FBI Says Military Had Counterfeit Cisco Routers 186
There are new developments in the case of the counterfeit Cisco routers, which we have been discussing for some time. The NYTimes updates the story after an FBI PowerPoint presentation made its way onto the Web. It seems that experts at Cisco have examined some of the counterfeit routers in detail and proclaimed that they contain no back doors. Others don't believe we can be so sure. "Last month, [DARPA] began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency's Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive... The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor... The researchers were able to create a stealth system that would allow them to automatically log in to a computer and steal passwords."
Fear Fear Fear (Score:4, Insightful)
This seems like a scare tactic to "warn" people about the dangers of fake hardware/software. Expect a big push around these types of "stories" as more bills like PRO-IP go through congress and as the creation of the IP & Copyright Czar in the Whitehouse gets a big push.
It's a concern but seems to point more to incompetence rather than some difficult-to-spot threat. Why are government agencies not buying directly from Cisco? Seems they should have some sort of corporate connection.
"We must protect our precious bodily fluids."
Re:This is what we get - Go one further (Score:1, Insightful)
but when you outsource DIRECTLY to countries that
A: do not like you and make little attempt to hide it
B: are actively engaging in espionage, known and unknown
C: have no distinctions between state and corporation, commerce and warfare
Hand in your commission and your cover, you fucked up.
You've hit the fubar trifecta. Your command is terminated.
There is no excuse for this in a trillion dollar army. Good day.
Re:free software distributes the effort. (Score:5, Insightful)
Maybe, however, I am missing something about the procedure you are proposing; what parts would be open source?
An Evil Competitor. (Score:1, Insightful)
I think RMS summed up the current US relationship with China quite well:
The rise of "IP" and corporate interests over democracy in the US has never been clearer than in the last five years. Everything you own can be confiscated for suspicion of "making available" crappy RIAA music that can be found on any radio station. Your email, web browsing, phone conversations and church can all be monitored without a warrent. Those who object will be put on "non fly lists" that are used by banks, employers even the local gym, so the accused is essentially proscribed. The military is now authorized to act against US Citizens in "an emergency". Massive voter fraud has been proved in several major elections. In short, most of the bill of rights has been violated in the interest of government and corporate power. Trade with China has not made China more free, it has made us more like them.
Re:And outsourcing.... (Score:3, Insightful)
The outsourcing boogeyman has nothing to do with this - relying on the "USA A-OK" school of thought as some sort of defense against malicious hardware is obviously not a good idea.
Re:Fear Fear Fear (Score:4, Insightful)
2) It's a concern when you consider the potential effects of this kind of infiltration. Buying directly from Cisco, in no way, protects you from this problem. The hardware is still made overseas in some factory by a bunch of people who may not like the US very much (which is true of 99% of the planet right now).
Apparently you lack the imagination to see how ugly this can get. Fortunately DARPA isn't run by you.
Re:An Evil Competitor. (Score:3, Insightful)
Re:And outsourcing.... (Score:2, Insightful)
It's worth noting you can do everything a Cisco router can do with a Linux box. I just built a box with Zebra and a solid state hard drve along with a 4 port network card. I have some pretty good throughput with that and I would have no trouble adding additional cards for connections to OC48s and higher.
Cisco is becoming increasingly irrelevant. They don't bring anything to the table that isn't already out there and they segment it all so it's a lot harder to manage than it needs to be.
Anyone else notice a sharp decline in the quality of Cisco products over the last 5 years?
Re:And outsourcing.... (Score:3, Insightful)
Flash memory... cold war? Surely you must be joking
They used a camera with a roll of film, which they then had to develop
Brutal US Actions. (Score:1, Insightful)
The US invasion of Iraq has cost the US more than 4,000 servicemen and Iraq one million dead, 2.5 million refugees, an irreparable infrastructure and horrific civil war. If that's not bad enough for you, the advocacy and use of torture should be. Wake up! we are now a terrible abuser of human rights and we are doing it for oil, big fat "best year ever" oil. What we do to others we will do to ourselves sooner than later.
Re:free software distributes the effort. (Score:1, Insightful)
Sun has open-sourced the Niagra designs under the GPL, and you can license UltraSPARC from SPARC Inc. Unlike Xeons and Opterons, you can actually get SPARC CPUs from at least two manufacturers: Sun and Fujitsu.
Re:And outsourcing.... (Score:5, Insightful)
Except connect to a SONNET network. Or a DS3 interface. Or aggregate multiple T1s. Or suport terabit switching and routing speeds.
Re:An Evil Competitor. (Score:3, Insightful)
arbitrary or unrestrained exercise of power; despotic abuse of authority. - check! It's just in other countries. the government or rule of a tyrant or absolute ruler. - check! The executive branch has been heading towards full dictatorial powers and can now "legally" seize them in case of an emergency, in so many words. oppressive or unjustly severe government on the part of any ruler. - check! In my opinion just the laws against victimless crime are sufficient to qualify. One percent of our population is in prison. And while we ostensibly do not permit cruel or unusual punishment, not only do we kill people for crimes (as if it solved anything) but we do it in horribly inhumane ways; while hanging has gone out of vogue (breaking or at least damaging someone's neck and strangling them by their own weight, which can take minutes) we still electrocute people (causing their body to dance, shake, twitch, and convulse for some time) or use a gas chamber (in which you have ample time to think about your impending death.) At least the lethal injection is relatively "humane" (as if putting someone to death unnecessarily after our social system has by definition failed them could ever be termed as such.) undue severity or harshness. - The system is full of it! Shit, you can potentially get sent to jail for years for copying a DVD for personal use! This government is completely out of control and just because it's worse in other places doesn't mean it's not bad here. Your standards are just so low that you're willing to put up with a government which repudiates everything this nation ostensibly stands for and deliberately causes pain and suffering in the name of profit.