dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
348

El Quintron
Cancel Culture Ambassador
Premium Member
join:2008-04-28
Tronna

El Quintron

Premium Member

Security logistics

I'm no security expert, but it seems to me that there's a bit of hype here.

Even with the rudimentary network knowlege that I do possess, I have to ask the following: Would a network operator (eg: Bell, VZW, AT&T) not know that information was being reported back to China? Network operators are usually pretty good at identifying traffic patterns in order manage their networks so why would this be any different?
Wilsdom
join:2009-08-06

Wilsdom

Member

Re: Security logistics

How would they know if their equipment lies to them? They probably could look closer, but that costs money and probably violates their contracts with the NSA.

El Quintron
Cancel Culture Ambassador
Premium Member
join:2008-04-28
Tronna

El Quintron

Premium Member

Re: Security logistics

said by Wilsdom:

How would they know if their equipment lies to them? They probably could look closer, but that costs money and probably violates their contracts with the NSA.

That's not impossible but it would have to mean that their own infrasture at the backend (presumably not my by ZTE or Huwei) would have to be compromised as well... which again they would know about.

KodiacZiller
Premium Member
join:2008-09-04
73368

KodiacZiller to El Quintron

Premium Member

to El Quintron
said by El Quintron:

I'm no security expert, but it seems to me that there's a bit of hype here.

Even with the rudimentary network knowlege that I do possess, I have to ask the following: Would a network operator (eg: Bell, VZW, AT&T) not know that information was being reported back to China? Network operators are usually pretty good at identifying traffic patterns in order manage their networks so why would this be any different?

If the hardware itself is subverted at the bare metal, then no. As Wilsdom said, the hardware can merely lie to you. If you own the hardware, you own everything, including third party software running on top.

El Quintron
Cancel Culture Ambassador
Premium Member
join:2008-04-28
Tronna

El Quintron

Premium Member

Re: Security logistics

said by KodiacZiller:

If the hardware itself is subverted at the bare metal, then no. As Wilsdom said, the hardware can merely lie to you. If you own the hardware, you own everything, including third party software running on top.

Again I'm no networking expert, but assuming you have some ZTE/Huwei radios, with a Cisco or Mikrotik backend, then even if the radio isn't reporting that it's phoning home, then the backend would still detect unknown traffic originating from the device no?
BosstonesOwn
join:2002-12-15
Wakefield, MA

BosstonesOwn

Member

Re: Security logistics

You can hide the traffic by masking it as udp traffic bound for a spoofed address, you can also hide it as traffic encrypted and bound for say a management station that has a "updater" there are all sorts of ways to hide traffic, I have been doing security work for over 13 years now , and it never amazes me how these guys figure out ways to hide traffic, some of them I only found by being nosy and wanting to know why a link light was blinking fairly rapidly while the interface said it was only moving a small bit of data.

El Quintron
Cancel Culture Ambassador
Premium Member
join:2008-04-28
Tronna

El Quintron

Premium Member

Re: Security logistics

said by BosstonesOwn:

You can hide the traffic by masking it as udp traffic bound for a spoofed address, you can also hide it as traffic encrypted and bound for say a management station that has a "updater" there are all sorts of ways to hide traffic,

Fair enough, how does the UDP traffic get around the router seeing as it originates behind the network firewall (eg: carrer class routers) ?