I know it is not perfect (you still have to trust the AMD chips and so forth) but it seems a lot better than just buying a linksys and hoping it works with OpenWRT.
Since the “detection” I’m referring to is already extremely difficult before the chip even leaves the legitimate chip manufacturer’s facility, what hope could someone have of opening a modern IXP-scale router and determining if any of the zillion chips inside has been trojaned by double-0-mailman?
How do your comments in this thread relate to the fact that nothing can ever be perfect, and different degrees of sophistication in security can only ever reduce the probability of an attacker's success, or the percentage of attackers that make it through everything?
Take DHKE. It "defends" against MITM. But it doesn't strictly prevent it. An attacker could perform the protocol with both Alice and Bob separately, then guard the line and tamper with any communications on that channel that attempt to confirm the shared secret. The attacker couldn't win against a determined Alice and Bob, though, because A&B could theoretically use other channels, or even publicly broadcast some confirmation of the shared secret. So the smart attacker is "probably discouraged" from the noisy MITM.
But how many key exchange implementations actually use separate (availability ensuring) channels to confirm no one is in the middle? It's prohibitively expensive to verify no one's attacking something that no one ever attacks.
But then again, things no defender verifies are attractive to attackers. And some attackers are willing to get noticed 9 times out of 10 to land the one payout. "Tolerance for getting caught" is not always zero, that's another variable that complicates our Nash equilibrium here...
On the one hand, yes: keeping security out of the middle of the network and pushing it to the endpoints is something that The End To End Argument In System Design predicted several decades ago, and is (to my eyes) clearly the right design principle for this problem.
On the other hand, the endpoints doing the encryption are also going to be COTS equipment sourced from major industrial centers and acquired at a scale that probably precludes individual hardware verification, at least at the price point that enables their widespread deployment today.
Adding unique delay variance patterns for packets from a specific set of packets (source address, payload type etc). This makes it easier to detect and follow interesting traffic.
You can also copy certain packets, divert packets, inducer errors (to cause resend that in turn triggers repetitions in higher layers that might be usable for info leakage from the protection mechanism.
The router really is your friendly, silent mitm helper gnome.
Of course not. Just a small handful of people would have to scrutinize it and keep up a credible threat of catching out any skullduggery. These things are mass produced. The efficiency benefits of design-once/copy-many also translate into audit-once/benefit-many.
NSA has a program of intercepting shipments to targets and silently replacing the gear with identical (but backdoored) equipment. There's even a catalog of the equipment they have ready-made replacements for and a price sheet (presumably for internal cost accounting) that leaked a few months ago.
Like many private-sector security consulting companies, they also do security research - looking for vulnerabilities accidentally left behind by naive programmers. They leaked a catalog of exploits written for vulnerabilities discovered (or bought) but not disclosed. Failure to disclose these is a violation of its mission to protect the security of US infrastructure, but I can't say I'm surprised that an intelligence agency that pays hackers has some exploits to show for it.
Aside from doubt cast onto the validity of NSA's advice on cryptography standards, there is not evidence that NSA actually introduces backdoors into the design of mass-produced products.
If you're not interesting enough for the NSA to physically intercept your package from, say, Cisco, (or, for the more cynical, ask Cisco to put the "special" version of IOS on your router) your inspection of the gear says nothing about what's running on an apparently identical unit headed for a foreign government.
Granted, "only" targeting a handful communications companies may well give them access to most of the world's communications, but this "NSA is deliberately backdooring everything" business is vastly exaggerated from the evidence.
I'm well aware of the program you're refering to. Have you seen some of the unit costs? That doesn't even include operating costs. The US is already near-bankrupt! Intercepting shipments with look-alike models doesn't really scale to mass surveillance, which is kind of a key point.
With a router on a key network segment, you're bulk-exploiting a large sector of the population (though there may be other means of doing this).
Generally, device interdiction doesn't scale, it's the sort of targeted surveillance Schneier more-or-less is supportive of.
Stating that "...you'd still need to inspect the hardware/software as shipped..." seems to suggest that it's necessary to check each and every unit of a given design. I was just addressing that part of the parent comment directly, along with it's general bias towards what can't be done as opposed to what can.
I wasn't trying to suggest that open codebases are a silver bullet -- but you can improve something without having a complete and comprehensive solution.
OR we might want to go back to shopping anonymously "offline", hoping that the NSA will not bother backdooring every device on the market.
There's some research  into using authenticated, encrypted bitstreams, but even if the implementation matches the theory (and after all, it's crypto, we know how that goes...) this only reaches the same level of security as a fixed-configuration ASIC, since FPGAs are vulnerable to the same nefarious fab attacks as ASICs.
Also, just transitioning to a more open process with an open codebase has the effect of "keeping them honest". Once the code is out there, they have no way of knowing who might be scrutinizing it and have no chance to retroactively cover something up.
This is why it's such a big deal when companies make a commitment to openness (the real kind -- not the buzzword kind). It's a statement of being willing to forego most of the dirty tactics that being closed source allows and to playing a fair(er) game.
The topic keeps coming up from time to time to time, since it's not a straightforward thing to fix, but only manifests itself with publicity. I've written a few comments before as to what I see are some of ultimate contours:
Just not always particularly pragmatic. Or agreeable.
He knows exactly what he's doing when he takes a hard line. Being weak-spirited and compromising isn't a very good way to get noticed.
How would 'open source' protect you from this? If the 'stuff' is firmware, then reflashing your own firmware after you get the device would protect you from it, but it doesn't particularly matter if the firmware you flash is open source or not. If the 'stuff' is hardware, then only someone inspecting the insides who's qualified to detect such hardware would protect you, and it's still got not much to do with open source.
Some linux distributions, for instance, try very hard to only every download source from the internet, and compile it locally. This is very slow (some things can take a very long time to compile).
Gentoo is one such distribution.
Hardware based rootkits can do pretty much everything to an OS running on that, and be undetectable from that OS.
Is there a country small enough without a world domination agenda, yet large enough to not be swayed by bullying from U.S, China etc.? It's time to start a router manufacturing business there...
The takeaway from Snowden's revelations shouldn't be that we need a sacrosanct place for trustable manufacturing / hosting / development. It's that all of these "hypothetical" subversions are actually continually taking place on an institutionalized scale by many parties, and to have any hope of having anything ever being autonomously secure (rather than ultimately ruled by informational superemperors), we really need to get serious about stomping out reliance on centralized authority/closed source/trusted hardware/etc.
That way, you can count that any traffic is known to them all, and thus avoid surprise.
So not only routers.
"Contrived computer chips found their way into
Soviet military equipment, flawed turbines were installed on a gas pipeline, and defective plans disrupted the output of chemical plants and a tractor factory."
That probably means the NSA and other US intelligence and military are so far in the Germans' pants it's really not possible for the Germans to have meaningful autonomy.
Even nominally neutral Austria is a wholly owned subsidiary: http://www.ceiberweiber.at/index.php?type=review&area=1&p=ar...
You could also install their RouterOS on an old PC of yours however you won't have too much fancy hardware acceleration. Should be fine for home use though.
Labor is crazy expensive there though.
Or install pfsense on an old PC and hope for the best
One can dream.
Though not technically behind the iron curtain, Finland was largely a Soviet client from the end of WWII.
Subtract the time Finland spent under Soviet domination, and then subtract its years in the EU, and Finland has only been a truly independent actor from 1917-1939 and then from 1991-1995.
I pointed out that Finland is in a more precarious position than people realize.
> Yet what the NSA's documents show is that Americans have been engaged in precisely the activity that the US accused the Chinese of doing.
Only points to the generic page http://www.theguardian.com/world/the-nsa-files
Couldn't he be more specific?
We learned last year that the NSA has an "interdiction" operation to intercept hardware en route to its destination and install monitoring devices or malware.
For example, here's a Der Spiegel article from December 2013 :
If a target person, agency or company orders a new computer or related
accessories, for example, TAO can divert the shipping delivery
to its own secret workshops. The NSA calls this method interdiction.
At these so-called "load stations," agents carefully open the package
in order to load malware onto the electronics, or even install hardware
components that can provide backdoor access for the intelligence
Remember that airgapped, inside a Faraday cage computer deep in the vault in Mission Impossible where that analyst was typing a report? They really have those buried away for the Uber Top Secret, don't give this to Russia/China stuff.
So, if even the spy agencies don't trust anything here at home, you think they might know something we don't. Trust nothing, it's all already compromised, seriously.
You have programs executing code compiled by other programs on top of programs booted by special programs embedded in hardware chips built with circuits as small as atoms. You can barely detect unauthorised operations at the very top layers (and at huge cost in terms of effort), everything underneath the OS is basically a black box for all intents and purposes... and you can't trust a black box.
Schneier addressed this in his recent Stanford lecture on the NSA and Internet security. Long, > 1 hour, but very much worth viewing.
However, I doubt it. There are plenty of clever mathematicians not working for the NSA...
Instead I believe they mostly focus on methods to find flaws in implementations of encryption schemes, possibly with the help of some theoretical breakthroughs and formal automated reasoning, because it is so much easier. Even the people working at NSA are lazy ;-)
If everything was broken, then why did they go through so uch trouble in the lavabit case?
But I personally don't see much of a (self-determination-ful) way forward other than making the assumption that some public key crypto works (ie one way functions exist), and building secure systems based on it.
Not just soldiers, witness the Coventry Blitz.
> However, Winterbotham's claim has been rejected by other Ultra participants and by historians. They state that while Churchill was indeed aware that a major bombing raid would take place, no one knew what the target would be.
> Peter Calvocoressi was head of the Air Section at Bletchley Park, which translated and analysed all deciphered Luftwaffe messages. He wrote "Ultra never mentioned Coventry... Churchill, so far from pondering whether to save Coventry or safeguard Ultra, was under the impression that the raid was to be on London."
> Scientist R. V. Jones, who led the British side in the Battle of the Beams, wrote that "Enigma signals to the X-beam stations were not broken in time," and that he was unaware that Coventry was the intended target. Furthermore, a technical mistake caused jamming countermeasures to be ineffective. Jones also noted that Churchill returned to London that afternoon, which indicated that Churchill believed that London was the likely target for the raid.
1. Winterbotham, F. W. The Ultra Secret, London, Weidenfeld & Nicolson, 1974 ISBN 0-297-76832-8; also London, Futura, 1975, ISBN 0-86007-268-1
2. Ray, John, "The Night Blitz", Cassel & Co 1996, ISBN 0-304-35676-X p. 155
3. "Defending Coventry" (http://www.historiccoventry.co.uk/blitz/defend-cov.php). Historic Coventry.
4. Hunt, David (28 August 1976), "The raid on Coventry", The Times: 11
5. Calvocoressi, Peter (1981). Top Secret Ultra. New York: Ballantine Books. pp. 85–86. ISBN 0-345-30069-6.
6. Jones, R. V. (1978). Most Secret War: British Scientific Intelligence 1939–1945. London: Hamilton. p. 149. ISBN 0-241-89746-7. This book was also published in the US under the title The Wizard War.
The British were paranoid about this; if they wanted to attack a tactical target where the Germans would think "there's no way they could have known about this, our codes must be broken", they'd always send a decoy scout or something out first to "accidentally come across" the secret target.
The Americans did similar things; when Adm. Yamamoto was shot down, his flight was duly "detected" by a reconnaissance plane first, even though the Americans knew full well when it was taking off and where it was going.
The relentless legal troubles of the lavabit case closely mimic the troubles of Joseph Nacchio (who refused NSA wiretapping while he was CEO of Qwest) 
Korea, Japan, Russia, China, India and Brazil will all be spending tons more on encryption. The most fatal flaw in all of this is that I expect they will have their own secure protocols in the next couple decades and what's really ironic, our former "enemies" may do a better job.
It converts any American worker in a spy of the Government.
Which is Somewhat Ok, given the NSA charter.
What is the more interesting question - Is this limited to "US servers heading overseas..?"
I mean we already know that NSA intercepts Laptops, Keyboards and such routinely for special "people of interest" within the US.
Does it do the same i.e. routinely and indiscriminately bug routers even within the US?
What about enterprise customers? Is it still "OK" if they carry out economic espionage?
Surely laws should only be considered if the situation in question relates to an american?
This is an understated threat to US IT companies.
Some evidence: http://www.businessinsider.com/the-snowden-effect-is-crushin... http://www.independent.co.uk/life-style/gadgets-and-tech/new... http://www.nytimes.com/2014/03/22/business/fallout-from-snow...
The question of whether or not data is being collected illegally should not be confused with the ability of data to be collected.
And honestly, while your point is valid, there's plenty of discussion available online about rubber stamping warrants - and this sort of implanting of surveillance tools just makes it economically/logistically viable for them to spy on everyone.
The question is - do you feel OK about a foreign nation state embedding the ability to invade your privacy? Like you said, they don't have to use it, they just have to be able to use it when necessary. Honestly this sort of hairsplitting is just silly.
Is not public knowledge, and the administration fights to keep it that way.
I wouldn't be surprised if this tool is used inappropriately as well, but there's nothing inherently mass, pre-emptive, or civilian-targeting about it.
Now I don't have details on which one this is either, but we do know that NSA has only so many people with the know-how and authority to tamper with devices, implant backdoors, and package it all back up in a factory seal, and that this is accordingly not a skill that can be wasted on a router that might simply end up in a church in Guinea-Bissau.
It's hard to imagine it's just software, as the router firmware could be validated against the manufacturer's own available on web sites. It could similarly be circumvented via a manufacturer software update (or open source alternative).
On the other hand, swapping out hardware en masse could get expensive, but the NSA has probably spent more for less.
Who would you know if they targeted only you with a microcode update for your Intel/AMD CPU that made crypto weaker? All the assembler instructions that you execute are just the same as someone with a proper microcode blob.
Once you have a company designed to create this stuff in an open-source way, virtualized software alone wouldn't change hardware interdiction. If somebody can modify your gear, they can modify the software that runs on your gear. If the hardware was designed to only work with certain signed code, that's another thing... but that would need to be a per-device, per-customer solution, which could get pricey.
For a more practical solution you could use today, I would buy hardware locally, then hide it amongst scrap metal and declare $0 value, and have a trusted courier ship it direct along with a secret receipt. If somebody interdicts, i'd have the courier deliver an erroneous receipt so I know something bad happened.
I do this at home and work with a Debian router.
There is also pfsense as well.
You won't like the price of the board I mentioned. On the other hand, nobody said a dev board with a bazillion extra features you don't want, made in extremely low quantity, is the cheapest possible way to stick a bunch of ethernet PHY to a FPGA (and you could optimize the size of that FPGA if you wanted...)
The point of that provided example multi-ethernet FPGA development board isn't that its the best you could do financially or technologically, but that if you tried to do your own thing and screwed up, its probably difficult to do worse.
As a practical matter having fooled with much smaller and simpler things the price should end up competitive in the end.
The biggest problem is synth takes a long time, god only knows what the CIA and KGB ops embedded in the source, and the IP licenses probably make distribution of the source rather difficult. Its mostly a business/government problem, not a technological problem.
But it appears to have snarled itself pretty thoroughly in its first few months: https://firstlook.org/theintercept/2014/04/14/passover-greet...
It's not like this is surprising, as such; it's just really bad that these chucklefucks got caught doing it.
(Yes, it's arguably morally wrong and so on, but just from a purely economic perspective, bad show.)
Not to say that Cisco isn't in cahoots with the NSA. I totally believe they are, but it's best to level accusations with facts, to lower the SNR, so to speak.
As a point of trivia: most Cisco routers and switches are manufactured in China and are stored in the US as inventory, and are shipped to customers as ordered from the US.
article announces compromise of American networking gear --> Cisco is major American networking gear vendor --> CSCO may suffer cancelled orders because of this
But perhaps with the covert assistance of the factory?
Unfortunately it looks like one part of the answer that's known is "not in the US."
We have only begin to feel the effects on this massive violation of trust. Unless trust can be restored, the US will become techno-provincial and only trustable with unimportant technologies like entertainment products.
He used some pretty strong words against the politicians.
Call Hillary a Neocon and corrupted, but he guesses she will win the next election. Page 5. http://www.gq.com/news-politics/newsmakers/201406/glenn-gree...
I mean think about how many hundreds of thousands of consumer computers come with Intel AMT vPro by default.