dslreports logo
site
spacer

spacer
 
   
spc
story category
New Leaks Highlight NSA's Catalog of Backdoors, Tricks
by Karl Bode 08:47AM Monday Dec 30 2013
A new report by Der Spiegel, based on yet another round of leaked NSA documents, indicates how the NSA uses a wide variety of backdoors to access computers, hard drives, routers, and other devices from companies such as Cisco, Dell, Western Digital, Seagate, Maxtor, Samsung, and Huawei. An accompanying Spiegel report highlights how the NSA uses a fifty page catalog of tools used by an NSA division named ANT (Advanced or Access Network Technology) uses to gain access to devices and network gear. All of the companies cited in the report (see this Cisco blog post, for example) deny knowledge of any backdoors in their hardware.

view:
topics flat nest 

dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ
kudos:4

NSA

what they have access to, HACKERS also have access to!
--
Despises any post with strings.
openbox9
Premium
join:2004-01-26
Germany
kudos:2

Re: NSA

So do you, technically.

gaforces
United We Stand, Divided We Fall

join:2002-04-07
Santa Cruz, CA

1 edit
Wondering if the Target breach has anything to do with this ...
Looks like damages if so.
There has been a large amount of company's in the US hacked, and it seems unlikely that so many business' would have unpatched servers.

Throw all those company's under the bus, just to catch an old man?
jvanbrecht

join:2007-01-08
Bowie, MD

Re: NSA

Most of these retailers all use the same type of POS systems, and in some cases, from the same POS vendor, so a likely attack against one, would be successful against others.
openbox9
Premium
join:2004-01-26
Germany
kudos:2
Often times ignorance is the culprit. Remember a few years ago when at least some Best Buy stores processed in-store transactions wirelessly, unencrypted?

brentwood

@ptsi.net
that is correct

buzz_4_20

join:2003-09-20
Limestone, ME

Ummm

I'd like to see this 50 page catalog.

I bet you've got a surge coming if your firewall company isn't listed.

treichhart

join:2006-12-12

this is why you want to create your own stuff

This is why you want to use linux based software.....

buzz_4_20

join:2003-09-20
Limestone, ME

1 recommendation

Re: this is why you want to create your own stuff

Just a reminder
»1.usa.gov/1hPYN6j
jvanbrecht

join:2007-01-08
Bowie, MD
Which will make no difference since the random number generator used in linux (and I think to some extent some of the BSDs) is based on the NIST RNG guidance, which if rumours are to be believed, is also not safe.

treichhart

join:2006-12-12

Re: this is why you want to create your own stuff

it depends on what linux you run also because Linus Torvalds said there is NO BACKDOORS in linux and even the NSA asked him if they can install backdoors in linux and he said NO.

Sarick
It's Only Logical
Premium
join:2003-06-03
USA

Re: this is why you want to create your own stuff

This is why they put it directly into in the hardware.
etaadmin

join:2002-01-17
Dallas, TX
kudos:1
Linux updates can be used to install gov spyware and I'm sure this is included in that 'catalog'

If you want to be almost completely 'safe' it is better to use a livecd linux like knoopix in a diskless old motherboard computer. When you turn off the computer everything is gone... well everything except for the BIOS and possible hidden storage devices inside new motherboards.
MaynardKrebs
Heave Steve, for the good of the country
Premium
join:2009-06-17
kudos:4

On a personal level...

at this point in time I'd probably throw my trust in with a Chinese-hacked motherboard, BIOS, disk drive, and network gear as the Chinese don't have a vested interest in using ALL the information they can gather against me at some future date, unlike some over zealous US Gubbmit attorney - should I commit any Pre-Crime thoughts.
openbox9
Premium
join:2004-01-26
Germany
kudos:2

Re: On a personal level...

said by MaynardKrebs:

Chinese don't have a vested interest in using ALL the information they can gather against me at some future date

You know that?
ackman

join:2000-10-04
Atlanta, GA
The Communist Chinese are the FIRST ones who would look to benefit from any stolen information. The NSA isn't far behind them.

Probitas

@teksavvy.com

say what you want about Huawei

But I bet they DON'T work with the NSA. So while they may spy on you, it won't have any effect on your life in the USA. Maybe we should ALL buy Huawei.
etaadmin

join:2002-01-17
Dallas, TX
kudos:1

Re: say what you want about Huawei

True... the lesser of two evils.
cramer
Premium
join:2007-04-10
Raleigh, NC
kudos:9

"back door"?

Someone needs to send them a dictionary. What they've described are not "back doors" (code specifically placed in a system to allow access), but are all hacks and exploits used to shoe-spoon their payload into the system. This isn't new; it's been going on for decades. You too can play with this sort of "toy" by downloading metasploit. The NSA, obviously, has better toys, but they aren't unique.

Also, does anyone else find it cute they have "back doors" into Huawei tech? The very people they accuse of placing backdoors for the chinese government. "We know you installed backdoors, because we're using them!"
openbox9
Premium
join:2004-01-26
Germany
kudos:2

Re: "back door"?

said by cramer:

What they've described are not "back doors" (code specifically placed in a system to allow access), but are all hacks and exploits used to shoe-spoon their payload into the system.

But that doesn't make for as juicy of a headline.

Camaro
Question everything
Premium
join:2008-04-05
Westfield, MA
kudos:1

Crazy idea

Instead of spending crazy money on developing all these attack tools, how about figuring out to secure our own networks here in the USA before attacking other networks around the world and getting hacked because someone forgot to patch a system.
ackman

join:2000-10-04
Atlanta, GA

Re: Crazy idea

Because offensive weapons generate much more revenue and are easier to justify, because of the "unknown threats" they allegedly seek.