oldest one in the book
"How else could kit shipped through normal channels be diverted into the NSA's hands long enough for it to be tampered with?"
Because they have set up spoof companies to do just that ?
Glenn Greenwald, the journalist responsible for funnelling many of Edward Snowden's revelations to the world, has penned a book in which he alleges the NSA intercepts routers before US manufacturers can export them, in order to implant backdoors. Excerpted by The Guardian, Greenwald's tome No Place to Hide alleges the …
Their current MO is blanket surveillance. Every phone, every account, every cloud service, every device anywhere is a potential target, and they want to have access.
https://www.schneier.com/essay-469.html
http://www.theguardian.com/world/2013/jun/14/al-gore-nsa-surveillance-unamerican
http://www.afcma.org/
http://www.usafoil.com/
http://en.wikipedia.org/wiki/Aluminium_foil
Just pasting ranty URLs does not build a case.
I have done consulting work for Cisco. It is an INTERNATIONAL company, with products developed all over the world and manufactured in different places.
For example, there is a development house in Norway and the products they make are built in Poland.
On top of that, you can download the code for many of these devices. Granted, you can't download it all.
While it might be plausible to infect US made products and conspire to keep the US side of Cisco quiet, the company is far too large and multinational to keep anything secret for long.
"Do you really think they would be interested in you? Are you really that important to them?"
Fair question, but the wrong one. The *find* things to be interested in, that's their whole rationale for existence, and there is little to nothing a citizen can do about the damage caused by mistakes of wilful intent...
You have a bunch of unaccountable people who's stated mission is to find guilty people and fuck them over, and they have a massive amount of (potential) leverage over every man woman and child in society... These folks are prone to temptation & fuck ups like everyone else, it's not a question of when innocent folks are going to get fucked over, it's a question of how many.
... And then we come to the people defending and advocating mass surveillance, the "nothing to hide, nothing to fear" brigade. The same brigade that consistently argues *against* the same level of scrutiny being applied to them... They clearly have something to hide, but they are telling you to trust them implicitly, surely that must make you a little suspicious as to why they would advocate something they don't want themselves.
Do you really think they would be interested in you? Are you really that important to them?
Nobody at the NSA is the least bit interested in anything I say or do. Unfortunately, until they invade my privacy in order to determine that, there's really no other way for them to find out.
I guess it depends on your world view - Are you happy for people to rummage through your personal life provided they're bored by what they find?
"Nobody at the NSA is the least bit interested in anything I say or do. "
That's what you think. But you're a commentard on a top tech site, read around the world. Your comments amount to briefing against them. The implicit sarcasm in your posting name indicates you may hold other views that aren't part of the commonly received wisdom of the political elite.
You've already seen a couple of CEO's mysteriously outed and hit hard for private views, comments, or behaviours that suddenly "happened to come to light". Do you really think that people stumbled across these? The EU is in the process of establishing a task force of social media "wardens" to promote the bureaucracy's view of itself as a truth, and bat down detractors. Could be the same for other forms of government.
When it comes to rude words there's already laws against some of them. How long before the McCarthy-ism that big government is so fond of starts to look for people who it can lable as "anti-democratic", "climate change deniers", "supporters of terrorism" etc?
"How long before the McCarthy-ism that big government is so fond of starts to look for people who it can lable as "anti-democratic", "climate change deniers", "supporters of terrorism" etc?"
Glenn Greenwald said as much, on "The Colbert Report" just 2 days ago,
and,
that he is currently writing an expose for the Guardian based on material that Edward Snowden collected that attested to that VERY FACT.
Greenwald went on to say: THESE revelations were the WORST of the exposed abuse of power by the NSA:
http://thecolbertreport.cc.com/videos/2j80wh/glenn-greenwald-pt--1
http://thecolbertreport.cc.com/videos/31s76v/glenn-greenwald-pt--2
"Do you really think they would be interested in you? Are you really that important to them?"
In a word - YES.
I may be a boring forty year old that watches animé and writes crappy programs for a passtime...
...but that could be a cover for my exciting secret life as an Al Qaeda operative plotting to blow up the Eiffel tower just, cos, that's what terrorists do.
I get the impression that the NSA isn't looking to follow people of interest, but rather looking to discard those who are obviously not of interest. Which means hacking personal routers provides just as much value as those of companies.
Not a/c, there's no point...
Why do you think that they need to intercept something in the channel and delay a transport? The NSA could simply have a stock of hacked routers in their warehouse. Then, when a router is ordered, it could simply substitute the hacked router for the ordered router at some step along the way. Customs comes to mind, since it could just as easily swap in a bugged router for the unbugged router as it is doing its "inspections."
Don't make things too complicated, folks. Think like a spook.
"....The NSA could simply have a stock of hacked routers in their warehouse. Then, when a router is ordered, it could simply substitute the hacked router for the ordered router at some step along the way....." Except it won't have the serial numbers or software license IDs recorded by the factory, which means when you place a support call for it it would bleeding obvious that it was not the right router.
Ooh, two thumbs down, but no explanation of how they are convinced the Big Bad Man could work around the serial number and licensing issues I pointed out. It seems some people are so determined to baaaah-lieve that actual and reasoned argument is just beyond them.
If it was a hardware item they'd implanted, I'd expect to see picture of it online by now. So let's assume it's a firmware thing. So where is the code dump, showing Before and After?
Given all the other tear-downs, BOM estimating, code reverse engineering, chip probing, Wire Sharking, and 'Will It Blend?' videos, this one seems to be a bit evidence-sparse.
"You were aware that fellows at the NSA were tampering with routers?"
"NO!"
"Yes."
"Oh..."
"And unless I'm gravely mistaken they were doing so to plant backdoors."
"NO!"
"Yes."
"Oh..."
"The NSA thus gains access to entire networks and all their users."
"NO!"
"Yes."
"Oh..."
More of that conversation -> https://www.youtube.com/watch?v=me9ft6HeaMQ
Nice update that kind of makes her claim rather dubious! Even she said that the seller said that they had entered the wrong tracking number! That HAPPENS! I've done it with people that I have shipped stuff to and then corrected it as soon as I spotted the error and let them know that the first one was wrong.
People that are paranoid want to read into things that are not there merely to fulfill their fears. That's what this woman has done. Eff Me, to claim that her device has been tampered and yet she hasn't received it should set alarm bells off!
Maybe The Onion Router project (originally sponsored by DARPA and the U.S.Navy Research Laboratory) has, itself, a back door to allow access? It is just as likely.
Let's face it, Verizon FiOS has it's own backdoor into the router they supply to customers. It reports back to them new password and admin user id for the device, it reports back the WiFi password and it also reports back any changes to the settings that are made.
I would be more worried about that than whether the NSA are messing with a router. What Verizon are doing with their equipment is effectively a bigger privacy concern and a bigger concern to your personal security than whether the NSA can access your device.
Oh and Comcast equipment does similar and I suspect that most equipment supplied and leased to the public by all these companies are far worse. If they can access the information does it not put a risk that a hacker can equally so get access to your personal network through similar hacks. If you want to be all worried and paranoid!
I think you've unwittingly found a new tactic for us to employ against the NSA.
They are having routers sent to them in the US from China, before re-shipping them across the world. Think of how much CO2 that produces. We must get the environmental crusaders in - that'll provide some leverage for the non-snooping side
It's interesting watching a whole new generation of people get excited about this; quite honestly the writing has been on the wall for years. If you want security then you need to start by assuming that all commercial kit is potentially compromised - and even if you can secure your own kit, your packets still have to travel on a public network.
If you maintain any public profile that might possibly be of interest to someone, somewhere then security through technology is an illusion. To quote Quentin Crisp, "If it can be done, it will be done."
It's so very tiring hearing the paranoid dillusional rants of Greenwald and his buddies.
Am I worried that the NSA may have access to my router through some backdoor? Not really, it's hardly a concern to me, they can snoop in my boring life.
The only ones that seem to care are those that seem to think they are important and those people tend to be self important. I bet that Stazi agent Angela Merkel is worried as she continues to expand the reach of the fatherland and complete the fuhrer's unfinished work. Snigger.
Maybe Snowdon's theft of data was caught early and they just fed him a load of BS because it is far better for misinformation to be leaked that scares people and keep those that they really would like make their communication and information sharing such as terrorist organizations in fear that their plans may have been compromised by the NSA.
I am also sure that there is far less leaked information available than Greenwald has claimed because a lot of it keeps getting repeated worded differently but repeated all the same. I am sure that he is concerned that his 15 minutes are over, just as people don't think about or give a hoot about Snowdon anymore, and he is concerned that he is now drifting back behind that curtain of obscurity from whence he came and where this irrelevant tiresome man should have stayed along with the other's in his little clique.
Well, I'd guess that's why they were suddenly so worried about Huawei's hardware. Must have been a case of 'OMG, we do this to them and they might do the same to us'. Kind of the inverse of don't do to others what you wouldn't want done to yourself.
According to:
http://www.statisticbrain.com/pizza-statistics/
there are 3 billion (with a 'b') pizzas sold every year in the US. That translates to an average of 8,219,178 pizzas sold per day.
These stats are quantitatively accurate, but the data quality is suboptimal. Many pizzas are ordered and bought in-store, and paid for in cash. These types of transactions are very difficult to track, which makes them extremely suspicious.
(Memo #1: feasibility study of tracking pizza deliveries in-transit -- better tracking accuracy. Possibly SATINT - check with NRO).
(Memo #2: correlation between pizza toppings preferences and potential involvement in subversive activities).
Let's assume that 33% of all pizza orders in the US are in-store cash transactions. The other 67% are phone or internet orders, and are paid for either by credit card or by electronic debit or check. That comes out to 5,506, 849 pizza orders per day. These types of transactions are currently being monitored.
Presumably, NSA is tracking all the electronic orders in real-time, and keeping a metadata record permanently stored somewhere. In duplicate, just in case.
Cool.