Cisco Complains To Obama About NSA Adding Spyware To Routers

pdclarry (175918) writes "Glenn Greenwald's book No Place to Hide reveals that the NSA intercepts shipments of networking gear destined for overseas and adds spyware. Cisco has responded by asking the President to intervene and stop this practice, as it has severely hurt their non-U.S. business, with shipments to other countries falling from 7% for emerging countries to over 25% for Brazil and Russia."

Re:Why bother with tricks?

[CrimsonAvenger]

Why does NSA have to do this? Can't they just order Cisco to install this in their factory?

Actually, no. They can ASK Cisco to do this, but they have no legal power to order them to do this.

Now, they may quietly PRETEND they have the legal power to order this, and phrase their request as an order. But they really can't do much if Cisco ignores them.

Re:Hypocritical

[Scutter]

The NSA has not been caught red-handed, either. The article even points out that the pictures have not been independently verified.

What a freak show

[ruir]

It is rather obvious Cisco and Microsoft have backdoors. This seems like a political show because coming to the media saying "We dont have any backdoors" would not be politically correct. Any foreign government that uses this equipment is just dumb at best.

Re:Hey Obama

[ShanghaiBill]

they BOUGHT the congress, so they could have the tax code changed so they could legally shift their share of tax responsibility to others?

Except that is not what happened. America is the only country in the world that taxes extraterritorial income, payable upon repatriation of the profits. Corporations have been lobbying for years to have this changed, rightfully pointing out that it pushes both profits and jobs overseas while collecting very little tax revenue. If we made some sensible reforms, the corporate tax rates would be lower, but amount actually collected would be higher. Cisco, along with many other corporations, support these reforms. But, in the meantime, it is silly to criticize them for following the current rules. The current idiotic tax regime is due to dysfunctional politics, not "corporate lobbying".

Re:The GOP are going to have a meltdown

[hsmith]

I am unsure if you realize this, but for the last 6 years Obama has been President, with the democrats owning the Senate since well before that.

The biggest people complaining about this seem to be Rand Paul and sadly only a few others. Meanwhile the stupid and annoying cunts Barbara Boxer and Nancy Pelosi circle jerk around how we need this surveillance state.

Re:Why bother with tricks?

[kilfarsnar]

What in the patriot act gives them this power?

You don't need the power officially. They have ways of getting what they want.

[Quest's CEO] says he refused to cooperate based on advice from his lawyers that such an action would be illegal, as the NSA would not go through the normal process of asking the Foreign Intelligence Surveillance Court for a subpoena. About this time, he says the company’s ability to win unrelated government contracts - something it did not have trouble with before the NSA meeting - slowed significantly.

And here [dailycaller.com]

I'm not saying anything in particular about Cisco's vulnerability to pressure from the NSA. I'm just saying they don't necessarily need explicit legal power to get what they want.

Re:Why bother with tricks?

[AHuxley]

They should have known. The ideas behind Project SHAMROCK and https://en.wikipedia.org/wiki/... [wikipedia.org] should have been a hint.
The Martin and Mitchell defection in 1960 did offer the hint 'intercepting and deciphering the secret communications of its own allies"
https://en.wikipedia.org/wiki/... [wikipedia.org]
There where a few magazine and books over the 1970-80's that also offered a view of global telco reach, indexing, storage and tracking under ECHELON.
Copper, optical it all has to move via some nations backhaul... that so cheap peering loop
The reading back to the press of embassy traffic sent on trusted crypto should have been a hint.
So "anyone else was ever going to know" seems to be a lot of nations where happy to see their telco systems entire output shared with 5 other nations (and a few others) for decades in some form as part of a mil deal.

Re:Why bother with tricks?

[bill_mcgonigle]

Alas, ignoring them doesn't actually get you in trouble.

Yeah, right.

Joseph Nacchio [foxbusiness.com].

Three Felonies a Day [amazon.com].

DIY routers looking better all the time

[Mark of the North]

Putting open source routing software on a rack-mount PC equipped with a few NICs is looking better all the time. Since the open source routing software solutions are getting quite good, this is doable. I did it and wouldn't go back:

About three years ago I noticed that our Cisco routers were a bottle-neck, worryingly old, and I was the only member of my staff comfortable with their CLI. We definitely did not have the budget to buy new Cisco routers, so I looked into HP and D-Link layer-3 switches. They were still too expensive. We used OpenWRT on some wireless routers, so the idea of using open source routing software was not new to us. Tested using plain Linux as a router. That worked, but was (way) over my staff's head. Tried Vyatta on the same hardware. At that time Vyatta's web-interface was a joke, making it no better than plain Linux for our purposes. (The web-interface may have improved since then and as a virtual router in a VM environment, Vyatta looks quite good.) Untangle was decent, but all of the interesting features had to be bought, which nullifies most of the advantages of it being open source. Heard about pfSense on the Linux Action Show and gave it a try.

Testing pfSense and learning its feature-set convinced us that it could do everything we needed (NAT, routing/firewalling between VLANs and the outside world) as well as do some other nice tricks (VPN concentrator, web caching/filtering, nice graphs of important stats, logging web usage, acting as a DHCP and DNS server, etc.). Basically, pfSense does everything that OpenWRT does and more since it expects to be run on more powerful standard hardware. Since it runs on standard hardware, the community isn't as fragmented as with OpenWRT, and more of pfSense's users are applying it in a professional environment, so the community support is quite good. The paid support is excellent. Being able to replace a failing router or NIC with something we had on the shelf is nice too.

So we had an open source routing solution that fit our needs, and much better than Cisco's offerings. But shifting all of our routing from Cisco to pfSense was a bold move. The Huawei story was the clincher for us. If Huawei did it, Cisco could too. That realization lead to my decision to always use an open source solution on network edge devices. This story seems to support that decision.

Well it's a good thing....

[ogdenk]

Instead of buying backdoored equipment that's been tampered with by NSA employees, I replaced a $6,000 Cisco AVA box with a 1U dual-core atom box running pfSense for about a grand. I've also reflashed the various WRT-series routers in the field with DD-WRT. ....And now our official new IT policy is "thou shalt not buy Cisco/Linksys gear".

Way to go NSA, you sank what little remains of the US tech industry. And it's not Snowden's fault in the least for revealing the crimes and assault on our liberty at the hands of the NSA. It's the NSA's fault for committing the serious crimes against their own people in the first place. They should be shut down, tarred, feathered and put on trial for becoming domestic terrorists. Don't tread on me.

Re:Don't complain. Sue.

[Mitreya]

Don't complain. Sue.

"State secrets".
Allowing the lawsuit to proceed will expose state secrets and undermine the all-important War on Terror.
Next suggestion?

Someday when Lord Christ Obama is President

[gelfling]

He can fix all the things.