Yesterday, coinciding with the release of his new book No
Place to Hide, one-time The Guardian columnist Glenn Greenwald
ran a swan song piece in his former employer’s publication titled “how
the NSA tampers with US-made internet routers,” heralding the far broader
content featured in his book.
In keeping with the trend of recent Snowden Revelations (e.g. drifting away from highlighting ongoing U.S. intelligence agency abuses
against American citizens), Greenwald’s piece focused on exposing the NSA’s
practice of covertly implanting interception tools in U.S. information and
communications technology (ICT) equipment heading overseas.
Surprise.
Not.
The initial Snowden Revelations focused on U.S. intelligence
agency compromise of unwilling but sadly witting American internet service and telecommunications
providers. It was really only a matter
of time until we were to learn that they went after gear-makers and
hardware as well.
We got a sneak peek at this type of activity in March when Der
Spiegel and The New York Times reported on the NSA’s Shotgiant program. Shotgiant
not only penetrated the corporate networks of global ICT industry leader Huawei
in order to monitor its confidential communications, but also to steal proprietary
product information with the intent to use such information to compromise
networks into which the Huawei gear would be deployed. Link
to my blog post on Shotgiant.
(Aside: Lest anyone forget, I work for Huawei)
What Greenwald unveiled yesterday was that not only had
American service providers been compromised, but, so too had the ICT hardware
and related product of American-based companies.
Per Greenwald, as per NSA documentation leaked by Snowden: “The NSA routinely receives – or intercepts –
routers, servers and other computer network devices being exported from the US
before they are delivered to the international customers. The agency then implants backdoor
surveillance tools, repackages the devices with a factory seal and sends them
on. The NSA thus gains access to entire networks and all their users.”
Interestingly, Greenwald reports on the NSA’s shenanigans in
the context of highlighting that what the NSA has been doing is exactly what
U.S. Government entities have consistently yet groundlessly scare-mongered might
be done through Huawei equipment.
In the wake of Greenwald’s article, media reports, social media and other conversations feature some surmising that U.S. intelligence
agencies were looking in the mirror, observing their own actions, and presuming
that the Chinese Government was doing the same thing with China-based
companies. Hence the blockade of Huawei,
always accused of but never proven to be potentially complicit.
But wait. That assumption
doesn’t make sense.
Greenwald’s account, and subsequent reporting (e.g. see Wall
Street Journal article), seem to indicate that the U.S. vendors whose
product was violated were not in fact involved with or aware of the violation, rather,
that the NSA was covertly snagging outbound exports and then infecting them
with whatnot to enable whatever before sending them off on their merry way.
Who knows, we may one day come to learn that the U.S.
vendors were indeed complicit, but I very highly doubt it. It is extremely difficult to imagine the vast
conspiracy that such complicity would entail.
Consider: It was one thing for the NSA to compromise unwilling (for the most part, I believe) service
providers - via tidy, manageable conspiracies of the C-suite and legal office -
to enable the massive siphoning of data.
It's another thing altogether to compromise tens or hundreds of thousands
of routers and servers. That conspiracy,
which would require the complicity of countless employees across a vendor’s
organization, would be neither manageable nor sustainable.
The surreptitious interception and infection of outbound
product “at the border” which Greenwald and subsequent reporters describe would
seem a much better way to get backdoors installed, and would certainly be a lot
less prone to information leaks and opposition that would arise in terms of
working with complicit vendors.
Which brings us back to the U.S. Government’s opposition to allowing
Huawei to compete in the U.S.
If I am correct that the U.S. vendors were not knowingly
compromised, and for the reasons I’ve laid out, then I think it’s pretty fair
to assume that the U.S. Government knew full well that Huawei being wittingly compromised by the Chinese
Government was also highly unlikely and certainly unsustainable. Just as was the case with the unwittingly
compromised American ICT exporters, it would require a conspiracy far too
vast across a very global and very diverse employee population.
So why the Huawei blockade?
Well, as some have already mused in the wake of Greenwald’s
piece yesterday, perhaps because compromising Huawei gear being shipped to
far-flung markets would have been a much more challenging endeavor than
intercepting and infecting American-made gear.
Greenwald said it better:
“Warning the world about Chinese surveillance could have been one of the
motives behind the US government's claims that Chinese devices cannot be
trusted. But an equally important motive seems to have been preventing Chinese
devices from supplanting American-made ones, which would have limited the NSA's
own reach. In other words, Chinese routers and servers represent not only
economic competition but also surveillance competition.”
Later…
No comments:
Post a Comment