[cryptome] Re: Is This a Hoax: Backdoor to Wireless Router

  • From: doug <douglasrankine2001@xxxxxxxxxxx>
  • To: cryptome@xxxxxxxxxxxxx
  • Date: Fri, 04 Jul 2014 21:53:54 +0100


Dear Peter,
Tx for that. I won't waste your time. I agree. TAO doesn't need access to a wireless router. It just takes what comes in to the ISP installs what it wants and takes delivery. Anything else is a waste of time, resources and learning processes. Thank you for your contribution. Nice to have ones feelings substantiated. Although, I have to say, that I haven't a clue as to the techy side of it. Interesting that most of the hardware is produced in China...Makes one laugh when one thinks on it.
ATB
Dougie.



On 04/07/14 18:30, Peter Presland wrote:
I hesitate to jump in on this because I haven't the time for extended
discussion but a couple of points:

1. The document detailing the router backdoor is no hoax. It simply
confirms in clear (to a competent techie) technical language and simple
tests, that later generations of BT routers (and probably most/all other
proprietary ones too by now) do indeed have a backdoor that can be used
(among other things) to route traffic from your computer to an NSA/GCHQ
nominated destination additional to the one you specify with your
browser links clicks, or other clients. What is then done with it is
moot. The additional routing is remote switchable by you-know-who.

2. Todd Judge's suggestion merely allows you to analyse exactly where
the outbound traffic from your router is being sent.

There really is little point in trying to block any 'rogue' outbound
addresses either, because the technique is fast becoming ubiquitous.
What you need to understand, clearly and unambiguously is that there is
no hiding place. If, for whatever reason you become a POI to NSA/GCHQ or
pretty much any law-enforcement agency, then they have the ability to
target, intercept and read everything you do. The best you can do is
maybe make life a little more difficult than automatic dead-easy for
them by using assorted encryption/privatisation techniques; but if they
focus their entire capability at you - well forget it, you may as well
CC them with everything.

PeterP

On 04/07/2014 17:13, Neal Lamb wrote:
Nice interview
http://www.spiegel.de/international/world/interview-with-nsa-experts-on-us-spying-in-germany-a-979215.html


On Friday, July 4, 2014 6:39 AM, doug <douglasrankine2001@xxxxxxxxxxx>
wrote:


Hi Andrew,
Tx for the information...I had a look at the url you provided> I didn't
really understand all this techy stuff and it is nice to have it
explained in a language I can understand.  I have, on a number of
occasions looked at my router, but I must say, apart from securing it
with a password and changing the name of the network, I am frightened to
touch any of the settings in the router in case I screw things up, so I
leave it at the default position.

I have a wireless router and a home network, and a number of devices
such as computers, tablets, mobile phones and a printer and a back up
disk which are connected to it on occasion.  I understand that the home
network and the one connected to the ISP are separated by a NAT or
firewall which is supposed to protect my home network from outside
intrusion.

What would be the benefit of putting in traffic analysis software and
what kind of software would you recommend, and where would I put it...in
my computer or on the phone line...In this area we have poor broadband
width anyway so downloads and uploads are very slow.
ATB
Dougie.

On 03/07/14 19:34, Andrew Hornback wrote:
Ryan,

Good points, but I think this might explain part of my tactic -
http://www.asante.com/support/routerguide/faqs/hardwared.html

Understanding the differences between hubs, switches and routers is
paramount to starting to understand TCP/IP...

--- A

On Thu, Jul 3, 2014 at 4:32 AM, Ryan Carboni <ryacko@xxxxxxxxx
<mailto:ryacko@xxxxxxxxx>> wrote:

     I don't trust anything I don't understand or could do myself.

     I personally would prefer to avoid encryption and maintain
     physical security.


     On Wed, Jul 2, 2014 at 4:11 PM, Shaun O'Connor
     <capricorn8159@xxxxxxxxx <mailto:capricorn8159@xxxxxxxxx>> wrote:

         hmmmm interesting yes however some of the links within the
         document either lead to a blank page or just time out.
         coincidence or otherwise this info and similar has been
         popping up within days of me complaining about unexplained
         multiple connection drop-outs.

         On 02/07/2014 21:16, Andrew Hornback wrote:
         Hoax or not, this is exactly why my home network includes a
         strategically placed hub and a separate system dedicated to
         traffic analysis.

         --- A


         On Wed, Jul 2, 2014 at 3:59 PM, doug
         <douglasrankine2001@xxxxxxxxxxx
         <mailto:douglasrankine2001@xxxxxxxxxxx>> wrote:

             http://cryptome.org/2013/12/Full-Disclosure.pdf








Other related posts: