Re: New Zealand Spy Agency To Vet Network Builds, Provider Staff

[Mike A <mikea () mikea ath cx>]

On Tue, May 13, 2014 at 05:52:58PM -0400, Patrick W. Gilmore wrote:
> On May 13, 2014, at 17:47 , Tony Wicks <tony () wicks co nz> wrote:
>
> > > Cc: NANOG list
> > > Subject: Re: New Zealand Spy Agency To Vet Network Builds, Provider Staff
> > >
> > > I didn't see the NSA telling us what we had to buy are demanding advance
> > > approval rights on our maintenance procedures.
> > >
> > > Owen
> >
> > Try to get approval to land a submarine cable onto US soil using Huawei DWDM
> > kit and then come back to us.
>
> Hey, now, that's not fair. The NSA is just doing what any large player who dominates their space does - try to block 
> out the competition!
>
> Copy/pasting from a friend of mine (he can out himself if he likes):
>  http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-us-internet-routers-snowden
>  - But while American companies were being warned away from supposedly 
>    untrustworthy Chinese routers, foreign organisations would have been 
>    well advised to beware of American-made ones. A June 2010 report from 
>    the head of the NSA's Access and Target Development department is 
>    shockingly explicit. The NSA routinely receives or intercepts routers, 
>    servers, and other computer network devices being exported from the US 
>    before they are delivered to the international customers.
>
>  - The agency then implants backdoor surveillance tools, repackages the 
>    devices with a factory seal, and sends them on. The NSA thus gains 
>    access to entire networks and all their users. The document gleefully 
>    observes that some "SIGINT tradecraft is very hands-on (literally!)".
>
>  - Eventually, the implanted device connects back to the NSA. The report 
>    continues: "In one recent case, after several months a beacon 
>    implanted through supply-chain interdiction called back to the NSA 
>    covert infrastructure. This call back provided us access to further 
>    exploit the device and survey the network."
>
>  - It is quite possible that Chinese firms are implanting surveillance 
>    mechanisms in their network devices. But the US is certainly doing the 
>    same.
>
>  - Warning the world about Chinese surveillance could have been one of 
>    the motives behind the US government's claims that Chinese devices 
>    cannot be trusted. But an equally important motive seems to have been 
>    preventing Chinese devices from supplanting American-made ones, which 
>    would have limited the NSA's own reach. In other words, Chinese 
>    routers and servers represent not only economic competition but also 
>    surveillance competition.

This comes as absolutely no surprise to me. I heard rumbles and rumors as
far back as Gulf War I that just before the "shock and awe" assault, the
Iraqui milnet, and in particular their C3I net, went down hard, reducing
them to radio and POTS. The outage was attributed to our penetration of that
net through router/switch backdoors, and to magic packets to hard-kill the
routers.

While the sources were not, TTBOMK, inside the classification barrier, the
assertions and claims seemed quite plausible then; in light of the Snowden
disclosures to date, them seem not merely plausible, but eminently probable.

-- 
Mike Andrews, W5EGO
mikea () mikea ath cx
Tired old sysadmin