
The Fake Cisco – Hunting for Backdoors in Counterfeit Cisco Devices [pdf] - PatrolX
https://labs.f-secure.com/assets/BlogFiles/2020-07-the-fake-cisco.pdf
======
EvanAnderson
Yesterday's discussion:
[https://news.ycombinator.com/item?id=23843485](https://news.ycombinator.com/item?id=23843485)

------
beams_of_light
Very interesting. Some of it was over my head, but it didn't appear that the
goal was surveillance or circumvention of security measures (aside from
circumventing some boot verification of files). I assume the counterfeiters'
goal is simply to make money. Anyone on the F-Secure team here by chance, and
have a comment on that conclusion?

~~~
alltakendamned
The goal in this particular case was selling counterfeit units. The boot
verification however is a quite serious problem that basically results in
arbitrary code execution, just in this case it was used to bypass software
protections.

------
sneak
tl;dr: no backdoors, but they did have to break the hardware platform
authentication security to run on the counterfeit hardware, which opens a
persistence vector that isn’t there on authentic gear.

Great work!

