Today in the Guardian, Glenn Greenwald has an excerpt from his new book No Place to Hide: Edward Snowden, the NSA and the Surveillance State. He reveals how the NSA tampers with exported US-made internet routers, servers and other computer networking devices.
A June 2010 report from the head of the NSA’s Access and Target Development department is shockingly explicit. The NSA routinely receives – or intercepts – routers, servers and other computer network devices being exported from the US before they are delivered to the international customers.
The agency then implants backdoor surveillance tools, repackages the devices with a factory seal and sends them on. The NSA thus gains access to entire networks and all their users. The document gleefully observes that some “SIGINT tradecraft … is very hands-on (literally!)”.
Two questions immediately come to my mind:
1) How exactly does the NSA “interdict” these shipments? Hijacking? Bribery? Willing cooperation of someone in the supply chain?
2) How deeply embedded is this software? Can it be wiped by reinstalling firmware downloaded directly from the vendor?
These are great questions. They really should be addressed by the manufacturers. There are only handful of major manufacturers of the products in question and tech journalists know who they are. Cisco, Juniper and a few others.
But who is going to ask them? For all we know they are all cooperating under NSA security letters so they can’t talk about it. They can’t even tell people that they have a security letter. Would they welcome a chance to address this issue as a way to clear their name? Reassure customers?
One of the parts about this story that I find fascinating is that the US accused the Chinese of doing this to the routers they were sending here. In this regard they are like the RW media. Whatever they accuse the left of doing, THEY are doing. Based on this principle, what else did the US intelligence community accuse foreign intelligence agencies of doing?
Speaking of the intelligence community, today on Fresh Air is a great interview with two from NSA analysts talking about an upcoming Front Line show, United States of Secrets. where they discuss how the spying program was developed.
Once again I see just how horrible the system is, and how people who want to do the right thing and go through channels are ignored. Then, when someone finally goes to the outside, the government viciously attacks them.
How can insiders fix things that are wrong? How can outsiders help them? One way might be to look at stories like this and use them as a window of opportunity. Hopefully management will not be as pig headed as the US government when it comes to listening to internal voices. After all, their silence has now hurt their profits. We all know that the most important thing is maintaining profits. Silence is no longer golden.
Speak now or forever hold your tweets.