[163677] in North American Network Operators' Group
Re: huawei
daemon@ATHENA.MIT.EDU (Jimmy Hess)
Thu Jun 13 22:01:13 2013
In-Reply-To: <BC3048D9-F11D-4A06-B57A-5829C5696A5D@ianai.net>
Date: Thu, 13 Jun 2013 20:58:42 -0500
From: Jimmy Hess <mysidia@gmail.com>
To: "Patrick W. Gilmore" <patrick@ianai.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 6/13/13, Patrick W. Gilmore <patrick@ianai.net> wrote:
> It should be trivial to prove to yourself the box is, or is not, doing
> something evil if you actually try.
What if it's not doing anything evil 99% of the time... after all
90%+ of traffic may be of no interest to a potential adversary, but
there is a backdoor mechanism that allows "targetted evilness" to be
enabled?
Sniffing on a targetted IP address can be disguised as "legitimate"
return traffic, to a connection actually initiated from the "backdoor
data interaction point" to some other web server, creating a ruse..
A low-bandwidth fabricated return flow on top of the legitimate
return flow once every few months, or every few days is extremely
likely to go unnoticed, on any network that has a significantly
large amount of normal production traffic.
> --
> TTFN,
> patrick
--
-JH
