[cryptome] Re: Is This a Hoax: Backdoor to Wireless Router
- From: John Young <jya@xxxxxxxxxxxx>
- To: cryptome@xxxxxxxxxxxxx
- Date: Fri, 04 Jul 2014 15:30:34 -0400
Peter's assessment of ubiquitous spying is correct. And it may be
impossible for most of us to do more than be careful in accepting
recommendations for the counterspying industry and experts.
Beyond this rueful caution, lies the persistent work of those uniquely
capable of counterspying the best in the world, that is, other spies,
whether official, commercial, institutional, individual, or combinations
of these.
Ubiquitious spying may be as old as humanity, if not animality,
but so is counterspying required to survive. Indeed some wizards
claim counterspying is older than spying, and, happily, most often
prevails by refusing to brag about its prowess and thereby leaking
weaknesses, the first being braggardy, the second vanity, the
the third mendacity, the fourth venality, the fifth vulnerability
of flesh, the sixth amibition, the seventh cowardice, the eighth
stupidity, the ninth, well, there is a long list of why spying fails
and counterspying does too when it emulates spying's habitual
love of triumph by any means necessary, even if suicidal.
In short, spying fails because it lacks a moral gyroscope and can
be defeated by careful study of its unstable wobble.
Technology of spying is hardly infallible, may be its Achilles
Heel due to over-reliance and compensation for its inadequacy
by public relations, disinfo, orchestrated leaks, compromising
technologists and the all time human favorite, lying.
A fair amount of lying is involved in the Snowden affair by all
parties as befits authoritarian spying, that is, the combination
of spying, media, the Internet, secrecy -- entertainment inherent
in national security posturing.
Hoaxing and backdoors are meta ubiquitous.
At 01:30 PM 7/4/2014, you wrote:
I hesitate to jump in on this because I haven't the time for extended
discussion but a couple of points:
1. The document detailing the router backdoor is no hoax. It simply
confirms in clear (to a competent techie) technical language and simple
tests, that later generations of BT routers (and probably most/all other
proprietary ones too by now) do indeed have a backdoor that can be used
(among other things) to route traffic from your computer to an NSA/GCHQ
nominated destination additional to the one you specify with your
browser links clicks, or other clients. What is then done with it is
moot. The additional routing is remote switchable by you-know-who.
2. Todd Judge's suggestion merely allows you to analyse exactly where
the outbound traffic from your router is being sent.
There really is little point in trying to block any 'rogue' outbound
addresses either, because the technique is fast becoming ubiquitous.
What you need to understand, clearly and unambiguously is that there is
no hiding place. If, for whatever reason you become a POI to NSA/GCHQ or
pretty much any law-enforcement agency, then they have the ability to
target, intercept and read everything you do. The best you can do is
maybe make life a little more difficult than automatic dead-easy for
them by using assorted encryption/privatisation techniques; but if they
focus their entire capability at you - well forget it, you may as well
CC them with everything.
PeterP
On 04/07/2014 17:13, Neal Lamb wrote:
> Nice interview
>
http://www.spiegel.de/international/world/interview-with-nsa-experts-on-us-spying-in-germany-a-979215.html
>
>
> On Friday, July 4, 2014 6:39 AM, doug <douglasrankine2001@xxxxxxxxxxx>
> wrote:
>
>
> Hi Andrew,
> Tx for the information...I had a look at the url you provided> I didn't
> really understand all this techy stuff and it is nice to have it
> explained in a language I can understand. I have, on a number of
> occasions looked at my router, but I must say, apart from securing it
> with a password and changing the name of the network, I am frightened to
> touch any of the settings in the router in case I screw things up, so I
> leave it at the default position.
>
> I have a wireless router and a home network, and a number of devices
> such as computers, tablets, mobile phones and a printer and a back up
> disk which are connected to it on occasion. I understand that the home
> network and the one connected to the ISP are separated by a NAT or
> firewall which is supposed to protect my home network from outside
> intrusion.
>
> What would be the benefit of putting in traffic analysis software and
> what kind of software would you recommend, and where would I put it...in
> my computer or on the phone line...In this area we have poor broadband
> width anyway so downloads and uploads are very slow.
> ATB
> Dougie.
>
> On 03/07/14 19:34, Andrew Hornback wrote:
>> Ryan,
>>
>> Good points, but I think this might explain part of my tactic -
>> http://www.asante.com/support/routerguide/faqs/hardwared.html
>>
>> Understanding the differences between hubs, switches and routers is
>> paramount to starting to understand TCP/IP...
>>
>> --- A
>>
>> On Thu, Jul 3, 2014 at 4:32 AM, Ryan Carboni <ryacko@xxxxxxxxx
>> <mailto:ryacko@xxxxxxxxx>> wrote:
>>
>> I don't trust anything I don't understand or could do myself.
>>
>> I personally would prefer to avoid encryption and maintain
>> physical security.
>>
>>
>> On Wed, Jul 2, 2014 at 4:11 PM, Shaun O'Connor
>> <capricorn8159@xxxxxxxxx <mailto:capricorn8159@xxxxxxxxx>> wrote:
>>
>> hmmmm interesting yes however some of the links within the
>> document either lead to a blank page or just time out.
>> coincidence or otherwise this info and similar has been
>> popping up within days of me complaining about unexplained
>> multiple connection drop-outs.
>>
>> On 02/07/2014 21:16, Andrew Hornback wrote:
>>> Hoax or not, this is exactly why my home network includes a
>>> strategically placed hub and a separate system dedicated to
>>> traffic analysis.
>>>
>>> --- A
>>>
>>>
>>> On Wed, Jul 2, 2014 at 3:59 PM, doug
>>> <douglasrankine2001@xxxxxxxxxxx
>>> <mailto:douglasrankine2001@xxxxxxxxxxx>> wrote:
>>>
>>> http://cryptome.org/2013/12/Full-Disclosure.pdf
>>>
>>
>>
>
>
>
Other related posts:
