Every 'Threat' The NSA Spreads FUD About Seems To Be Something The NSA Itself Is Actually Doing

from the i-guess-they-would-know... dept

Nearly a year ago, well before all the Snowden leaks, we had a discussion about how, for all the talk from Keith Alexander about how the US was facing "unprecedented cyberattacks" that might bring about a "cyber Pearl Harbor," in reality, it appeared that the real global threat to computer systems was... the US government itself, via Keith Alexander's "US Cyber Command," which had, by far, the most sophisticated and advanced digital attack unit and wasn't afraid to use it. In fact, the US government seems to think it has incredibly broad powers to attack digitally. Of course, the nature of those attacks have become a lot more clear lately. And, as a part of that, one thing that's becoming clear: every time you hear a scary story about a kind of attack that some foreigners might do, you can pretty much guarantee: the NSA has already done it.

You may recall that, late in 2012, the House Intelligence Committee, led by dishonest NSA defender Rep. Mike Rogers, put out a report claiming that Americans should not use networking equipment made by Huawei, the Chinese networking giant, hinting that the company might be inserting backdoors and spyware into the equipment for the Chinese government. Huawei -- which had actually previously publicly asked the US government to investigate it to prove that such claims were false -- was not at all pleased about this, claiming that the whole thing was libelous and "utterly lacking in substance." A month ago, Huawei suggested that it was going to just ditch the US market because of all of this.

And yet... the recent NSA revelations about its technical capabilities to backdoor various hardware products showed that it's actually the NSA which has backdoors in Huawei's equipment. That doesn't foreclose the possibility that the Chinese have hacked it as well, but it sure looks ridiculous. As the Wired article linked above summarizes: "US to China: We hacked your internet gear we told you not to hack." This certainly plays into the hands of the Chinese, who have long argued that the attack on Huawei by Mike Rogers and friends was really just an attempt to pump up US-based competitors like Cisco (whose products the NSA has also apparently compromised).

And then there's the whole "BIOS" attack thing. You may recall that the big "scoop" in the hilariously lopsided 60 Minutes infomercial for the NSA by John Miller (a counterterrorism official pretending to be a journalist), was that there was some scary foreign threat out there from another country that was going to "infect the BIOS" of every computer on earth and turn them all into bricks. Experts pointed out that the claims were pure gibberish.

Except in that same report about the NSA's technical capabilities came the news that it's the NSA that is installing malware in the BIOS. As Marcy Wheeler notes:
Most fearmongering claims the NSA makes may well be projection about its own activities.
None of this means that others (and the finger is usually pointed at the Chinese) aren't doing the same sorts of things themselves. But it sure does seem pretty hypocritical to go around fearmongering about the things that we, ourselves, are doing.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 10:36am

    Who better to explain what the enemy is up to than the enemy itself.

     

    reply to this | link to this | view in thread ]

  2.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 10:42am

    I wonder how much the NSA pays their terrorist?

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    Glen, Jan 3rd, 2014 @ 10:51am

    That reminds me of the Cold War days. The old has become new again.

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    John Fenderson (profile), Jan 3rd, 2014 @ 10:51am

    I noticed this years ago

    Starting with 9/11, although I'm certain that's just when I started noticing it, not when it started happening, it turned out that pretty much every single thing that we were being told we should fear from the "others" (be they Middle-easterners, liberals, antiwar activists, whatever) were things that those doing the fear mongering were themselves doing.

    It's a handy tell. If you just assume that when someone in power says to be afraid of something they themselves are doing it, you'll be right far more often than you'll be wrong.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    anonymouse, Jan 3rd, 2014 @ 10:58am

    LOL

    The US tried to get network admins to purchase US equipment by lying about Huawei. Now the US companies that had a boost becasue the governemetn lied on their behalf are not going to lose any advantage they had. In one way i am hoping that the US manages to get the laws in place to allow Huawei to sue the American government for doing what they did to actively destroy Huawei's name even though they were doing worse.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:04am

    If we do it, it's defending freedom. If they do it, it's because they are a totalitarian government.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    John Fenderson (profile), Jan 3rd, 2014 @ 11:04am

    Re: LOL

    Apparently, the US was being honest when they said that Huawei's equipment was compromised. What they lied about was who did the compromising.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:08am

    Actually, I think the Chinese companies are a bit more creative. For example the SpamBot teapot: Register /s

    In all reality though, Huawei makes some pretty crappy home routers, but so does a lot of vendors. I.E. recent example of chipset flaw in Linksys, Netgear, etc routers: GitHub

    What I really think is happening, is that DoD is pen testing various products for flaws. Instead of doing the right thing and reporting the issues to the vendors, they are basically criminal scum using the hacks to wreak havoc on other people's equipment. This, of course, is leaving every US entity also using the equipment vulnerable to attack and thus creating their own problems.

     

    reply to this | link to this | view in thread ]

  9.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:22am

    Next they are going to warn us about evil countries out there that torturing people, or killing dozens of innocents at once with their attacks.

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Applesauce, Jan 3rd, 2014 @ 11:23am

    NSA: enemy of America

    By installing backdoors everywhere, the NSA has materially and deliberately sabotaged the security of the nation's cyber infrastructure.
    This damage is potentially catastrophic.
    NSA assumes that only they know about those backdoors.
    This is obviously a reckless assumption.
    1. Insiders like Snowdon (but more mercenary) can (and will) resell these exploits to the PLA and the Russian Mafia for $.
    2. Recall Robert Hanssen. For 22 years he was a paid Russian agent while being responsible for finding Russian agents. He would have had knowledge of these backdoors and therefore so would the GRU.
    3. Aldrich Aimes.
    4. Christopher John Boyce.
    None of these guys are isolated players. It would be stupfyingly naive to think no one in the upper ranks of the NSA hasn't been compromised.
    The reason why the USA won the cold war despite the Russians having all our secrets was that our economy was stronger than theirs.
    The NSA's obsession with secrets is a waste of time. By damaging our infrastructure and our cyber industries, the economy of the USA and the whole country has been seriously impaired and we are less likely to win the next cold war.
    You think there won't be a next cold war? Don't bet on it.

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    vastrightwing, Jan 3rd, 2014 @ 11:24am

    New certification sticker.

    NSA free! GCHQ Free!

    Seriously, how do we go about setting up a certification board to guarantee that low level BIOSes are not back door equipped? That SMI and SMM is not one huge security problem? The problem if this certification catches on, the NSA will simply install their own people in there. I guess we need to open source everything now so everyone can scrutinize the firmware. However, even if the public source is clean, how do we verify the ROM?

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:27am

    Re: NSA: enemy of America

    EXACTLY.

    I want to see more headlines like that in big papers "NSA intentionally sabotaged that nation's infrastructure, that they promised to protect".

    NSA is making systems LESS vulnerable, and they aren't protecting or "securing" anything, yet they keep asking for more money for "cyber security", when in fact what they're doing is "cyber warfare". And on top of that they are undermining the security of US and other countries, too (including allies).

     

    reply to this | link to this | view in thread ]

  13.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:27am

    Re: NSA: enemy of America

    EXACTLY.

    I want to see more headlines like that in big papers "NSA intentionally sabotaged that nation's infrastructure, that they promised to protect".

    NSA is making systems LESS vulnerable, and they aren't protecting or "securing" anything, yet they keep asking for more money for "cyber security", when in fact what they're doing is "cyber warfare". And on top of that they are undermining the security of US and other countries, too (including allies).

     

    reply to this | link to this | view in thread ]

  14.  
    icon
    jimb (profile), Jan 3rd, 2014 @ 11:34am

    Re: NSA: enemy of America

    All these revelations about the NSA compromising hardware, corrupting firmware, and creating quantum-computer encryption busters is like waving a red flag in front of a bull. Not every computer or software wizard is a patriot willing to work for the NSA, and I'll bet there are some people out in the world right now hacking up the next new thing to see if they can beat the NSA. It might even become a medalist category at the next Black Hat 'hacker olympics'. If they NSA had any brains they'd stop now, because they're just encouraging more, better, and tougher opposition.

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:42am

    Re: New certification sticker.

    The NSA is literally breaking into hardware shipments to compromise computers. The only way to be 100% safe would be to make the hardware yourself, and I don't think 3D printing is going to be up to that for awhile.

     

    reply to this | link to this | view in thread ]

  16.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:42am

    Re: New certification sticker.

    OpenSource isn't bad, just hopefully enough people are there for support and testing...

    For hardware:
    http://www.opencompute.org/

    For software:
    http://www.openfirmware.info
    http://sourceforge.net/projects/tianocore/

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Trevor, Jan 3rd, 2014 @ 11:53am

    What if...

    What if the NSA, in installing it's own back door in Huawei's software, it discovered ANOTHER back door already installed (presumably by Huawei for the government, for the same purpose as the NSA) and called them out to cover up their own wrongdoing?

    This would show that 1) DUH, the Chinese government spies; 2)They weren't as discrete about their backdoors (hehehe) as the NSA; and 3) the NSA practiced in economic espionage to discredit a Chinese competitor.

    Interesting...

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 11:56am

    Re: Re: LOL

    If there is a backdoor of any kind it can and will be exploited by anyone.

    Maybe Mike Rogers knew that the Chinese had discovered the backdoors that the NSA implanted into Huawei hardware.

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    jupiterkansas (profile), Jan 3rd, 2014 @ 11:57am

    Re:

    You think all those people employed during the Cold War just went away? The Cold War/War on Terror is their career.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 12:08pm

    None of this surprises me. In fact I've commented on this before. That what the NSA and the US government warns of in cyberwarfare and what they are doing is pretty much the same thing. If you hear them blame someone/some country over cyberhacking, they've already done it. Remember the photos of the Chinese army computer screens showing the hacking attempts? Only way that came to be was by them hacking the hackers with screen shots off their computer.

    It is not out of the realm of speculation to consider 9/ll in this light. They may not have actually done a false flag but they had to know. There were too many convenient and unexplained happenings during the before and after not to show they were concerned with what might be found out.

    There's also things like why TC building #7 collapsed even though no plane hit it. The plane that was likely to have targeted it went down before it got there. Yet the building fell. Not only fell but they all fell in their footprints. A signature of a controlled explosion as no building falls that way unless. Someone was in on it. Those someones don't want anyone to know it wasn't a plane that brought it down.

    I hate to sound like a conspiratard but there are still too many unanswered questions.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 12:19pm

    been taking a few lessons from the FBI and the 'how to create a terrorist threat from nothing' brigade, have they??

     

    reply to this | link to this | view in thread ]

  22.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 12:23pm

    the best way to allay suspicion is to shout very loud about what some other party COULD POSSIBLY be doing! when all eyes look in the other direction, threat to you averted. simples!!

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Jerrymiah, Jan 3rd, 2014 @ 12:32pm

    Re: NSA spreds FUD

    I think the United Nations should setup a Tribunal to fight all that NSA shit and assist those that been wronged by the US in suing the US government in an international court.

     

    reply to this | link to this | view in thread ]

  24.  
    icon
    akp (profile), Jan 3rd, 2014 @ 1:48pm

    Re: LOL

    It's almost a good outcome, actually.

    Once US companies start losing money because of all this, they'll start putting their massive lobbying dollars to work.

    They may not care about the privacy of the average American, but they sure as hell care about their company reputation and bottom line.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Jan 3rd, 2014 @ 4:39pm

    Are you saying Misrep. Rogers, has been misrepresenting the facts again? Color me surprised.

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Jan 4th, 2014 @ 5:16am

    When you point your finger at someone...

    Don't forget:

    When you point your finger at someone,
    4 fingers are pointing back at you.

     

    reply to this | link to this | view in thread ]

  27.  
    icon
    btrussell (profile), Jan 5th, 2014 @ 1:28am

    Re: Re: NSA spreds FUD

    I'd rather sue those responsible as opposed to every American.

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    John Fenderson (profile), Jan 6th, 2014 @ 10:31am

    Re: When you point your finger at someone...

    You obviously have never seen how I point my finger at people.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This