said by smcallah:I still think this is some BS or a very limited operation.
As in, if the NSA did this, they knew exactly where these were going and would have full view of them at all times and would be able to intercept them easily if the devices were moved or needed to be replaced/decommissioned by who was actually using them.
For sure, these "interdictions" are very very targeted. Im sure the NSA knows when a "target of interest" orders a product thanks to an NSL forcing backdoor access to a network, or an NSL telling the company to comply or else, and it provides a list of targets, which Cisco notifies the NSA of when they order.
said by smcallah:The only way that could work for the NSA is that after completing the shipment they had someone working at the Cisco customer site that had eyes on the device at all times and notified the NSA that it would be RMA'd and the NSA would have to intercept the RMA and return it to normal before Cisco touched it again.
All the NSA needs right now is an NSL. You break that gag order and you go away for life and no one knows where you went. They send an NSL ordering it, Cisco has to comply, or many people get replaced with more willing candidates.
said by smcallah:There's also another way that this would be hard for the NSA to manage, on a very large scale at least. And that would be, that just because a company bought some network gear or servers doesn't mean they were going to immediately install them.
Time is nothing to a unit who has lots of it. It might not be installed now, but they simply lay in wait for its use. If they needed something faster(like now), they hire out hackers, or hire in their own computer grey hats(which we all know they have) to get into an existing network.
said by smcallah: They know exactly when and where something will be installed.
The human factor is something they could never plan for. I am guessing if they wanted it installed now, they could make a scenario where the old one was somehow fucked up or damaged, it seems like its within the realm of possibility for them right now.
said by smcallah:The only way the NSA could really have an operation like this work would be for them to run a complete consulting/sales company that sold network gear and servers under the guise of a reseller that also installed and supported the products and replaced them when there were problems. And they better have the best customer service, because they'd be screwed if whoever they sold to decided to change vendors.
No, all they really have to do is send out some NSLs thru a secret court, and if these companies don't comply, they probably have those people replaced, and for that matter, if you break the gag order, see point 2.