Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Security Government News

FBI Says Military Had Counterfeit Cisco Routers 186

There are new developments in the case of the counterfeit Cisco routers, which we have been discussing for some time. The NYTimes updates the story after an FBI PowerPoint presentation made its way onto the Web. It seems that experts at Cisco have examined some of the counterfeit routers in detail and proclaimed that they contain no back doors. Others don't believe we can be so sure. "Last month, [DARPA] began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency's Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive... The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor... The researchers were able to create a stealth system that would allow them to automatically log in to a computer and steal passwords."
This discussion has been archived. No new comments can be posted.

FBI Says Military Had Counterfeit Cisco Routers

Comments Filter:
  • And outsourcing.... (Score:5, Interesting)

    by proudfoot ( 1096177 ) on Friday May 09, 2008 @12:12PM (#23352266)
    Verification of the producer is essential here - and this is perhaps the moment where outsourcing will bite us in the ass. While you can only buy american made cisco routers, there is no doubt some chipsets made in it are manafactured overseas.
    • by moderatorrater ( 1095745 ) on Friday May 09, 2008 @12:29PM (#23352514)
      While essential, it's not the only step. Automatic tests of the router hardware, random checking, and employee control are all necessary steps if we really want our government networks to be secure.
      • by CodeBuster ( 516420 ) on Friday May 09, 2008 @02:03PM (#23353642)
        Even automatic checking and testing can be subverted by a determined adversary. For example consider the program, approved by President Reagan and beginning in 1982, whereby the CIA arranged for the Soviets, who were actively attempting to acquire western technology and hardware, to receive natural gas pipeline software and equipment that was designed to "go haywire" after a set amount of time in normal operation. When the pipeline software and hardware, which would have appeared totally normal at first even if the Soviets had bothered to test it, eventually went haywire (i.e. it ran the ultra high pressure scenario) the resulting explosion was so large that it was detected by satellites designed to monitor nuclear explosions from space. The following article [msn.com] from the Washington Post describes this and other programs and operations that took place during the Cold War as part of a coordinated CIA effort to slip bad technology to our enemies.
        • by jd ( 1658 )
          Given the illegality of such an action (basically, it can be classed as anywhere from State-sponsored terrorism to an outright declaration of war - it took something a damn sight smaller than a nuke for America to bomb Libya at about that same time), the American government should breathe a sigh of relief that such actions didn't end all life on the planet there and then. A drunken Boris Yeltsin damn-near went nuclear when they mistook a weather satellite launch for an attack. Can you imagine the paranoid S
          • by thogard ( 43403 )
            That is not all, however. Chips have reached a complexity of such that an infiltrator could modify the design in progress to implant backdoors, wiresniffing, and so on. That would take enormous skill...

            Lets say you have the FPGA code for a FPGA for a firewall. All it takes is put a bit comparator to next to the input buffer (which could be hidden with the checksum hardware) and when the magic packet hits it, it sends a reset to the filter section causing it to default into a "pass all" mode. The real pro
          • Can you imagine the paranoid Soviet reaction if they believed a nuclear-like enemy attack had already taken place?

            You misunderstand. It was the Soviets who built the gas pipeline and installed the western (i.e. American) pumping turbines and software that their KGB agents had bought through intermediary companies in violation of export restrictions (i.e. they used cloak and dagger to acquire the technology, hence the reason for the United States to introduce the 'bug' into the system...to prevent their thieving ways from paying off when they stole the fruits of our national defense technology research). It was the US

      • If we really want our government networks to be secure, we have to assume that they are not, and take appropriate measures.
        • Re: (Score:3, Funny)

          by flyingsquid ( 813711 )
          I've heard that the problem is a lot more severe than they're actually letting on. Apparently, one of the biggest problems that they're facing is counterfeit Microsoft products. Fortunately, they're pretty easy to recognize, you just have to educate your employees about how everything is supposed to be functioning, and then be vigilant in looking for anything that appears out of the ordinary, any erratic or unusual behavior whatsoever. So if you notice that your computer is running unusually fast, that you'
          • I regret to remind you that as this is a question of in-governmental operation, even counterfeit Microsoft products cannot create unusually fast processes that get lots of work done. Otherwise, that would be a brilliant diagnostic.

            The intuitive interface bit might still work.
    • by failedlogic ( 627314 ) on Friday May 09, 2008 @12:40PM (#23352644)
      I would agree on this one 100%. Outsourcing is in part responsible for this, although, we can't ever be 100% sure of goods manufactured domestically. These companies could care less about counterfeiting Cisco routers so let's say Cisco were to pull the contract. What's to stop the outsourced producer from selling these counterfeits in their own country without the Cisco name? Maybe they already are because presumably (as I understand) because IP law is hard or impossible to enforce in some countries.

      As the NSA already seems to be certifying comm. gear in the military (or might even make the chips for it). Perhaps even for other departments like the FBI. I see one possibility of this that the NSA certifies routers (or makes them itself) or at least makes them in the USA. I don't work with routers nor am I familiar with their manufacturer. I guess my last point, pertaining at least to the FBI investigation, would be invalid if Cisco makes some routers in the USA except, as you indicate, for some chipsets. Though even on chipset in itself could pose a significant risk.

      I'm just surpised that the FBI is even making a "presentation" to anyone on this; regardless of wether the presentation leaked or not.
      • Re: (Score:3, Insightful)

        by dave420 ( 699308 )
        As you say, even domestically-produced hardware can theoretically have trojans in it, so it should be standard practice to certify everything they use, regardless of where it came from.

        The outsourcing boogeyman has nothing to do with this - relying on the "USA A-OK" school of thought as some sort of defense against malicious hardware is obviously not a good idea.
      • Re: (Score:2, Insightful)

        by Vancorps ( 746090 )

        It's worth noting you can do everything a Cisco router can do with a Linux box. I just built a box with Zebra and a solid state hard drve along with a 4 port network card. I have some pretty good throughput with that and I would have no trouble adding additional cards for connections to OC48s and higher.

        Cisco is becoming increasingly irrelevant. They don't bring anything to the table that isn't already out there and they segment it all so it's a lot harder to manage than it needs to be.

        Anyone else notic

        • Their Aironet wireless access points are pretty solid still. I have one in a lab that has been up without a reset for almost a year straight.
          • I was wondering about this, I've had bad luck with the Proxim access points. They seem to just die after so long of use, but I use them in some pretty tough mobile scenarios. I've been looking at Cisco wireless for a while, my scenario would have me deploying probably 30 to 40 access points at a moment notice so there is some appeal to the Cisco approach with light weight access points. I don't really like all the extra gear they make you buy though, especially if you plan on integrating RFIDs into the mix.
        • by Thundersnatch ( 671481 ) on Friday May 09, 2008 @04:19PM (#23355466) Journal

          It's worth noting you can do everything a Cisco router can do with a Linux box.

          Except connect to a SONNET network. Or a DS3 interface. Or aggregate multiple T1s. Or suport terabit switching and routing speeds.

          • Re: (Score:3, Informative)

            by Vancorps ( 746090 )

            SONET, DS3, and DSUs in any quantity can be purchased for a computer without a problem. When you get into the terabit range you still have a lot of options.

            For switching Cisco makes zero sense, HP gives you higher through-put for less money and they aren't the only ones. Let the router do the routing and the switch can do the switching.

            The only reason Layer 3 and 4 switches are becoming commonplace is because routers get more and more expensive the higher up the stack you go. There is nothing worse than

    • For some applications, it might be better to sacrifice performance and cost, and implement most of the logic in FPGAs. Then only one chip needs to be verified, and it can be bought from lots that were fabricated before you even finished your design.
    • by UnknowingFool ( 672806 ) on Friday May 09, 2008 @12:49PM (#23352746)
      I don't know if that will be enough. I remember there was a story from the Cold War on how the CIA spied on the KGB. The KGB used Xerox copiers in their offices. I don't know if the CIA convinced Xerox to modify the copier or they modified it before the KGB received it, but the copier would record all copies to flash memory. Every so often, the CIA would have to retrieve the memory. The KGB eventually got suspicious that one machine seemed to be serviced all the time while the other one wasn't. They weighed both machines and found a tiny difference in weights. Eventually they found an extra board. That's my recollection of it. I can't seem to google for the backstory. Even if you bought 100% American parts, there is not guarantee that it wasn't tampered with during a routine repair and maintenance or tampered with in the manufacturing process.
  • Somehow, I find it hard to believe that DARPA INTENTIONALLY planted vulnerable chips into potentially critical military systems.

    This sounds like a case of spin worthy of Winston Smith from the Minstry of Truth.
    • Re: (Score:3, Interesting)

      I merely skimmed one article which said that Cisco examined the routers and found no backdoors. The Ministry of Peace is probably just trying to test the sneakiness of their own snooping electronics in the name of "national security". The trojans which are found are omitted and the ones which aren't found make it to the production runs. Oh, and before all of this happens, they have the Ministry of Truth spread FUD about Eastasia doing it "first", even though Cisco checked the counterfeit routers and found n
      • * Clarification: "trojans" in the hardware or firmware as well as the software sense.
        • okay... that last post had my mind goind way down the wrong path... "Cisco examined the routers in depth, and didn't find any trojans, only a few durex wrappers"
  • From what I understand, the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for.

    In this case, if Cisco is comparing the counterfeit routers to their legit ones, they should always be the same.

    The question this doesn't answer is this: does the LEGIT Cisco equipment contain back doors? How can Cisco be sure it doesn't? Most of the components are manufactured offshore and the assembly is done offshore. Have they examined each part with an electron microscope to verify it doesn't do anything more than what the spec says it should do?

    They can't just watch for network activity; these routers might be filtering and caching data waiting for the eventual physical removal of the router in the next upgrade cycle -- or, they might all have a kill switch built in, so someone can remotely take out ALL routers. There are an infinite number of possibilities to look for, and since Cisco doesn't manufacture everything in-house, they really don't have much hope of detecting that none of the infinite possible modifications have been made.
    • "Partnership" (Score:4, Interesting)

      by CustomDesigned ( 250089 ) <stuart@gathman.org> on Friday May 09, 2008 @12:27PM (#23352488) Homepage Journal
      Anne McCaffrey wrote a book called PartnerShip [amazon.com] with a plot very similar to this situation. The villian provides chips to the Galaxy, including the military. When nearly everyone has upgraded, it turns out that he can remotely control every device, including military hardware, controlled by the chips. That's enough of a spoiler. How can such a grand and well planned scheme be defeated? You'll have to read to find out...
      • Great Book, great series of books, though it's been a long time since I've read them.

        If you're looking for more: "This ship who *" and "The city who fought"
      • Simple: One of the big carriers is too old to be fitted with the new chips as it faces decommission as a museum. When the bad guy shuts down almost all ships in the galaxy, this old ship is reactivated and sets out along with the few ships that weren't destroyed. Lead by the carrier's scruffy old commander and a teacher suffering from cancer, the remaining humans set out to find Earth.

        Seriously, what did you expect how this scheme is foiled? What I described is SOP for this situation.
        • by Miseph ( 979059 )
          Uh, no, SOP is that they instead use the top secret prototype battle cruiser upon which all other battle cruisers are based, claerly indicating that it is the greatest fighting ship of all time, because by the nth time around design and manufacturing mistakes are always made which compromise the integrity of the original.

          The only other thing you need is an awkward, sexually frustrated adolescent boy genius to pilot it and you're golden.
        • Close. But the properties of hyperspace in the storie's universe are essential to the solution.
      • Anne McCaffrey wrote a book called PartnerShip [amazon.com] with a plot very similar to this situation. The villian provides chips to the Galaxy, including the military. When nearly everyone has upgraded, it turns out that he can remotely control every device, including military hardware, controlled by the chips. That's enough of a spoiler. How can such a grand and well planned scheme be defeated? You'll have to read to find out...

        Microsoft agress to roll out a beta service patch on auto-update early, when all the evil machines start choking on it, heroes come in with manually-controlled weapons to blow them up and save the day.

    • by dreamchaser ( 49529 ) on Friday May 09, 2008 @12:30PM (#23352526) Homepage Journal
      I am generally for free trade and against protectionism, but I am leaning more and more towards the need for a law that makes it mandatory that all gear (guns, routers, computers, coffee makers, etc.) purchased by the Government for any use that is even remotely sensitive be made in the US by US owned companies. That won't necessarily solve this kind of problem, but it would certainly make it far easier to prosecute entities who do things that threaten our national security.
      • I am generally for free trade and against protectionism, but I am leaning more and more towards the need for a law that makes it mandatory that all gear (guns, routers, computers, coffee makers, etc.) purchased by the Government for any use that is even remotely sensitive be made in the US by US owned companies. That won't necessarily solve this kind of problem, but it would certainly make it far easier to prosecute entities who do things that threaten our national security.

        As for "prosecuting" the military has weapons for that sort of thing. Lot cheaper to send a team of Navy Seals to handle a situation than to insist everything be US made.

        On a more serious note, I think you should take some time to look at how the US government does procurement. Typically the US government is EXTREMELY rigorous (to the point of stupidity sometimes) in how they source, where they source from, the design of the products, how much will be paid and when. Generally speaking the US military an

        • As for "prosecuting" the military has weapons for that sort of thing. Lot cheaper to send a team of Navy Seals to handle a situation than to insist everything be US made.

          Ha. Yeah. Let's send the military after, say, China where a significant amount of the goods the US consumes are made.

          Notwithstanding the economic and trade disaster that would ensue (take a look at who owns US debt these days), they could fuck us up militarily. They've got nukes, they've got a way, way larger army than we do, and ain't

        • Yes, I know exactly how the Government does procurement, having had to deal with it often enough in a previous job. That has nothing to do with what I suggested, which would be a radical departure from the free reign allowed to companies WRT to outsourcing the manufacture of devices that are critical to national defense and infrastructure.
          • by sjbe ( 173966 )

            would be a radical departure from the free reign allowed to companies WRT to outsourcing the manufacture of devices that are critical to national defense and infrastructure.

            Such as? Seriously, I'm curious about your experiences. I've got a lot of experience with global sourcing though mostly in the private sector. I've also had exposure to government procurement though it's not my main expertise. I'm aware of many instances of defense infrastructure being outsourced (recent example: the Northrop/EADS tanker contract) but I'm hardly an expert on the matter. What have you seen outsourced that is genuinely critical and you feel should not be outsourced? No joke, I'd like t

            • Seriously? Everything. We're buying fuel tankers from Airbus, routers made in China, weapons systems made in Britain. This makes me sound like a protectionist and I'm not but I think that everything we use with regards to national defense should be made right here in the US. Not only would it help keep some manufacturing jobs here but it would just make me feel a lot safer.

              As for my experiences, those were mostly with providing people, consulting and services to the Government, not gear. I seriously can
              • by sjbe ( 173966 )

                Not only would it help keep some manufacturing jobs here but it would just make me feel a lot safer.

                I understand. Believe it or not I used to feel the same way. I had to be involved in global sourcing for quite a while to come to terms with the idea that maybe, just maybe, it's ok if we buy some stuff elsewhere. It is not an intuitive idea, that's for sure and it IS a little unsettling to rely on something manufactured in a country you might not totally trust.

                Certainly there are critical items that absolutely should never be manufactured anywhere but in the US. But I'd submit that some less critical

                • That's why I said everything that has a bearing on national defense. I think we basically agree.

                  In general I'm all for free trade. I could care less if call centers move to India, or if we buy toys made in China (lead free please!). When it comes to cricital components though, they should be a bit closer to home. That goes for any network hardware used by the Government, too.
        • I think the past couple months of economic headlines are putting to rest that notion that destroying your manufacturing base is a good idea. We were a lot better off when a lot more stuff *was* US made.
          • by sjbe ( 173966 )

            I think the past couple months of economic headlines are putting to rest that notion that destroying your manufacturing base is a good idea.

            Where did you get the idea that the US manufacturing base has been "destroyed"? Sure, a lot of labor intensive work has migrated to locations with low labor cost. But US manufacturing output has increased in the last 10 years. For example manufacturing output in Michigan rose 6.6% from 2001-2006 [nam.org] and Michigan is one of the harder hit states in the recent economic downturn. Employment in manufacturing has fallen but actual output has increased quite steadily. It's no different than the farm industry. F

      • by Machtyn ( 759119 )
        And that software and hardware should open-sourced. This will, hopefully, allow peer review for security, snafu, and waste. Granted, this may not be practical in all situations. However, I think the Linux/BSD community has shown that peer reviewed and community supported software can be very tight, security and otherwise.
    • by Anonymous Coward on Friday May 09, 2008 @12:42PM (#23352664)
      As being someone who recently has purchased several Cisco products on Ebay lately, I can tell you that the counterfeit items are not made on the same assembly line. There are several design differences between them.I use the "Andover test" to tell if I'm purchasing authentic Cisco cards.

      If I did purchase a card or Cisco product that did pass the Andover test, then chances are that it was manufactured on the same assembly line, but then you would most likely see a report of a duplicate mac address on a "genuine" Cisco product somewhere. So yes it's a possibility, but highly unlikely IMHO.
    • by sjbe ( 173966 ) on Friday May 09, 2008 @12:42PM (#23352668)

      the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for.
      That happens ALL the time. I've visited manufacturing plants in China and I've seen it happen with my own eyes. Selling out the back door is not surprising at all. In fact this is why I'm less worried than I might otherwise be about the gear having back doors or being otherwise compromised. Simplest explanation is just theft in one form or another.

      does the LEGIT Cisco equipment contain back doors?
      Very good question. Got to be worrisome to the US military and security agencies. Much/most off the shelf hardware is made outside the US where it wouldn't me much of a stretch to imagine backdoors have been added by foreign governments. Same worries that other governments have about US made/designed software and hardware. And of course if you really want to get tin-foil-hat about it one has to wonder if our own government has had back doors installed. Very unlikely to be sure, but clearly possible.

      That said, it's pretty low on the list of likely threats. Pretty hard to know exactly what gear will be placed where and what it will give you access to. Plus even with a back door, places with sensitive data are more likely to be monitoring the traffic which is harder to hide.
      • Pretty hard to know exactly what gear will be placed where and what it will give you access to. Plus even with a back door, places with sensitive data are more likely to be monitoring the traffic which is harder to hide.

        They can't just watch for network activity; these routers might be filtering and caching data waiting for the eventual physical removal of the router in the next upgrade cycle -- or, they might all have a kill switch built in, so someone can remotely take out ALL routers. There are an infinite number of possibilities to look for, and since Cisco doesn't manufacture everything in-house, they really don't have much hope of detecting that none of the infinite possible modifications have been made.

        • by sjbe ( 173966 )

          They can't just watch for network activity; these routers might be filtering and caching data waiting for the eventual physical removal of the router in the next upgrade cycle

          Which presumes the entity making the modifications has access to the device and the upgrade schedule - rather a stretch I think. Plus, our government isn't exactly known for rapid upgrades. Timeliness of any information would be a huge issue.

          -- or, they might all have a kill switch built in, so someone can remotely take out ALL routers.

          Which presumes that all such said routers can receive such signals. Possible? I suppose, but incredibly unlikely. And even if it happened what are the effects? Hard to predict but probably not devastating. Now if it can disable warships? That's a problem.

          There are an infinite number of possibilities to look for, and since Cisco doesn't manufacture everything in-house, they really don't have much hope of detecting that none of the infinite possible modifications have been made.

          They

    • by Frosty Piss ( 770223 ) on Friday May 09, 2008 @01:59PM (#23353574)

      From what I understand, the counterfeit routers are made in the same factories by the same people who make the real routers; they just keep the assembly line running past the hours that Cisco is paying them for.
      I keep hearing this. But look at the images of the hardware side by side [cachefly.net] ... Is it the same? No it's not. Clearly these two boards are not from the same manufacturing line.
      • Clearly these two boards are not from the same manufacturing line.

        There more detailed photos here [andovercg.com].

        IMHO the extent of differences they are talking about (The brand mark on the RJ-45 connector, the font of the barcode sticker, and suchlike) could easily be explained by a completely normal mid-production change in suppliers. I would say it is far from clear that the two boards are not from the same manufacturing line. Indeed, it would be hard to make two such identical boards without the original CAD data.

        Just my $0.02

    • Zona Europa has a great writeup about how Chinese factories cheat [zonaeuropa.com]. It's an eye-opener, it's got ways of cheating that I would never have dreamed of.
  • Not a big surprise. (Score:5, Informative)

    by Smenj ( 648240 ) on Friday May 09, 2008 @12:18PM (#23352344)
    I work for a company that sells used electronics on eBay. We'll occasionally buy cheap gear over eBay too, then resell it at a profit. For many months now we've had a huge problem with counterfeit Cisco cards. It's amazing how detailed the counterfeiters are. My boss wrote up a detailed guide on how to spot fakes. Google "counterfeit cisco wic".
  • Question is... (Score:2, Interesting)

    by Anonymous Coward
    ... of the DARPA-hacked routers were any of the 'cisco experts' able to determine tampering?

    That seems like a logical test, so I have to wonder if they have done it already... or not?

    If they contain no backdoors, *THAT WE CAN FIND*, do we continue using them?
  • Fear Fear Fear (Score:4, Insightful)

    by Anonymous Coward on Friday May 09, 2008 @12:29PM (#23352504)
    Be afraid. Be very afraid. Vote for those that seek to protect you.

    This seems like a scare tactic to "warn" people about the dangers of fake hardware/software. Expect a big push around these types of "stories" as more bills like PRO-IP go through congress and as the creation of the IP & Copyright Czar in the Whitehouse gets a big push.

    It's a concern but seems to point more to incompetence rather than some difficult-to-spot threat. Why are government agencies not buying directly from Cisco? Seems they should have some sort of corporate connection.

    "We must protect our precious bodily fluids."
    • Re:Fear Fear Fear (Score:4, Insightful)

      by ahabswhale ( 1189519 ) on Friday May 09, 2008 @01:14PM (#23353058)
      1) This has nothing to do with IP rights.

      2) It's a concern when you consider the potential effects of this kind of infiltration. Buying directly from Cisco, in no way, protects you from this problem. The hardware is still made overseas in some factory by a bunch of people who may not like the US very much (which is true of 99% of the planet right now).

      Apparently you lack the imagination to see how ugly this can get. Fortunately DARPA isn't run by you.
      • Re: (Score:3, Interesting)

        by _Sprocket_ ( 42527 )
        I wouldn't be so quick to dismiss the IP rights issue. Counterfeiting is all about IP rights. The law doesn't differentiate between you producing knock-off fashion items, work-alike network gear, or burning copies of a music album or movie. Expect these kinds of stories to show up more as pushes are made to put more teeth behind these laws. The same laws that most benefit hot-button topics for the Media industries.

        Having said that - I would agree that counterfeit gear is a real issue with real potential
      • 1) ...yet.

        2) He was arguing from a sardonic "government spin" perspective. What you say is true; he's trying to point out how the PR groups will avoid that fact.

        I take it you didn't get the Dr. Strangelove reference.
        • The story leads off about how the FBI found counterfeit routers being used by the military and then goes on to talk about DARPA's research project to test and prevent this kind of infiltration. At no point does it discuss IP rights. Given the sheer volume of IP coverage on /., is it really necessary to introduce it to other topics like this? Do we need another Godwin's Law to cover this?

  • by gregarican ( 694358 ) on Friday May 09, 2008 @12:30PM (#23352528) Homepage
    So that's why my crappy Linksys wifi access points have to be rebooted every week or so. Damn commies!!!
  • by MarkGriz ( 520778 ) on Friday May 09, 2008 @12:38PM (#23352608)
  • by Sam King ( 1263550 ) on Friday May 09, 2008 @12:53PM (#23352814)
    For those of you who are interested, you can find more technical details of how we designed and implemented malicious hardware from here [uiuc.edu]

    -- computer scientists from University of Illinois
  • by atarione ( 601740 ) on Friday May 09, 2008 @12:55PM (#23352844)
    if your new rack mount routers and switches say "crisco" on the front you may have a problem.
  • by natoochtoniket ( 763630 ) on Friday May 09, 2008 @01:03PM (#23352926)

    The question is not whether Cisco routers have back doors. That has to be assumed. If I was running NSA over the last several decades, I would have my people deep inside every communication equipment manufacturer. The manufacturers management might not even know about it.

    The NSA surely has arranged to have one or more back doors designed into virtually every kind of communications switch. The only Cisco employees who would know about them would be the NSA people who work inside Cisco, and some regular Cisco employees who have been cleared. If this has not been done, the NSA senior managers should be fired or jailed.

    The real questions are: How many back doors are there? and who has the keys? The (assumed) NSA back door might not be the only one. There is a possibility that the Chinese or Indian chip-fab or software contractors have also installed back doors for their own governments.

    With billion-gate machines, a few thousand extra gates would be hard to see. If the extra logic looks like instruction-cache, but just has a little extra code, it would be almost impossible.

  • I'm certain that if the Chinese haven't in fact installed back doors in bogus (or even real) Cisco routers that they manufacture, they at least have contingency plans for doing so. Their intelligence service wouldn't be doing their job properly if they hadn't. It's too good of an opportunity for intelligence gathering.

    Conversely, I would fully expect the CIA or NSA to have programs in place to surreptitiously install back doors in routers for our use, either with or without the manufacturers' cooperation. A
    • And to see an example that makes your theory not very far-fetched at all, one only needs to look at the steganography [wikipedia.org] in color laser printers, where almost all color laser printers embed identifying information into each page printed out, in the form of yellow dots. (More here [eff.org] at the Eff.)

      It isn't like "New and improved: know which printer printed every page, whether you want it or not!" was a good marketing slogan.
  • Iran got to read its diplomatic cables in the press.
    What did Cisco get to read?
    http://english.ohmynews.com/ArticleView/article_view.asp?menu=A11100&no=381337&rel_no=1&back_url= [ohmynews.com]

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...