
Halluxwater: NSA Exploit of the Day - zmh
https://www.schneier.com/blog/archives/2014/01/halluxwater_nsa.html
======
timsally
This article states the NSA developed an exploit for a product made by a
Chinese networking and telecommunications firm. Honest question for HN readers
inside the US: does anyone seriously have a problem with this? In my mind it
falls squarely within the NSA's mission, i.e. this is we pay them to do!
Question for HN readers outside the US: can you credibly claim your
intelligence agencies aren't trying to do the same thing?

For those thinking about whether such things could be used inside the United
States. Of course they can. So can all the equipment and weapons the military
buys. And it's happened before! The gun in the Fort Hood shootings was bought
and paid for by US tax dollars and it was used to kill a civilian. So this
raises the question, is the military to be trusted with weaponry it needs for
its defense mission even though they could be used in the US? Similarly, is
the NSA to be trusted with exploits it needs for its SIGINT mission?
Interesting question. An infantryman could go rogue at any time and use his
service weapon against US citizens and someone at the NSA could use an exploit
for personal gain, but on the whole I believe the system accounts for these
possibilities in a reasonable and controlled way.

If this information is true, it seems a little crazy to me to be propagating
it since there isn't really a domestic/whistleblower angle. At least, no more
of a domestic angle than the military developing a new missile. Some of
Snowden's disclosures are responsible for starting a productive civil
liberties debate in the United States, there's no denying that. But these
disclosures are ones of a different color in my opinion.

~~~
ekianjo
Are you serious when making this comment ? "does anyone seriously have a
problem with this? In my mind it falls squarely within the NSA's mission, i.e.
this is we pay them to do!"

So, I guess you are fine the US Military keeping and maintaining ready-to-
fire, nuclear weapons, at pointed targets all around the world, just because
"they are paid to do so" ? With this kind of logic we will never get rid of
the nuclear deterrence theory, and we'll keep that shadow over our heads until
someone actually pulls the trigger one day. But it's ok, because "they are
paid to do so" ?

~~~
timsally
In the US "what we pay them to do" is vernacular for "it's their assigned job"
or "it's what we asked them to do". I admit it's a bit of a weird phrase but
its not actually referring to money. To your point: if the claim is that we're
asking our military or our intelligence agencies to do things that aren't
effective, then let's have that debate. Nuclear force reduction and end
illegal surveillance? Sure. Nuclear disarmament and shutting down our SIGINT
mission? Not so much.

~~~
fulafel
"I was just following orders" is a discredited defense in war crime trials.

~~~
Cthulhu_
This is why the people responsible (i.e. commanding officers, if the war crime
was under orders) are tried, and the people committing them have to deal with
processing it.

~~~
Zigurd
Several thousand Japanese soldiers, the vast majority of which were not
command staff, were tried for war crimes. About 1000 were sentenced to hang,
and many more were sentenced to life in prison or long prison terms.

------
rurounijones
Well the US govt has been saying that Huawei kit could not be trusted... I
guess they were right...

------
jevinskie
Does anyone know the process that took this leak from the Snowden dumps to
Schneier's site? Did Schneier seek consensus from the the other recipients
that he should release this particular information? Did Schneier unilaterally
decide to release this?

Regarding the article, I think it is fascinating proof of the lengths that
state-level actors will go through to backdoor their targets.

~~~
e28eta
[https://www.schneier.com/blog/archives/2013/12/more_about_th...](https://www.schneier.com/blog/archives/2013/12/more_about_the.html)

He's been linking to the leaked catalog entries.

------
Zarathust
So you need access to the router first with enough power to force a firmware
update. What would surprise me is if there are vendors immune from this kind
of APT. Given the money and talent invested in those hacks, bricking a whole
cargo container of router doesn't seem out of reach, dissolving it in acid or
other potentially destructive reverse engineering.

If they own the vendor source code then it is even easier, but the mere fact
that it is a router/firewall and not an off the shelf Dell pc is of little
importance.

------
higherpurpose
Sounds like typical NSA/US gov modus operandi: accuse others of stuff they're
already doing.

~~~
willvarfar
Or perhaps the NSA _know_ China's doing in it, on account of how effectively
they have infiltrated huawei?

------
zmh
The picture:

[http://leaksource.files.wordpress.com/2013/12/nsa-ant-
hallux...](http://leaksource.files.wordpress.com/2013/12/nsa-ant-
halluxwater.jpg)

~~~
jevinskie
That is a somewhat confusing picture. It seems to imply that the CPU loads the
OS and the OS loads the BIOS!

------
joshwa
Worth browsing the whole "catalog":

[http://leaksource.wordpress.com/2013/12/30/nsas-ant-
division...](http://leaksource.wordpress.com/2013/12/30/nsas-ant-division-
catalog-of-exploits-for-nearly-every-major-software-hardware-firmware/)

------
atmosx
So if you are a company in need of some security, you'd better of with some
open source alternative (i.e. Linux/*BSD?

------
pistle
NSA logos are horrible.

