asking him and his administration to institute some safeguards and limitations to protect US tech companies from the NSA’s backdoor plans. To date, there has been no direct response. So, Cisco has decided to handle the problem itself.
Cisco will ship boxes to vacant addresses in a bid to foil the NSA, security chief John Stewart says.
The dead drop shipments help to foil a Snowden-revealed operation whereby the NSA would intercept networking kit and install backdoors before boxen reached customers…
“We ship [boxes] to an address that’s has nothing to do with the customer, and then you have no idea who ultimately it is going to,” Stewart says.
“When customers are truly worried … it causes other issues to make [interception] more difficult in that [agencies] don’t quite know where that router is going so its very hard to target – you’d have to target all of them. There is always going to be inherent risk.”
Stewart acknowledges that Cisco’s modified dead drop shipping operations aren’t foolproof, but will at least force the agency to do a little more research before intercepting packages. Stewart also noted that some customers aren’t taking any chances, opting to pick up their hardware from Cisco directly.
There are also variables Cisco simply can’t control, like the possibility of inbound components from upline manufacturers arriving pre-compromised. But it’s doing what it can to ensure that “Cisco” isn’t synonymous with “spyware.”
Then there’s always the possibility that the government may find Cisco’s new routing methods to be quasi-fraudulent and force the company to plainly state where each package is actually going. No response has been issued by the ODNI or NSA to this news, and most likely, none will be forthcoming. Any statement on Cisco’s fictitious routing would tip its hand.
Cisco’s plan makes a lot of assumptions about the NSA’s capabilities, most of which aren’t particularly sound, but this seems to be more a public display of pique than a surefire way to eliminate most of the NSA’s hardware interceptions. It also sends a message to the NSA, one it’s been hearing more and more of over the last couple of years: the nation’s tech companies aren’t your buddies and they’re more than a little tired of being unwilling partners in worldwide surveillance.
Filed Under: backdoors, fake addresses, interception, nsa, shipping, surveillance
Companies: cisco
Comments on “Cisco Shipping Hardware To Bogus Addresses To Throw Off NSA Intercept-And-Implant Efforts”
the nation’s tech companies aren’t your buddies and they’re more than a little tired of being unwilling partners in worldwide surveillance.
Yet, it’s okay for tech companies to sell our “anonymous” data, thereby making “surveillance” a double-edged sword.
Tough luck on tech companies. Maybe they should have thought about Pandora’s Box before making “metadata” synonymous with loss of privacy.
Tech companies don’t get the privilege of crying when the NSA abuses them.
Just desserts. Screw them all.
Re: Re:
Re: Re:
Tech companies weren’t thinking with their heads when they were “asked” for the metadata what they were thinking with what was downstairs…. The accounting department! …And the the lucrative revenue stream that continues pad their bottom line.
Mo Money! Mo Money! Mo Money! Cha-Ching!
It would be amusing how naive this is, where it not also so sad. Shamefully, whenever a corp or gov these days speaks about “addressing peoples concerns”- they mean just that; the “concerns” are addressed rather then the issues that causes those concerns. People should feel insulted and placated when hearing this phrase, or seeing such an action, but it seams to slip by most unnoticed.
the real shame
I’ve been seeing more and more press on how the majority of Americans are okay with the level of surveillance and actually would be okay with more.
Really America? Really?
Re: the real shame
Ah, but the thing is, most of them either:
a) Have bought the lie that ‘unless you’re doing something wrong, you have nothing to worry about’.
And/or b) Don’t understand just what the mass spying really entails, and what’s possible with the data gathered.
Tell most people that you’re ‘gathering metadata on internet activity to better track terrorists and criminals’, and you’re likely to get some head-nodding and general vague agreements that that doesn’t sound too bad.
Explain that that ‘metadata’ can be used to accurately identify people the vast majority of the time as long as you have enough of it, it can be used to track where people go online, what they do, and give at least relatively accurate outline of who they’re talking to, including doctors, political affiliations, various other groups, and in particular make sure to point out that the only thing keeping random strangers from having access to this pile of data is generally ridiculously poor security, if it exists in the first place, and laughably loop-hole ridden laws, and I imagine most people might be a bit more concerned.
Re: the real shame
Majority of Americans? I think your believing US government propoganda. Most American’s are ready for a “Snowden Day” in his honor vs. the WH “terrorist” line. Just because there isn’t rioting in the streets doesn’t mean they are ok with this either.
The bigger reality is that there isn’t much choice.
Re: Re: the real shame
You need to widen your circle. In the heartland people don’t give a rat’s ass about mass surveillance unless they are involved in tech and have a realistic worldview of the scope of what metadata actually garners those that gather it.
Re: Re: Re: the real shame
And they’re more likely to consider Snowden a villain than a hero.
Re: Re: Re:2 the real shame
exactly
Re: Re: the real shame
The majority of Americans openly support torture. What makes you think they give a shit about privacy?
Re: Re: Re: the real shame
We face a continuous barrage of bullshit from our corporate overlords, I don’t think they need your help. Please do not do their dirty work for them.
If one is to make a claim, perhaps it would benefit others to include a source. The MSM propaganda creators do not provide much to substantiate their conclusions, why in the hell should anyone else – right?
The problems of maliciously modified hardware (or in fact hardware designed for malicious intent) are another reason for having free hardware designs: http://www.wired.com/2015/03/need-free-digital-hardware-designs/ (article by Richard Stallman).
Re: Re:
The problems of maliciously modified hardware (or in fact hardware designed for malicious intent) are another reason for having free hardware designs:
How would that help, unless you manufacture it yourself?
“We ship [boxes] to an address that’s has nothing to do with the customer, and then you have no idea who ultimately it is going to,”
In a related story, DHL sues Cisco for copyright infringement.
ALL PR. Assumes Cisco not willingly helping.
ALL major corporations have already been assimilated. That this alleged effort is made public is proof enough of fake.
Same with hard drive manufacturers: they came up with a story that the NSA gets in only after leaves the factory.
Requires only a half-dozen corrupt people in each company to see that a few bytes of code are put in among tens of thousands.
You have no independent way to verify any corporate claim, so should believe none.
Re: ALL PR. Assumes Cisco not willingly helping.
Re: Re: ALL PR. Assumes Cisco not willingly helping.
@Anonymous Coward
All well and good to say the customer can verify the tampering. The question is, how sophisticated is the NSA’s tampering and how easy for a customer to detect it. It is said the NSA tampered with disk drive firmware. How many people in the is country are can reverse engineer a drive’s firmware. I am thinking not too many. The NSA only has to break a small number of things, whereas their adversaries have to verify everything. Not any easy job.
NSA is bad for business. Tech companies realize that people will get their tech outside the US. One more economic hit in the US.
We have met the enemy, and it is us. Snowden 2016.
Nice corporate PR, that’s it. It simply does not matter until corporations make it absolutely clear with demands that get attention and the needed actions out of congress, what they say.
It will be assumed that it comes rigged with spyware. Corporations took the money and all was fine until the public learned of actions. Suddenly when profit margins start dropping and only then do they get religion.
The deal with the devil was done in many cases with full knowledge. All will be assumed to be painted with the same brush of complicity until major changes are made. Even then it will be years if ever that American corporations will ever re-earn the trust of their customers. While I can not control everything there is one thing I can do. I can pick those parts up for computers and build it myself. While no 100% guarantee, it will have a higher unlikely hood to have been visited by the repackaging team.
Globally, people will start refusing American products that can be done this way. Foreign governments can and will refuse American products over it. Long term contracts will be changed when they reach termination for other choices.
The damage is already done.
when the u.s. govt has put our tech companies out of business we will begin to see the true cost.
CISCO
I guess not everyone appreciates the new police state … execs at Cisco had better be careful or they’ll wind up in the slammer like Qwest CEO Joseph Nacchio.
Separate the HW from the SW
It seems to me that it would be better to ship the devices unflashed and let the client go to Cisco’s website, download the firmware, verify it against published hashes, and flash the device themselves. Then, it wouldn’t matter if the NSA had intercepted it en route. Wouldn’t that be cheaper and more effective than double-shipping the hardware?
Re: Separate the HW from the SW
It seems to me that it would be better to ship the devices unflashed and let the client go to Cisco’s website, download the firmware, verify it against published hashes, and flash the device themselves. Then, it wouldn’t matter if the NSA had intercepted it en route.
What if the NSA is adding hardware as well?
Re: Re: Separate the HW from the SW
Cisco’s SW would not be accessing the added hardware, so somehow the NSA’s hardware would need to be able to inject packets into the outgoing traffic without disrupting the underlying software. While I suppose that’s technically possible, that seems extremely unfeasible especially if they want it to continue working with future firmware updates. It also seems like something that a firmware update could easily detect and disable once Cisco became aware of such a modification.
Re: Re: Re: Separate the HW from the SW
No, the NSA’s hardware just needs to make the finished system exploitable. They could, for example, add a “secret ROM” like on the first Xbox: it would replace the boot vector such that at startup it would run some code, then turn itself off and run the real bootloader. The running system would think it booted using the normal one, but some register would be configured in a weird way: maybe the DRAM refreshing would be adjusted to allow a rowhammer attack, or the CPU firmware would be rolled back to allow some formerly-fixed user-to-supervisor transition. Or they could hook some data line so they can watch for a specific packet, then glitch the CPU power.
But I disagree that what you suggest is infeasible. To read and inject packets, you probably just need to attach to the data lines. The router will occasionally be idle, and when it is, just start dumping data onto those lines. Or with a mux, you could disconnect the main CPU and take over a data line. Remember that the NSA don’t need to control the data stream completely: they’re monitoring the entire internet, so they just need to replace or glitch the occasional bit in a way they can detect. Errors happen, and unless Cisco knows exactly what to look for, it would be pretty hard to detect attacks and know they’re not the usual random glitches.
Re: Re: Re:2 Separate the HW from the SW
It’s still a good idea, though, to ship the hardware and software separately: it makes the NSA’s job harder. To improve your suggestion, they should ship it before they know who the customer is. E.g., ship to international warehouses or retail stores, then to final customers. And do it for all customers, not just “sensitive”/paranoid ones. If companies send their IT people to a store with cash, it would be very difficult for the NSA to intercept the shipments.
Cisco could also include printed private keys with each purchase that the customer could use to verify software images/updates, in case they do need to download something. It’s an arms race, but we can set it up so that the NSA needs to be almost perfect to avoid detection. If customers can detect something wrong, at least, they can return the product to Cisco who can implement detection/workaround measures.
How does this work?
Maybe I’m being dense but I don’t understand the scheme. Are they shipping hardware to addresses that don’t exist? How does that help protect the hardware that’s going to places the NSA is interested in? Or if this is a way to sneakily ship it somewhere without the NSA being able to tell where, how do they do that?
I don’t understand what this two hop shipping process is supposed to accomplish. So Cisco addresses hardware to (1234 USA Street). The package is then shipped from (1234 USA Street) to (9876 China Street).
Hmmmm, we all know how good the NSA is at counting multiple hops, so I don’t get what this accomplishes. This must be a PR publicity stunt to fool the simpletons working at multibillion dollar IT companies who are ordering Cisco’s products…
Mitigation, not Prevention
I don’t agree. Cisco is well aware of NSA capabilities, and they know that this plan isn’t enough to prevent tampering en route. With enough tracking/surveillance/infiltration of Cisco operations/personnel, the NSA can and likely will still find, intercept, and tamper with intended targets.
In that case, why did Cisco bother? Two reasons. First, which was touched on in the article, is to simply make a statement. They are proclaiming to the world and to the NSA that they’re not willing to sit idly by while the surveillance state drives their reputation (and their bottom line) into the ground. This is a symbolic protest as much as an actual mitigation.
Second, yes, this is a mitigation. These precautions won’t make it impossible for resourceful (in both meanings) third parties to intercept equipment, but they will make it more difficult, and thus costlier. Even the NSA only has so many man-hours it can direct. If it now takes twice as many man-hours (an over-estimation, I’m sure, but no matter) in order to backdoor a router en route, then they are only able to do so half as often.
Cisco, or any US based company, can only do so much to thwart the surveillance state. Any pushback, however minor or symbolic, is to be applauded. On the same note, any willful collusion should be considered a betrayal of their customers, and the public at large.
The Human Race SUCKS
If there’s anything worse than an all out self-important person who thinks they are better than everyone else, its got to be a plethora of them in the same room so fucking paranoid that they stoop so low as to spy on everyone in the world in order to preserve their self-importance OR maybe the sorry suckers who do their dirty work.. Its no wonder this beautiful planet that so steadfastly rotates in space while revolving around a star somewhere out on an arm of an indescribable galaxy that is also spinning eternally in the universe is heading for such a disaster.
NSA opinion of this development
ROFL
What shipper allows the intercept?
Why does nobody ask the question of ‘how does the NSA intercept packages between shipper and customer?’
Are those shippers immune to a suit for damages for allowing the harm of replacing the BIOS or putting a backdoor on the system?
It can’t be only Cisco or Cisco’s customers are harmed — Any manufacturer who ships to customers that NSA finds interesting.
Why no law suits? Why are businesses not working to hinder NSA and the military coup they represent in every way possible?
Re: What shipper allows the intercept?
Are those shippers immune to a suit for damages for allowing the harm of replacing the BIOS or putting a backdoor on the system?
Maybe the telco immunity law applies to shippers too. Totally making stuff up though, I don’t know if it does.
If the NSA can’t see the final destination, how does anyone else in order for package to reach its’ destination?
Smells like bullshit to me.