Re: huawei

[Scott Helms <khelms () zcorum com>]

Not at all Michael, but that is a targeted piece of data and that means  a
command and control system.  I challenge your imagination to come up with a
common scenario where a non targeted "I'm/they're here" that's useful to
either the company or the Chinese government keeping in mind that you have
no fore knowledge of where these devices might be deployed.   Also, no
oneseems to want to touch the fact that doing this kind of snooping would
be several orders of magnitude easier on laptops and desktops which have
been sold by Lenovo for much longer than networking gear by Huawei.
On Jun 13, 2013 8:39 PM, "Michael Thomas" <mike () mtcc com> wrote:

> On 06/13/2013 05:28 PM, Scott Helms wrote:
>
> > Bill,
> >
> > Certainly everything you said is correct and at the same time is not
> > useful
> > for the kinds traffic interception that's been implied.  20 packets of
> > random traffic capture is extraordinarily unlikely to contain anything of
> > interest and eve if you do happen to get a juicy fragment your chances of
> > getting more ate virtually nil.  An effective system must either capture
> > and transmit large numbers of packets or have a command and control system
> > in order to target smaller captures against a shifting list of addresses.
> > Either of those things are very detectable.   I've spent a significant
> > amount of time looking at botnet traffic which has the same kind of
> > requirements.
> I think you're having a failure of imagination that anything less than
> a massive amount of information sent back to the attacker could be
> useful. I think there are lots and lots of things that could be extremely
> useful that would only require a simple message with "got here" back to the
> attacker if the "got here" condition was sufficiently interesting. Spying
> doesn't
> have the same motivations as typical botnets for illicit commerce.
>
> Mike