dslreports logo
site
spacer

spacer
 
   
spc
story category
UPS Denies Helping NSA Intercept, Modify Routers
by Karl Bode 02:19PM Friday May 30 2014
Recently we discussed new revelations that the NSA has routinely been "intercepting" U.S. made servers and networking gear pre-export, and installing covert surveillance technology inside. This comes as the United States has made repeated accusations that Chinese gear maker Huawei is a spy for the Chinese government, despite several inquiries unable to provide any evidence of it.

Click for full size
Cisco was quick to deny any knowledge of the process in a blog post. Now UPS, Cisco's biggest shipping partner, is also denying that they've played any role in the NSA's efforts:
quote:
UPS, which Cisco has used since 1997 to ship hardware to customers around the world, said on Thursday that it did not voluntarily allow government officials to inspect its packages unless it is required to do so by law.

“UPS’ long-standing policy is to require a legal court-ordered process, such as a subpoena, before responding to any third-party requests,” UPS spokeswoman Kara Ross wrote in an e-mail to TheBlot Magazine. “UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments."
Except cooperation with intelligence has always been a game of semantics with denials being worded in just such a way to avoid liability. As such, it's going to be hard for anybody in Cisco's supply chain to retain consumer and customer trust, especially of the international variety.

view:
topics flat nest 
travisdh1

join:2007-10-20
Wooster, OH

1 recommendation

Keyword: voluntarily

Gotta love these press releases that say absolutely nothing at all.

boognish
Premium
join:2001-09-26
Baton Rouge, LA
kudos:6

Does UPS control what happenes in customs?

I figured that is where it happened and if UPS hadn't released a statement I probably wouldn't have thought much of it. Now I am curious to know if the shipments ever leave UPS hands while in customs or if they have possession of it the whole time.
--
don't get 2 close 2 my fantasy
ITGeeks

join:2014-04-20
Cleveland, OH

Re: Does UPS control what happenes in customs?

Nope! And you can see that on TV.

ARGONAUT
Have a nice day.
Premium
join:2006-01-24
New Albany, IN
kudos:1
International Import is 100% Customs controlled. The area is sealed off and they control the cameras. Even UPS Loss Prevention doesn't know what happens in there.
--

I deny your denial.

dnoyeB
Ferrous Phallus

join:2000-10-09
Southfield, MI
kudos:1

As in relationships

As in relationships, people always suspect you of doing the things they themselves are doing or would do in your position.

As for UPS, no one cares if its legal or not. We just care that you allowed it.

Nameless

join:2014-02-25
Austin, TX

Another observation on weasel wording.

"UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments"

The court orders would not come from the NSA, they would come from the FISA court.
smcallah

join:2004-08-05
Home

Re: Another observation on weasel wording.

Obviously, the NSA is not a judicial organization. They chose the wrong word, everyone gets their meaning.

It's not like they're going to say, "but we did get some warrants from the FISA court. Do you think those were it?!?!"

Nameless

join:2014-02-25
Austin, TX

Re: Another observation on weasel wording.

Right, but those kinds of weasel wording is exactly what NSA/ODNI have been doing for the last year. They choose wrong words on purpose, or word things in a very specific way, letting people mentally auto-correct them and assume they said something they didn't really say. It's a very sneaky way of misleading the public that's pretty repulsive.

Noah Vail
Son made my Avatar
Premium
join:2004-12-10
Lorton, VA
kudos:3
Reviews:
·Bright House
said by smcallah:

They chose the wrong word, everyone gets their meaning.

UPS choose the wrong word after their legal team and top executives spent days assembling a precisely worded statement.
--
Campaign contributions influence laws through a process called bribery.
elefante72

join:2010-12-03
East Amherst, NY
My first thought also, except it does not say court ordered but court ordered process, which of course opens that up to a much larger interpretation.
Chubbysumo

join:2009-12-01
Superior, WI

NSLs are not court orders

But they come standard with gag orders, so, on the surface, UPS can deny everything, and still be doing it.
smcallah

join:2004-08-05
Home

I still think it's BS...

I still think this is some BS or a very limited operation.

As in, if the NSA did this, they knew exactly where these were going and would have full view of them at all times and would be able to intercept them easily if the devices were moved or needed to be replaced/decommissioned by who was actually using them.

They couldn't just do this to every device shipped. Take for example a Cisco product. If they did this to every Cisco product that they could, we would know. Someone would have found what was inserted by the NSA.

Either because someone would have opened it on their own and found it, or they would have RMA'ed it with Cisco and Cisco would have been doing a repair analysis on it and found something that wasn't theirs inside.

The only way that could work for the NSA is that after completing the shipment they had someone working at the Cisco customer site that had eyes on the device at all times and notified the NSA that it would be RMA'd and the NSA would have to intercept the RMA and return it to normal before Cisco touched it again. A logistical nightmare. NSA would need undercover employees at the Cisco customer, Cisco, and the company that does logistics for Cisco. If you believe they go through all that, then the guy next to you probably works for the NSA, say "hi."

There's also another way that this would be hard for the NSA to manage, on a very large scale at least. And that would be, that just because a company bought some network gear or servers doesn't mean they were going to immediately install them. I worked for several companies over the years, very seldom did we use equipment immediately. It would go into storage until we were ready to deploy, sometimes months or even a year or more later. With getting proper permits and other things lined up in other countries, the worst case I've seen is almost 3 years for gear to be installed. On top of that, we don't know which gear was going where always. That's not exactly how the NSA wants it to go. They're not hoping for surveillance or looking for it to be discovered. They know exactly when and where something will be installed.

My guess is, the pictures are really of the NSA modifying routers and servers. But, they are doing it to their own gear that will be deployed. I have been the owner of NSA surplus workstations and servers, having lived near Ft. Meade. They often hardened them for EMP, which they'd leave in place when selling them at surplus. As far as other modifications, I would guess they did those as well, but would obviously remove that before selling surplus.

The only way the NSA could really have an operation like this work would be for them to run a complete consulting/sales company that sold network gear and servers under the guise of a reseller that also installed and supported the products and replaced them when there were problems. And they better have the best customer service, because they'd be screwed if whoever they sold to decided to change vendors.
Chubbysumo

join:2009-12-01
Superior, WI
Reviews:
·Charter

Re: I still think it's BS...

said by smcallah:

I still think this is some BS or a very limited operation.

As in, if the NSA did this, they knew exactly where these were going and would have full view of them at all times and would be able to intercept them easily if the devices were moved or needed to be replaced/decommissioned by who was actually using them.

For sure, these "interdictions" are very very targeted. Im sure the NSA knows when a "target of interest" orders a product thanks to an NSL forcing backdoor access to a network, or an NSL telling the company to comply or else, and it provides a list of targets, which Cisco notifies the NSA of when they order.

said by smcallah:

The only way that could work for the NSA is that after completing the shipment they had someone working at the Cisco customer site that had eyes on the device at all times and notified the NSA that it would be RMA'd and the NSA would have to intercept the RMA and return it to normal before Cisco touched it again.

All the NSA needs right now is an NSL. You break that gag order and you go away for life and no one knows where you went. They send an NSL ordering it, Cisco has to comply, or many people get replaced with more willing candidates.

said by smcallah:

There's also another way that this would be hard for the NSA to manage, on a very large scale at least. And that would be, that just because a company bought some network gear or servers doesn't mean they were going to immediately install them.

Time is nothing to a unit who has lots of it. It might not be installed now, but they simply lay in wait for its use. If they needed something faster(like now), they hire out hackers, or hire in their own computer grey hats(which we all know they have) to get into an existing network.

said by smcallah:

They know exactly when and where something will be installed.

The human factor is something they could never plan for. I am guessing if they wanted it installed now, they could make a scenario where the old one was somehow fucked up or damaged, it seems like its within the realm of possibility for them right now.

said by smcallah:

The only way the NSA could really have an operation like this work would be for them to run a complete consulting/sales company that sold network gear and servers under the guise of a reseller that also installed and supported the products and replaced them when there were problems. And they better have the best customer service, because they'd be screwed if whoever they sold to decided to change vendors.

No, all they really have to do is send out some NSLs thru a secret court, and if these companies don't comply, they probably have those people replaced, and for that matter, if you break the gag order, see point 2.
Kearnstd
Space Elf
Premium
join:2002-01-22
Mullica Hill, NJ
kudos:1

Re: I still think it's BS...

The national security letter. AKA the government reminding us they will take away the home of the free and then walk into arlington and piss on the graves of the brave.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports

bigballer

@205.214.216.x

1 recommendation

linksys/cisco router

Ciscos consumer brand (linksys, NOT cisco commercial routers) suck balls anyway. Last good one they made was 10 years ago.
smcallah

join:2004-08-05
Home

Re: linksys/cisco router

Cisco doesn't own Linksys anymore. It's owned by Belkin now.

bigballer

@205.214.216.x

Re: linksys/cisco router

that was last year. Who knows when NSA started tapping into routers.

Suffice it to say, linksys routers have been garbage for the last 10 years.

Simba7
I Void Warranties

join:2003-03-24
Billings, MT

Re: linksys/cisco router

..unless you flash with dd-wrt/openwrt/etc.
elray

join:2000-12-16
Santa Monica, CA
Reviews:
·Time Warner Cable
·EarthLink

Another non-issue

It wouldn't matter whether UPS "helped", or not. They exist at the pleasure of the government, which could have just as easily had a secret court rule that UPS must both "help" and simultaneously deny any cooperation, forced or otherwise.

Why does the media continue to miss the boat, assailing the corporations, rather than looking square at the source of the issue? Could it be that a large, all-intrusive nanny state actually fits their narrative?

Simba7
I Void Warranties

join:2003-03-24
Billings, MT

It's our fault

"that it did not voluntarily allow government officials to inspect its packages unless it is required to do so by law."

All the NSA has to do is wave the Patriot Act in front of them and anyone has to comply with it. Yet, we let this pass without actually understanding the consequences.

Good luck getting this repealed.

IowaCowboy
Iowa native
Premium
join:2010-10-16
Springfield, MA
kudos:1
Reviews:
·Verizon Broadban..
·Comcast

Made in China

I'm sure many Cisco routers are made in China, Korea, Thailand, Japan, etc aka imported like many electronics.

If they never make it on US Soil (such as a Cisco router that is made in China being sold in India), then it will never be touched by NSA unless Cisco voluntarily cooperates.
--
Stop the Comcast-Time Warner merger, I'd rather Time Warner buy out Comcast.

removed
Premium,VIP
join:2002-02-08
Houston, TX
kudos:40

Re: Made in China

said by IowaCowboy:

If they never make it on US Soil [...], then it will never be touched by NSA unless Cisco voluntarily cooperates.

True, it's not like a big spy agency could find their way into the manufacturing or supply chain, or anything like that.
--
irc.removed.us - #dslr

w0g
o.O

join:2001-08-30
Springfield, OR

2 edits

Back doors within hardware yet to be discovered plus blackops

People still don't understand how any of this even works. Number one NSA is going to have spies within the handling chain including at UPS, which could be a driver or pickup man or even a warehouse employee or CEO, on the black ops payroll or undercover or friendly to criminal requests to allow inspection and covert tampering with packages. On top of any court ordered shit to which FISA directly or indirectly allowed. These guys do not need or care about judicial oversight for the majority of their ops.

Next Cisco and their hardware vendors will be building in covert security vulnerabilities sometimes under the guise of a security feature or debug mode, or backdoor mode which may be high level within op code and at the transistor level NOT merely at the firmware or operating system level. An example of such an exploit exists within AMD and Intel processors. The AMD version was discovered in 2010 and originally disclosed as a debug mode that exposed a hidden password within the CPU to enable a covert hidden set of operation path with the CPU, including a full set of registers always operational along side the primary ones. This means software and execution can run on all CPU since at least Athlon XP without detection parallel to normal user mode apps, giving government access to bypass passwords, administrative restrictions and all hardware and software based protections. Intel is known to have similar functionality in the Pentium and Core CPUs. There is no reason Cisco and their CPUs would not include this as well.

Also China is a powerful dangerous country like the USA and Russia, and you would have to assume the same high level hacks are getting put into their companies hardware as well. This is why the United States does not want Chinese hardware used in the USA. We are a very old secret war mongering beast living in a black ops mind control haven with psychic and surveillance warfare on a global scale and people will never know it, will never piece it together no matter how many times the leaks expose it. There is no such thing as liberty or justice anywhere either. NSA Echelon has been out there for decades and decades.

Our leaders lie to us at every corner to cover it up..

See my site in sig to learn more.
--
www.oregonstatehospital.net - CIA and state of Oregon set me up and targeted me with a microwave weapon, learn more.