Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

[ARS] Photos of NSA "upgrading" a Cisco Router

Industry news items concerning VPNs, darknets, crypto, surveillance and secure computing.
User avatar

Topic Author
parityboy
Site Admin
Posts: 1280
Joined: Wed Feb 05, 2014 3:47 am

[ARS] Photos of NSA "upgrading" a Cisco Router

Postby parityboy » Wed May 21, 2014 5:36 pm

Here’s how it works: shipments of computer network devices (servers, routers, etc,) being delivered to our targets throughout the world are intercepted. Next, they are redirected to a secret location where Tailored Access Operations/Access Operations (AO-S326) employees, with the support of the Remote Operations Center (S321), enable the installation of beacon implants directly into our targets’ electronic devices. These devices are then re-packaged and placed back into transit to the original destination. All of this happens with the support of Intelligence Community partners and the technical wizards in TAO.


Source

I'm sure I heard a rumour of this a few weeks back; someone in the US suspected her keyboard had been intercepted by the NSA and then re-shipped...in the case of a router being meddled with, what would this mean for VPN software, assuming that software was NOT running on the router itself? I think we can safely assume that VPN software running on the router would be unclean.

User avatar

marzametal
Posts: 520
Joined: Mon Aug 05, 2013 11:39 am

Re: [ARS] Photos of NSA "upgrading" a Cisco Router

Postby marzametal » Thu May 22, 2014 12:12 pm

Would be good to see if there was a method to figure out if an implant has been made... without going to university for half a decade to know wtf every nook and cranny in a PC or peripheral device looks like and does. Thanks for reminding me of an update I need to make, damn I still have a wireless mouse...


Guest

Re: [ARS] Photos of NSA "upgrading" a Cisco Router

Postby Guest » Thu May 22, 2014 9:34 pm

Encrypted VoIP while using an wireless headset without encryption is another common mistake.
On the other hand I don't know about any headset that uses encryption. Not to mention open source drivers...

And no: Bluetooth is not a secure technology even if id advertises encryption. ;)

User avatar

Topic Author
parityboy
Site Admin
Posts: 1280
Joined: Wed Feb 05, 2014 3:47 am

Re: [ARS] Photos of NSA "upgrading" a Cisco Router

Postby parityboy » Fri May 23, 2014 4:45 pm

@marzametal

If the implant is haradware there's not much you can do. If it's firmware, you'd need a SHA hash of the original and then compare it to what you have in front of you.


Guest

Re: [ARS] Photos of NSA "upgrading" a Cisco Router

Postby Guest » Fri May 23, 2014 9:40 pm

Also relevant to this topic: https://www.privacyinternational.org/bl ... at-we-dont

This at least suggests that there might be some kind of retainable information saved on every(?) input hardware sold. There is something that the GCHQ knows that we still don't.


Return to “crypto, VPN & security news”

Who is online

Users browsing this forum: No registered users and 7 guests

Login