Flutterby™! : NSA interceptions of hard goods

Next unread comment / Catchup all unread comments User Account Info | Logout | XML/Pilot/etc versions | Long version (with comments) | Weblog archives | Site Map | | Browse Topics

NSA interceptions of hard goods

2013-12-30 17:13:34.471999+00 by Dan Lyke 8 comments

Reminder: Always re-install your own operating system from scratch on new hardware that you buy. I don't know what we're going to do about BIOS exploits, though. NSA is intercepting laptops ordered online and installing spyware on them.

The latest report, this time via Der Spiegel and based on internal NSA documents, reveals that the NSA, in conjunction with the CIA and FBI, has begun intercepting laptops purchased online in order to install (quite literal) spyware and even hardware on the machines. The NSA terms this “interdiction.” Agents divert shipments to secret warehouses, carefully open the packages, install the software and/or hardware, and send them on their way.

[ related topics: Invention and Design ]

comments in ascending chronological order (reverse):

#Comment Re: made: 2013-12-30 17:55:22.099999+00 by: Jack William Bell [edit history]

It's a losing battle. You could build your own computer from raw chips; but how do you know the micro- code on the CPU or the bus controller isn't compromised?

The only answer to this is trust. You have to trust that the manufacturer is not screwing you. If there was any trust in that before, the NSA has blown it away like laundry in a hurricane.

I really, really, do not want to admit that David Brin was right. Really. Do. Not.

#Comment Re: made: 2013-12-30 18:19:25.6706+00 by: Jack William Bell

To follow up to my own comment . . .

Even if you could trust the hardware, you still haven't solved the "Trusting Trust" problem. The truth is, we've known about these dangers for years. We just didn't see any major fallout. So we crossed our fingers and kept our mouths shut and hoped for the best.

We were wrong.

I see only one possible fix: a trusted computing consortium. It could have no sponsorship from or board positions to governments or vendors. It would have to be international in scope. The output would consist of hardware and software designs (including chip layouts and FPGA code) that were known to be safe and which could be cheaply licensed but, more importantly, could only be produced under careful screening procedures (which would cost a lot more money).

The software would be a stack, on the bottom of which would be a table-driven assembler that can be hand-compiled into machine code. Only if you build the entire stack from bottom to top, with intermediate level verifications by hand, would you know it was trustable.

And even then I wouldn't trust it. Not anymore.

#Comment Re: made: 2013-12-30 20:02:27.91735+00 by: Dan Lyke

Just wrote some longer ramblings on this, but on Friday I discovered that Android apps can't be trusted. And given that Android apps usually have free run of a lot of services, this means that Android devices can't really be trusted. Even if you're running the Open Whisper Systems suite.

And, of course, even if you trust Android underneath all of this.

#Comment Re: made: 2013-12-30 22:04:59.70138+00 by: Jack William Bell

Or trust the hardware and firmware Android is running on. Or trust every router between you and every network connection you make. Or . . .

Once trust is gone it can be very difficult to regain. Fixing the network trust issue alone might require re- thinking all seven layers of the OSI model. Or maybe we can implement end-to-end encryption over TOR and call it good.

Trust. I'm thinking now the NSA is like having a junkie brother in law. Sure, he says he's off the data for good. But are you gonna trust him alone in your house when there's a pawn shop down the road?

#Comment Re: made: 2013-12-31 11:18:10.500894+00 by: DaveP

The other thing you can do when ordering hardware on-line is to use the same precautions people used when shipping illicit substances back in the day. Always get next-morning delivery and if the package doesn't arrive on time, refuse delivery because it may have been intercepted somewhere along the way.

I wouldn't expect the tracking to show "NSA Warehouse," but they're going to have to be much more organized than most government agencies are capable of in order to intercept and install malware in a package and still get it delivered next morning. Maybe they're capable of that already, but it at least raises the bar.

#Comment Re: made: 2013-12-31 15:57:57.340103+00 by: meuon

I had an opportunity to take a picture of something last week, with my smart phone, that I just didn't think should be auto-backed up by Google from my phone.. because two many other people would then have access to that picture.

Point blank, I don't trust my phone (Android on a Note 3) or things it has access to at all. It keeps me from using it for buying things, accessing banking info, etc.. etc..

Sadly, as I look around, especially after watching this excellent Chaos presentation there is not much I can trust.

#Comment Re: made: 2013-12-31 16:12:04.990828+00 by: Larry Burton

There is nothing that can be completely trusted but there has to be some level of trust somewhere or you might as well move to some mountain top and depend only on yourself for all of your needs. Don't look at it so much as trust but as risk.

#Comment Re: made: 2013-12-31 21:13:59.775713+00 by: Jack William Bell

Larry; I've already moved into the mountains. Not because paranoid; because love mountains.

Still I think all trust is now gone for anyone paying attention to this shit. The thing is, the NSA does not have a monopoly on smart hackers! Thanks to Edward Snowden we KNOW (rather than simply suspect) what the NSA has done. We don't know what other nation-state and criminal org actors have been up to, but the starting assumption is they are at least as busy as the NSA. (Level of success may be lower due to less ability to twist corporate arms, except in China.)

This means you cannot trust any device with a CPU in it. Not even your thermostat or a traffic signal. This is the new starting condition.

Your comment about trust and risk is apropos, but I don't want to have to figure out how much risk a new car or a new cell phone represents. Trust let's you step back from doing that math and get on with other things; that is why trust is important.

Plus there is the other side of the coin: if every product made in the US represents a known risk of some kind, how long before no one wants US made products? (Including our software?) Commerce is really nothing but applied risk analysis and arbitrage where you think your calculations are better than the competition.