Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Government Networking Privacy United States Hardware

Have a Privacy-Invasion Wishlist? Peruse NSA's Top Secret Catalog 259

An anonymous reader writes with a link to Der Spiegel, which describes a Top-Secret spy-agency catalog which reveals that the NSA "has been secretly back dooring equipment from US companies including Dell, Cisco, Juniper, IBM, Western Digital, Seagate, Maxtor and more, risking enormous damage to US tech sector." Der Spiegel also has a wider ranging article about the agency's Tailored Access Operations unit.
This discussion has been archived. No new comments can be posted.

Have a Privacy-Invasion Wishlist? Peruse NSA's Top Secret Catalog

Comments Filter:
  • by NoNonAlphaCharsHere ( 2201864 ) on Sunday December 29, 2013 @09:31AM (#45811417)
    The NSA has been "secretly back-dooring" the American people for years.
  • And Ultimately (Score:5, Insightful)

    by mrspoonsi ( 2955715 ) on Sunday December 29, 2013 @09:33AM (#45811427)
    The NSA will achieve the opposite for the USA, not more security but less, with the rest of the world now keen to do their own thing, the NSA are a loose cannon on a rolling ship.
    • Re:And Ultimately (Score:5, Insightful)

      by Anonymous Coward on Sunday December 29, 2013 @10:55AM (#45811857)

      The NSA has already achieve the opposite for the USA

      There FTFY... Talking to non IT people, the thing that most people don't seem to have understood is that Snowdon and hundreds of administrators from private contractors like him had uncontrolled access to all of the data. Those people will for 100% sure include some spies from hostile powers like Russia, China and North Korea. Some of those people will have already extracted data. People working for the NSA and DOD wrote the orange book [wikipedia.org] about this. They have no excuse to pretend they didn't know that gathering all this data together would be dangerous.

      The real thing that the NSA and GCHQ are trying to hide, is not the spying. It is that they were caught seriously endangering their countries for profit.

    • by gweihir ( 88907 )

      The NSA has also pointed out this way how atrociously bad commercial "security elements" typically are. I foresee that the market will change and not for the better for the US. But overall, I disagree. This is going to make us all more secure (well, maybe not anybody in the US), because economic espionage by the NSA is now a clearly visible reality that everybody has to defend against. And the NSA is not using any magic, just standard criminal practices on a large budget. That commercial firewalls are not t

    • Bullshit (Score:5, Insightful)

      by pablo_max ( 626328 ) on Sunday December 29, 2013 @12:35PM (#45812385)

      "loose cannon"? Bullshit.
      Don't you think for one damn minute that the NSA is "off the ranch" with their programs. They were implemented at the behest of our beloved and benevolent leaders.
      The "justice" branch (haha) just declared everything is just fine after all. The executive branch and legislative branch has already said time and time again that the NSA is doing useful and important work.

      What really chaps my ass, is not that the government tells people these programs are for the so-called "war on terror" or that certainly, the government would never use it against non-terrorist, but the that nearly every poll indicates that most 'mericans fucking believe them!
      I know they have done their best over the last 40 years to indoctrinate kids starting in kindergartener, but it is sad that so many folks just close their eyes and refuse to ask hard questions.
      Think about it...forcing children to pledge allegiance to a government... It is fucking crazy. We are brainwashed never to question our masters, and it is working. Fuck, look at the shit your facebook friends post! That is a representation of America.
      Disclosure, I feel I have the right to bitch. I did my 4 years in the services and about half that was in the shitty hotspots of the world keeping and eye on brown people.

  • by Anonymous Coward

    Don't use US service providers. It should be obvious by now, but the reason why the US warn about all kinds of subversion and attacks is that they know what they themselves are doing to the rest of the world.

    • by Desler ( 1608317 ) on Sunday December 29, 2013 @09:44AM (#45811483)

      Huawei and Samsung are US companies? Because if you read the article these things are not limited to US companies despite the implication of the summary.

    • by fatphil ( 181876 )
      Alas it's rather hard to avoid intel & AMD for those who are tied to the architecture.

      Now my Alpha's long dead, and my POWER is getting rather long in the tooth, I suspect my next purchase will be a Loongsoon-powered box.

      Note that the mention of Samsung in the article is a little bit wrong - they sold their HDD division to Seagate (a US company, modulo tax-evasion) in 2011. Whether their SSDs are compromis{ed,able} is another matter.
      • How is it wrong? The article is about a 2008 document. It was merely reporting what was in it.

        • by fatphil ( 181876 )
          OK, the article itself is not wrong. I just didn't want people to jump to the conclusion that because a modern HDD says "Samsung" on it, it's not a US device. (In the context of "Don't buy from US companies", i.e. this sub-thread.)

          It was unfortunate that the article mentioned the US-iness of those manufacturers, so I conflated the two sentences and caused confusion.
      • by mikael ( 484 )

        From what I remember, Samsung disk drives didn't implement SMART (Self-Monitoring, Analysis and Reporting Technology)
        It would tell you useful things like how many times your disk drive had been powered up and down, longest seek time, number of bad sectors, highest temperature, longest spin-up time. Just about everything a sys-admin would ever want to know.

        http://en.wikipedia.org/wiki/Comparison_of_S.M.A.R.T._tools [wikipedia.org]

      • by Bert64 ( 520050 )

        Alpha was american too, as is POWER...

        I have tried buying Loongson hardware, but very little of it actually seems to be available... Only some of the older stuff which is probably slower than your POWER and Alpha kit.

    • Re: (Score:2, Interesting)

      by nurb432 ( 527695 )

      Get a clue, its not just the US/NSA that does this. They are just the ones that are getting beat up in the press.

      • by AHuxley ( 892839 )
        For this to work you would need a world wide network for the ability to get your code in and the information out. Very few countries have access to the telco networks globally to do that, to hide and keep upgrades in place.
        Where is the "beat up" in the press? The exploit news? The way it gets in, the data out past firewalls? The ability to get past reinstalls/rebooting?
      • by account_deleted ( 4530225 ) on Sunday December 29, 2013 @11:27AM (#45812043)
        Comment removed based on user account deletion
        • It doesn't matter what they go around shouting; if they do similar things, then they too have problems that need to be fixed.

      • by VortexCortex ( 1117377 ) <VortexCortex AT ... trograde DOT com> on Sunday December 29, 2013 @04:03PM (#45813485)

        Get a clue, its not just the US/NSA that does this. They are just the ones that are getting beat up in the press.

        Yep, it's too bad the NSA doesn't actually protect national security, and is instead just ensuring all the other state sponsored enemy spies can get at more info than a contractor like Snowed did.

        Imagine what it would be like if the government wasn't allowed any secrets or wiretaps. Our public policy would be the same policy we actually furthered around the world -- We wouldn't have to worry about diplomats making secret arms deals behind our backs; If such things were actually required to save lives then we'd understand the circumstance. The only reason we can't trust their actions is because secrets mask their motives, even when they are on the up and up.

        We have amazing spy satellites launched via the biggest rockets in the world already. [youtube.com] They [nro.gov] would simply have more funds to split with NASA and be more benefit to actual security, science, disasters relief, while ensuring no force can make a move against us without us knowing instantly. They could even map submarines from space with ground/water penetrating radar. Better space collaboration would ensure decommissioned tech helps the space exploration initiative. [space.com] No spies can threaten a government without secrets.

        If the NSA were actually protecting the national security of America then they could be tasked with finding all the backdoors in the hardware and software. No one could put backdoors in for fear the NSA would find out, publish it, and ruin their business. Today they stay silent and let the public purchase systems the NSA likely knows have been compromised by enemy spies -- This saves the NSA time: They can just use the existing backdoor instead of put their own in. If the NSA weren't allowed secrets, they'd be eliminating exploits instead of leveraging them and our hardware, firmware, and OS's would be more secure. Eventually other governments would have to start up their own programs of outing intentional exploits just to ensure their people they weren't compromising public security. In addition to the Space Race, we'd have a Privacy Race, where competition would be in building the most secure systems. Public and private sector security experts could be assisted with new tools to show where flaws lie. Security would be a selling point and methods of provable security would be devised (I have done so myself on small scales). Computers and programs have finite state, so provable security is not impossible: Instead of spying the data centers and supercomputers could be tasked with hardening all the hardware and software. People would buy the USA security endorsed systems with pride. We'd have less identity fraud -- one of the most prevalent crimes. Conspiracies could be silenced through truth not ignorance. If we outlawed government secrets and required scientific evidence that their programs were helpful not harmful then we could trust our governments more than any citizens ever could before.

        Sadly, we're too primitive and politically oppressed [wikipedia.org] to apply the simple Scientific Method to governance. None can have assured trust or security from prying eyes because we allow the government to have secrets. That the priority of secrets is valued above security by the spies is obvious and evidenced by the way they compromise security and do not inform the world that we are buying insecure products. They risk spies accessing more than Snowden ever dreamed due to the priority they place on secrecy over security in their digital spying programs. [theatlantic.com] These secret programs aren't getting beat up nearly as bad as they should be in the p

  • by mfh ( 56 )

    I own a Dell system and since purchase, once in a while, the hard drive starts churning. Perhaps this is why.

    Jokes on them, though. I use the system for work and often read the news -- and that's about all I do.

    • How would a disk go about compromising my system? Does it contain a secret radio transponder?
      • Re:Dell (Score:5, Insightful)

        by Anonymous Coward on Sunday December 29, 2013 @10:03AM (#45811585)

        I'm surprised you couldn't come up with at least some possibilities on your own, K. S. Kyosuke. I always thought that you were a smart cookie.

        One obvious one is that the disk's firmware is updated to detect and modify critical Windows executables, DLLs or drivers with some additional code to send out information to remote servers once a network connection is detected, or perhaps to introduce flaws that can be exploited easily. The same could be done for Linux kernel binaries or modules, too, of course.

        Another pretty obvious one is that the disk's firmware alters log files to remove any traces of intrusions, making it appear as though no intrusion has occurred.

        I'm sure there are many, many other ways that I haven't thought of.

        • by Bert64 ( 520050 )

          Modifying OS level files would be defeated by software based disk encryption, as the hdd would have no idea what data it was storing...
          Ofcourse a backdoored HDD could always present the host system with a malicious boot sector, but again this would be defeated by having an unexpected system architecture...

      • randomly sends data to the network card without going through the CPU first.?

        My 2009 macbook randomly wakes up and processes some data for about 5 seconds and shuts off.

        two reinstalls, and I still can't track it down. fortunately I just turn off the wifi when I put the machine to sleep. it still does it, but at least I know it isn't sending anything to anyone.

        • My 2009 macbook randomly wakes up and processes some data for about 5 seconds and shuts off.

          two reinstalls, and I still can't track it down.

          Just watching a little TV while you sleep. You have a problem with that? It works hard for you all day and you're hassling it for getting a little R&R?

        • Re:Dell (Score:5, Insightful)

          by Bert64 ( 520050 ) <bert@NOSpaM.slashdot.firenzee.com> on Sunday December 29, 2013 @12:29PM (#45812337) Homepage

          You sure this isn't an Apple feature called "power nap", the system wakes up and downloads updates, checks for new email etc, then goes back to sleep.

        • Re:Dell (Score:4, Insightful)

          by deconfliction ( 3458895 ) on Sunday December 29, 2013 @12:32PM (#45812367)

          fortunately I just turn off the wifi when I put the machine to sleep. it still does it, but at least I know it isn't sending anything to anyone.

          And you are 'turning off' the wifi exactly how? Disconnecting the antenna, or trusting the software switch? (as opposed to a hardware switch interrupting the power or antenna, wouldn't that be a nice feature...)

      • by AHuxley ( 892839 )
        Its depend if your air gapped or networked. if you are networked, the code enters, easily getting past very expensive 'protective' firewalls and hides deep avoiding any reformatting, reboots.
        Later information is passed back out the now 'open' network as with any malware.
        If your air gapped, physical access might replace a USB cable (keyboard) that RF (transits) the data.
      • Re:Dell (Score:5, Insightful)

        by gweihir ( 88907 ) on Sunday December 29, 2013 @12:18PM (#45812271)

        It can do any number of things, but they have to be pre-arranged, as the disk cannot access main memory. It can, for example, inject code into the boot-loader or compromise known executables. The firmware compromise is not really necessary, but it can help disguising things. For example, with a firmware compromise you can do things like boot-code compromise only if the power went up less than a minute ago or if there was a reset shortly before. Then anybody reading the bootloader to verify it will not see the compromise. A BIOS-attack would be doing something similar, but without the possibility to hide so easily. (If these things become widespread, I will start to verify my BIOS regularly with an SPI adapter. No way to hide from that.

        Full disk encryption with boot from a non-writable medium (kernel and initrd on CD in a non-burner drive, for example) will neutralize a compromised disk firmware pretty effectively or alternatively protect the boot-loader against manipulation. Of course "they" could then try to compromise the CD drive...

        Still, the NSA is not magic. They do not even have the best hackers, just those with the biggest egos ans smallest morals. These tend to be rather mediocre. No, the problem is that PC security sucks badly and that you can break into almost any standard installation if you throw enough money at the problem. My guess would be that even a restrictive firewall configuration on a Linux firewall keeps them out reliably. Of course, if you use Windows, they can just get past that with the update mechanism and with active help from Microsoft...

    • Have you been working in "questionable" things? Have you been reading "improper" news? If you did, they know it.
    • Comment removed based on user account deletion
  • Misleading Summary (Score:5, Informative)

    by the eric conspiracy ( 20178 ) on Sunday December 29, 2013 @09:46AM (#45811491)

    If you actually go to the referenced article and read it you will see that these are exploits, not backdoors, and they apply to equipment from non-US manufacturers as well as from US manufacturers, for example Samsung and Huawei.

    Good job slashdot. NOT. A nice raspberry for Der Spiegel too.

  • by gmuslera ( 3436 ) on Sunday December 29, 2013 @09:51AM (#45811511) Homepage Journal

    Even the delusionals that thinks of this is ok because "it is the NSA after all", it means that more people and agencies have access to those backdoors too, and more chances that it end in the hands of the guys with bad intentions, wherever they are or work for, using them for fun, profit or whatever.

    I wonder what will do companies where their first line of "protection" is tools and hardware from cisco, juniper, dell or IBM (or engineers certified on them), now that is official that they are remote access tools for others, bury their heads on the sand or try something else.

  • by Anonymous Coward

    At earlier convenience we need to tell to IT non-savy senators and congressmen. The backdoor is like an all purpose key. Now all the criminals and agencies will exploit this.

    Such a simple explanation and analogy should be adequate to deliver the point.

  • by sandbagger ( 654585 ) on Sunday December 29, 2013 @09:55AM (#45811541)

    I was working for a software company specializing in network security back in the post 2001 period. I recall that we had more than a few discussions with the unskilled egomaniac in charge of the marketing of that firm that many competitors were using their Canadian branch office addresses 'front and centre' in their marketing to the European market.

    Why? Because one doesn't always want to be perceived as an American.

    The myth of Americans with Canadian flag stickers on their passports is not completely false.

    Well, he was horrified at the notion. In fact, if you want to see how existential angst can be suddenly manifest in someone's behaviour in an unexpected setting, try this. I expect that we'll see more of the same in the next year. Ultimately, countries will roll their own code, and have their own Silicon Valleys because of the national security issue. A few years ago I remember seeing an ad from I believe a Swedish firm selling routers and switches that were 'designed and built' in Europe with each unit only delivered to a physical address in Europe. Does anyone else remember this outfit?

    • by AHuxley ( 892839 )
      Re other countries will roll their own code, and have their own Silicon Valleys because of the national security issue..
      This really depends on the support and power of their top staff and gov.
      The privatised telco networks, domestic and foreign policies, mil, special forces, police, gov (political and bureaucracy), armament manufacturers (exporters) might all have a say in any hardware import policy changes.
      Some might be very beholden to decades of signals intelligence sharing and the hardware/software an
  • BIOS (Score:3, Insightful)

    by Anonymous Coward on Sunday December 29, 2013 @10:06AM (#45811603)

    Looks like this is a loud and clear call for more intensive open source BIOS development.

    • Re:BIOS (Score:4, Insightful)

      by couchslug ( 175151 ) on Sunday December 29, 2013 @11:11AM (#45811945)

      That and for UVPROM BIOS or other flashing method which cannot be done by the PCs own software.

      Remote management = remote exploitation.

      • by gweihir ( 88907 )

        Nonsense. The BIOS malware is just to keep the compromise persistent, i.e. it reduces attacker cost for longer-term surveillance. It only becomes an issue when your system has already been compromised, and that is the real threat.

      • by Agripa ( 139780 )

        PCs and other devices used to include a hardware jumper which had to be switched to allow updating the Flash memory.

  • coin, sides, same (Score:5, Interesting)

    by PopeRatzo ( 965947 ) on Sunday December 29, 2013 @10:06AM (#45811611) Journal

    Don't think for a second that these back-doors that companies put in at the behest of the NSA aren't also being used to the benefit of those companies.

    So, if the NSA were shuttered tomorrow, what makes you think those back-doors are going to go away? How much is it worth to those tech companies to know exactly what their customers are doing? How much is it worth to their institutional shareholders?

    See, the ugliest part of this is that it's a two-headed monster. Fight one head and the other one will come around and bite you. Both government and corporations have come to believe that they are beyond our reach, above reproach and entitled to everything you have.

    • by PPH ( 736903 ) on Sunday December 29, 2013 @11:21AM (#45811999)

      How much is it worth to those tech companies to know exactly what their customers are doing?

      And to the Chinese? Or Russians?

      Snowden may have a guest pass in any one of these countries just to keep information surrounding these capabilities quiet. Russia did say he could stay so long as he quit spilling secrets.

      It might be a mistake to think in terms of a 'them vs us' race. If the NSA says, "Backdoor the chips" to US companies and then shares that information with our 'enemies' in return for their backdoor exploits, that is worth more to all then trying to keep the capabilities to ourselves. They know we do it, we know they do it. But its still useful technology for keeping our respective populations under control. And that's what each of these governments fears more than an attack from the outside. The FBI/CIA/NSA might miss the occasional 9/11 or Boston bombing. But get on Twitter and try to amass public support for a "throw the bums out" movement and see how long that lasts.

    • by 93 Escort Wagon ( 326346 ) on Sunday December 29, 2013 @03:19PM (#45813269)

      Don't think for a second that these back-doors that companies put in at the behest of the NSA aren't also being used to the benefit of those companies.

      Read the article please. The companies didn't do anything (really, you seriously think Huawei or Samsung is providing back doors to the NSA?). The NSA is compromising them the same way other bad guys get in - by finding and exploiting flaws in the OS.

      The few mentions of hardware in the article are things like special monitor cables which would have to be added to a targeted computer by an agent.

    • by WaffleMonster ( 969671 ) on Sunday December 29, 2013 @04:02PM (#45813475)

      Don't think for a second that these back-doors that companies put in at the behest of the NSA aren't also being used to the benefit of those companies.

      There is no evidence from the article we are talking about intentional backdoors created at the request of NSA. Rather the kind of backdoors created by unintentional programming errors where once exploited allows foothold to be maintained by patching firmware of various hardware subsystems.

      So, if the NSA were shuttered tomorrow, what makes you think those back-doors are going to go away? How much is it worth to those tech companies to know exactly what their customers are doing? How much is it worth to their institutional shareholders?

      How much is legal trouble, bad publicity and resulting loss of customers worth to shareholders?

      A (un)intentional backdoor actively exploited to gain market intelligence is a backdoor with high probability of discovery. Likewise any use of covert capability erodes that capability.

  • Coreboot BIOS (Score:5, Interesting)

    by chill ( 34294 ) on Sunday December 29, 2013 @10:14AM (#45811657) Journal

    Unfortunately I don't have the skill set and there doesn't seem to be any other way to support them.

    If you have a machine that supports it, Coreboot could be a very interesting solution. [coreboot.org]

    • Agreed. I use coreboot on all my systems. I put my /boot/ on the firmware, and used a saved configuration so there's no searching for IDEs, etc. at boot. I boot to the login in less than a second.

      I do a little firmware / OS dev of my own. Coreboot is far superior than "Secure Boot". Here's why: An OS must kick off its own crypto chain to verify executables and maintain the security provided by signed boot loader. Instead of having to go into the BIOS and enter some long hex code that you and your user

  • by QuantumRiff ( 120817 ) on Sunday December 29, 2013 @10:21AM (#45811703)

    So all those shows we have mocked, like 24, csi, etc, because their tech "hacks the firewall" in 15 seconds were actually accurate? Crap. That changes some things..

    • by gweihir ( 88907 )

      CSI does not get that stuff. Far too large risk of its existence leaking or it getting sold to the criminals. Also, it would show up in evidence and the capabilities would get known and worthless.

  • De- & Redamaged (Score:5, Interesting)

    by Rotworm ( 649729 ) * on Sunday December 29, 2013 @10:24AM (#45811723) Homepage Journal
    I'm not sure if the NSA seeking to exploit technology is particularly damaging to US firms. The NSA is seeking to exploit all technologies, not just American-based ones.
    I think the part that does damage American firms, was the end of the second article. It read that the NSA has been redirecting the shipping of some computers to their address, installing software or hardware, repacking the device, and shipping it to the purchaser.
    • Why would shipping re-direction be restricted to American hardware? The critical step in the operation is interception of the shipment, which is independent of the hardware manufacturer.

      • It would be resource consuming for the NSA to redirect a computer assembled in Britain and shipped to a Brit, but it would be trivial for the NSA to redirect a computer shipping from America. Therefore, this news is more damaging to US firms.
        • In Britain people buy from British distributors. They don't generally have equipment shipped directly from the US.

          The NSA would have its partner in Britain implant whatever needed.

          Redirection of shipped equipment for the purpose of installing bugs is not new or restricted to IT equipment. It's one of the oldest espionage techniques known.

        • Not a problem. GCHQ will be happy to take care of that for them.
  • Link to the source (Score:4, Informative)

    by anorlunda ( 311253 ) on Sunday December 29, 2013 @12:19PM (#45812277) Homepage

    TFA does not give a link to this so-called catalog. Does anyone here have the link?

  • by Hyperhaplo ( 575219 ) on Monday December 30, 2013 @03:26AM (#45816637)

    Time to support the open router project! If we want to change the world we will need to rebuilt the internet from the ground up.. starting with the devices in our homes.

    http://orp1.com/ [orp1.com]

    A trustworthy, open-source software & hardware router

    ORP1 is a high performance networking router that allows you to run a firewall, IPSec VPN (virtual private network), and a TOR server for your home network. Its easy-to-use web interface will make encrypted and anonymised communications for your entire network easier to set up and manage. Now you don’t need to be a geek to be able to ensure that every device you use at home uses the internet with privacy, whether it’s your home PC, smartphone or tablet.

Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.

Working...