nanog mailing list archives

Re: huawei

From: Jimmy Hess <mysidia () gmail com>
Date: Thu, 13 Jun 2013 20:58:42 -0500

On 6/13/13, Patrick W. Gilmore <patrick () ianai net> wrote:

It should be trivial to prove to yourself the box is, or is not, doing
something evil if you actually try.


What if it's not doing anything evil  99% of the time... after all
90%+ of traffic may be of no interest to a potential adversary, but
there is a backdoor mechanism that allows "targetted evilness"  to be
enabled?

Sniffing on a targetted IP address can be disguised as "legitimate"
return traffic, to a connection actually initiated from the "backdoor
data interaction point" to some other web server,  creating a ruse..

A low-bandwidth fabricated  return flow  on top of the legitimate
return flow once every few months, or every few days is extremely
likely to go unnoticed,  on any  network that has a significantly
large amount of normal production traffic.

--
TTFN,
patrick

--
-JH

Current thread:

Re: huawei, (continued)
- - - Re: huawei Warren Bailey (Jun 16)
    - Re: huawei Scott Helms (Jun 18)
    - Re: huawei Eugen Leitl (Jun 15)
    - Re: huawei Scott Helms (Jun 15)
    - Re: huawei Jimmy Hess (Jun 15)
    - Re: huawei Scott Helms (Jun 15)
  - Re: huawei Leo Bicknell (Jun 13)
    - Re: huawei Phil Fagan (Jun 13)
    - Re: huawei Nick Hilliard (Jun 13)
  - Re: huawei Mark Seiden (Jun 13)
  - Re: huawei Jimmy Hess (Jun 13)
    - Re: huawei Scott Helms (Jun 13)
    - Re: huawei Jimmy Hess (Jun 13)
- Re: huawei Joel M Snyder (Jun 13)
- Re: huawei Scott Weeks (Jun 13)
  - Re: huawei Mark Seiden (Jun 13)