huawei

Scott Helms khelms at zcorum.com
Fri Jun 14 01:57:14 UTC 2013


What you're describing is a command and control channel unless you're
suggesting that the router itself had the capacity to somehow discern
that.   That's the problem with all the pixie dust theories.  The router
can't, it doesn't know who the rebels are much less their net block ahead
of time.  Something has to pass rules to the box to be able trigger off of.
On Jun 13, 2013 9:53 PM, "Michael Thomas" <mike at mtcc.com> wrote:

> On 06/13/2013 06:11 PM, Scott Helms wrote:
>
>>
>> Not at all Michael, but that is a targeted piece of data and that means
>>  a command and control system.  I challenge your imagination to come up
>> with a common scenario where a non targeted "I'm/they're here" that's
>> useful to either the company or the Chinese government keeping in mind that
>> you have no fore knowledge of where these devices might be deployed.
>> Also, no oneseems to want to touch the fact that doing this kind of
>> snooping would be several orders of magnitude easier on laptops and
>> desktops which have been sold by Lenovo for much longer than networking
>> gear by Huawei.
>>
>>
>>
> Non targeted? Why be so narrow? For a targeted use, something that detects,
> oh say, "we [the Syrians] gassed the rebels" in some stream and sends it
> out a
> covert channel  would be very interesting. Remember that vast sums of
> money are
> spent on these intelligence gathering systems. Whether they're targeting
> routers is
> really hard to say -- the attacker has the advantage of knowing what
> they're looking for
> and we don't. So in a router? It may just be opportunistic that they're
> easier or safer
> to penetrate? We really don't know. Things are rarely as they appear on
> the surface.
>
>
> Mike, "I just heard the Syria example from the Newshour as I typed... this
> isn't hard"
>



More information about the NANOG mailing list