[cryptome] Re: Is This a Hoax: Backdoor to Wireless Router

  • From: Peter Presland <peter@xxxxxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Fri, 04 Jul 2014 18:30:59 +0100

I hesitate to jump in on this because I haven't the time for extended
discussion but a couple of points:

1. The document detailing the router backdoor is no hoax. It simply
confirms in clear (to a competent techie) technical language and simple
tests, that later generations of BT routers (and probably most/all other
proprietary ones too by now) do indeed have a backdoor that can be used
(among other things) to route traffic from your computer to an NSA/GCHQ
nominated destination additional to the one you specify with your
browser links clicks, or other clients. What is then done with it is
moot. The additional routing is remote switchable by you-know-who.

2. Todd Judge's suggestion merely allows you to analyse exactly where
the outbound traffic from your router is being sent.

There really is little point in trying to block any 'rogue' outbound
addresses either, because the technique is fast becoming ubiquitous.
What you need to understand, clearly and unambiguously is that there is
no hiding place. If, for whatever reason you become a POI to NSA/GCHQ or
pretty much any law-enforcement agency, then they have the ability to
target, intercept and read everything you do. The best you can do is
maybe make life a little more difficult than automatic dead-easy for
them by using assorted encryption/privatisation techniques; but if they
focus their entire capability at you - well forget it, you may as well
CC them with everything.


On 04/07/2014 17:13, Neal Lamb wrote:
> Nice interview
> http://www.spiegel.de/international/world/interview-with-nsa-experts-on-us-spying-in-germany-a-979215.html
> On Friday, July 4, 2014 6:39 AM, doug <douglasrankine2001@xxxxxxxxxxx>
> wrote:
> Hi Andrew,
> Tx for the information...I had a look at the url you provided> I didn't
> really understand all this techy stuff and it is nice to have it
> explained in a language I can understand.  I have, on a number of
> occasions looked at my router, but I must say, apart from securing it
> with a password and changing the name of the network, I am frightened to
> touch any of the settings in the router in case I screw things up, so I
> leave it at the default position.
> I have a wireless router and a home network, and a number of devices
> such as computers, tablets, mobile phones and a printer and a back up
> disk which are connected to it on occasion.  I understand that the home
> network and the one connected to the ISP are separated by a NAT or
> firewall which is supposed to protect my home network from outside
> intrusion. 
> What would be the benefit of putting in traffic analysis software and
> what kind of software would you recommend, and where would I put it...in
> my computer or on the phone line...In this area we have poor broadband
> width anyway so downloads and uploads are very slow.
> Dougie.
> On 03/07/14 19:34, Andrew Hornback wrote:
>> Ryan,
>> Good points, but I think this might explain part of my tactic -
>> http://www.asante.com/support/routerguide/faqs/hardwared.html
>> Understanding the differences between hubs, switches and routers is
>> paramount to starting to understand TCP/IP...
>> --- A
>> On Thu, Jul 3, 2014 at 4:32 AM, Ryan Carboni <ryacko@xxxxxxxxx
>> <mailto:ryacko@xxxxxxxxx>> wrote:
>>     I don't trust anything I don't understand or could do myself.
>>     I personally would prefer to avoid encryption and maintain
>>     physical security.
>>     On Wed, Jul 2, 2014 at 4:11 PM, Shaun O'Connor
>>     <capricorn8159@xxxxxxxxx <mailto:capricorn8159@xxxxxxxxx>> wrote:
>>         hmmmm interesting yes however some of the links within the
>>         document either lead to a blank page or just time out.
>>         coincidence or otherwise this info and similar has been
>>         popping up within days of me complaining about unexplained
>>         multiple connection drop-outs.
>>         On 02/07/2014 21:16, Andrew Hornback wrote:
>>>         Hoax or not, this is exactly why my home network includes a
>>>         strategically placed hub and a separate system dedicated to
>>>         traffic analysis.
>>>         --- A
>>>         On Wed, Jul 2, 2014 at 3:59 PM, doug
>>>         <douglasrankine2001@xxxxxxxxxxx
>>>         <mailto:douglasrankine2001@xxxxxxxxxxx>> wrote:
>>>             http://cryptome.org/2013/12/Full-Disclosure.pdf

Other related posts: