Home page logo

nanog logo nanog mailing list archives

Re: huawei
From: Scott Helms <khelms () zcorum com>
Date: Thu, 13 Jun 2013 21:57:14 -0400

What you're describing is a command and control channel unless you're
suggesting that the router itself had the capacity to somehow discern
that.   That's the problem with all the pixie dust theories.  The router
can't, it doesn't know who the rebels are much less their net block ahead
of time.  Something has to pass rules to the box to be able trigger off of.
On Jun 13, 2013 9:53 PM, "Michael Thomas" <mike () mtcc com> wrote:

On 06/13/2013 06:11 PM, Scott Helms wrote:

Not at all Michael, but that is a targeted piece of data and that means
 a command and control system.  I challenge your imagination to come up
with a common scenario where a non targeted "I'm/they're here" that's
useful to either the company or the Chinese government keeping in mind that
you have no fore knowledge of where these devices might be deployed.
Also, no oneseems to want to touch the fact that doing this kind of
snooping would be several orders of magnitude easier on laptops and
desktops which have been sold by Lenovo for much longer than networking
gear by Huawei.

Non targeted? Why be so narrow? For a targeted use, something that detects,
oh say, "we [the Syrians] gassed the rebels" in some stream and sends it
out a
covert channel  would be very interesting. Remember that vast sums of
money are
spent on these intelligence gathering systems. Whether they're targeting
routers is
really hard to say -- the attacker has the advantage of knowing what
they're looking for
and we don't. So in a router? It may just be opportunistic that they're
easier or safer
to penetrate? We really don't know. Things are rarely as they appear on
the surface.

Mike, "I just heard the Syria example from the Newshour as I typed... this
isn't hard"

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]