dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
33
smcallah
join:2004-08-05
Home

smcallah

Member

I still think it's BS...

I still think this is some BS or a very limited operation.

As in, if the NSA did this, they knew exactly where these were going and would have full view of them at all times and would be able to intercept them easily if the devices were moved or needed to be replaced/decommissioned by who was actually using them.

They couldn't just do this to every device shipped. Take for example a Cisco product. If they did this to every Cisco product that they could, we would know. Someone would have found what was inserted by the NSA.

Either because someone would have opened it on their own and found it, or they would have RMA'ed it with Cisco and Cisco would have been doing a repair analysis on it and found something that wasn't theirs inside.

The only way that could work for the NSA is that after completing the shipment they had someone working at the Cisco customer site that had eyes on the device at all times and notified the NSA that it would be RMA'd and the NSA would have to intercept the RMA and return it to normal before Cisco touched it again. A logistical nightmare. NSA would need undercover employees at the Cisco customer, Cisco, and the company that does logistics for Cisco. If you believe they go through all that, then the guy next to you probably works for the NSA, say "hi."

There's also another way that this would be hard for the NSA to manage, on a very large scale at least. And that would be, that just because a company bought some network gear or servers doesn't mean they were going to immediately install them. I worked for several companies over the years, very seldom did we use equipment immediately. It would go into storage until we were ready to deploy, sometimes months or even a year or more later. With getting proper permits and other things lined up in other countries, the worst case I've seen is almost 3 years for gear to be installed. On top of that, we don't know which gear was going where always. That's not exactly how the NSA wants it to go. They're not hoping for surveillance or looking for it to be discovered. They know exactly when and where something will be installed.

My guess is, the pictures are really of the NSA modifying routers and servers. But, they are doing it to their own gear that will be deployed. I have been the owner of NSA surplus workstations and servers, having lived near Ft. Meade. They often hardened them for EMP, which they'd leave in place when selling them at surplus. As far as other modifications, I would guess they did those as well, but would obviously remove that before selling surplus.

The only way the NSA could really have an operation like this work would be for them to run a complete consulting/sales company that sold network gear and servers under the guise of a reseller that also installed and supported the products and replaced them when there were problems. And they better have the best customer service, because they'd be screwed if whoever they sold to decided to change vendors.
Chubbysumo
join:2009-12-01
Duluth, MN
Ubee E31U2V1
(Software) pfSense
Netgear WNR3500L

Chubbysumo

Member

said by smcallah:

I still think this is some BS or a very limited operation.

As in, if the NSA did this, they knew exactly where these were going and would have full view of them at all times and would be able to intercept them easily if the devices were moved or needed to be replaced/decommissioned by who was actually using them.

For sure, these "interdictions" are very very targeted. Im sure the NSA knows when a "target of interest" orders a product thanks to an NSL forcing backdoor access to a network, or an NSL telling the company to comply or else, and it provides a list of targets, which Cisco notifies the NSA of when they order.
said by smcallah:

The only way that could work for the NSA is that after completing the shipment they had someone working at the Cisco customer site that had eyes on the device at all times and notified the NSA that it would be RMA'd and the NSA would have to intercept the RMA and return it to normal before Cisco touched it again.

All the NSA needs right now is an NSL. You break that gag order and you go away for life and no one knows where you went. They send an NSL ordering it, Cisco has to comply, or many people get replaced with more willing candidates.
said by smcallah:

There's also another way that this would be hard for the NSA to manage, on a very large scale at least. And that would be, that just because a company bought some network gear or servers doesn't mean they were going to immediately install them.

Time is nothing to a unit who has lots of it. It might not be installed now, but they simply lay in wait for its use. If they needed something faster(like now), they hire out hackers, or hire in their own computer grey hats(which we all know they have) to get into an existing network.
said by smcallah:

They know exactly when and where something will be installed.

The human factor is something they could never plan for. I am guessing if they wanted it installed now, they could make a scenario where the old one was somehow fucked up or damaged, it seems like its within the realm of possibility for them right now.
said by smcallah:

The only way the NSA could really have an operation like this work would be for them to run a complete consulting/sales company that sold network gear and servers under the guise of a reseller that also installed and supported the products and replaced them when there were problems. And they better have the best customer service, because they'd be screwed if whoever they sold to decided to change vendors.

No, all they really have to do is send out some NSLs thru a secret court, and if these companies don't comply, they probably have those people replaced, and for that matter, if you break the gag order, see point 2.
Kearnstd
Space Elf
Premium Member
join:2002-01-22
Mullica Hill, NJ

Kearnstd

Premium Member

The national security letter. AKA the government reminding us they will take away the home of the free and then walk into arlington and piss on the graves of the brave.