Hacker News new | past | comments | ask | show | jobs | submit login
The NSA, CALEA, and the hardware backdoors built into routers (required by law)
36 points by j2d3 on June 11, 2013 | hide | past | favorite | 4 comments
Everyone should read this paper in full "CALEA, Carnivore, and Countermeasures" (2000):


...but not everyone will, so here's an excerpt that relates to what I'm put in the title. The law the excerpt refers to is CALEA (Communications Assistance for Law Enforcement Act), which was passed in the 1990s:

"The law, as interpreted by the FBI, requires all companies providing telecommunications services in the United States to install remote control ports on their routers which allow law enforcement, acting autonomously and remotely (though theoretically only on a warrant) to easily extract any conversation in it’s entirety, up to 1% of the hub’s total traffic simultaneously. This capability must have been implemented by 1998, unless a waver until 10/24/2000 was granted. Given a large installed base of equipment, there was a controversial element of cost involved. The FBI played down the cost, asking congress to allocate $500 million. The FBI admits now that the cost may be 4-8 times that high. Industry estimates the cost at $10 Billion. Congress was convinced to allocate the original FBI estimate out of tax revenues, meaning the cost of implementation is borne by taxpayers. The difference in implementation cost is borne by customers of communication services."

Imagine how far things have come in the past 15 or so years.

To imagine that the US has anything less than the full capability to record and data-mine practically every electronically mediated communication is naive.

PS - an interesting post from slashdot 2010 about this topic:


quartertime writes "Remember Reflections on Trusting Trust, the classic paper describing how to hide a nearly undetectable backdoor inside the C compiler? Here's an interesting piece about how to hide a nearly undetectable backdoor inside hardware. The post describes how to install a backdoor in the expansion ROM of a PCI card, which during the boot process patches the BIOS to patch grub to patch the kernel to give the controller remote root access. Because the backdoor is actually housed in the hardware, even if the victim reinstalls the operating system from a CD, they won't clear out the backdoor. I wonder whether China, with its dominant position in the computer hardware assembly business, has already used this technique for espionage. This perhaps explains why the NSA has its own chip fabrication plant."

I was fist told about this backdoor by an ex employee of Cisco in 1997.

Yeah, I worked at an ISP in 1998 and was told of the request / demand that we install Carnivore. Since then I've understood that everything is being recorded, but I've just carried on with everyone else with a kind of sad, resigned, "oh well" attitude... and have taken comfort in the fact that we're ALL subject to this, so - at least things are somewhat leveled out. Resistance seems futile.

I guess any customer using US Equipment in any part of the world is also accessible, even without a local law supporting it?

Interestingly I managed to discover a Huawei trojan that installed itself without me granting permission via a hotel router. It wasn't particularly well built back in the day which made it easy-ish to identify.

Makes me wonder where China is going with all the deals Huawei is making with Govts across the world too.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact