[171779] in North American Network Operators' Group
Re: New Zealand Spy Agency To Vet Network Builds, Provider Staff
daemon@ATHENA.MIT.EDU (Patrick W. Gilmore)
Wed May 14 04:30:30 2014
X-Original-To: nanog@nanog.org
From: "Patrick W. Gilmore" <patrick@ianai.net>
In-Reply-To: <006a01cf6ef4$faade650$f009b2f0$@wicks.co.nz>
Date: Tue, 13 May 2014 17:52:58 -0400
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On May 13, 2014, at 17:47 , Tony Wicks <tony@wicks.co.nz> wrote:
>> Cc: NANOG list
>> Subject: Re: New Zealand Spy Agency To Vet Network Builds, Provider =
Staff
>>=20
>> I didn't see the NSA telling us what we had to buy are demanding =
advance
>> approval rights on our maintenance procedures.
>>=20
>> Owen
>=20
> Try to get approval to land a submarine cable onto US soil using =
Huawei DWDM
> kit and then come back to us.
Hey, now, that's not fair. The NSA is just doing what any large player =
who dominates their space does - try to block out the competition!
Copy/pasting from a friend of mine (he can out himself if he likes):
=
http://www.theguardian.com/books/2014/may/12/glenn-greenwald-nsa-tampers-u=
s-internet-routers-snowden
- But while American companies were being warned away from supposedly=20=
untrustworthy Chinese routers, foreign organisations would have been=20=
well advised to beware of American-made ones. A June 2010 report from=20=
the head of the NSA's Access and Target Development department is=20
shockingly explicit. The NSA routinely receives or intercepts =
routers,=20
servers, and other computer network devices being exported from the =
US=20
before they are delivered to the international customers.
- The agency then implants backdoor surveillance tools, repackages the=20=
devices with a factory seal, and sends them on. The NSA thus gains=20
access to entire networks and all their users. The document gleefully=20=
observes that some "SIGINT tradecraft is very hands-on (literally!)".
- Eventually, the implanted device connects back to the NSA. The report=20=
continues: "In one recent case, after several months a beacon=20
implanted through supply-chain interdiction called back to the NSA=20
covert infrastructure. This call back provided us access to further=20=
exploit the device and survey the network."
- It is quite possible that Chinese firms are implanting surveillance=20=
mechanisms in their network devices. But the US is certainly doing =
the=20
same.
- Warning the world about Chinese surveillance could have been one of=20=
the motives behind the US government's claims that Chinese devices=20
cannot be trusted. But an equally important motive seems to have been=20=
preventing Chinese devices from supplanting American-made ones, which=20=
would have limited the NSA's own reach. In other words, Chinese=20
routers and servers represent not only economic competition but also=20=
surveillance competition.
Makes you proud to be an UH-mer-e-kan, dunnit?
--=20
TTFN,
patrick
