55 comments

  • convivialdingo 362 days ago
    Looking more closely at this, the backdoor is almost certainly based on the back-doored random number generator, Dual_EC_DRBG, which is implemented as NIST SP 800-90A.

    From Wiki: >>> NIST SP 800-90A ("SP" stands for "special publication") is a publication by the National Institute of Standards and Technology with the title Recommendation for Random Number Generation Using Deterministic Random Bit Generators. The publication contains the specification for three allegedly cryptographically secure pseudorandom number generators for use in cryptography: Hash DRBG (based on hash functions), HMAC DRBG (based on HMAC), and CTR DRBG (based on block ciphers in counter mode). Earlier versions included a fourth generator, Dual_EC_DRBG (based on elliptic curve cryptography). Dual_EC_DRBG was later reported to probably contain a kleptographic backdoor inserted by the United States National Security Agency (NSA).

    From Cavium's NIST FIPS-140-2, Section 3.3 [1] Approved and Allowed Algorithms:

    The cryptographic module supports the following FIPS Approved algorithms.

    *SP800-90 CTR DRBG Deterministic random number generation 32

    1: https://csrc.nist.gov/csrc/media/projects/cryptographic-modu...

    • GuB-42 361 days ago
      Is there any proof that Dual_EC_DRBG is backdoored?

      All I know is that Dual_EC_DRBG can be backdoored. And there are indeed suspicions, it was known from the start that not only Dual_EC_DRBG could be backdoored, but that it was rather weak to begin with. So, how could it be adopted as a standard?

      Now it seems that everyone takes the backdoor as a given. Is there any proof? Ideally the keys themselves (that would make it undeniable), but more credibly, leaks that show usage or potential usage of the backdoor.

      But what seems surprising to me about that story is that the potential for a backdoor was known even before the adoption of Dual_EC_DRBG as a standard. Any credible enemy of the state would know that and use something else, and be very suspicious of imported products using it. The ones following NIST recommendations would be allies, but why would you want allies to use weak ciphers?

      • jiggawatts 361 days ago
        > Is there any proof that Dual_EC_DRBG is backdoored?

        The algorithm is bad: it's complicated and slow.

        The competing algorithms were much simpler, much more secure by construction, and much faster. Most importantly, there was no obvious way to backdoor the competing algorithms, but there's a hilariously trivial way to backdoor Dual_EC_DRBG.

        Ergo: the only reason you would ever devise or use Dual_EC_DRBG is to introduce a backdoor capability. There is no other believable benefit or reason.

        But rest assured, the NSA promised that they destroyed all copies of the private key they used to generate the public key for Dual_EC_DRBG.

        Oh wait, you thought you could generate your own pair and throw away the private key? Ha-ha... haaa. No. That's not compliant with the "standard", which the NSA forced upon the industry, and/or literally bribed companies with millions of dollars to accept willingly.

        It's as obvious a backdoor as you could possibly have.

        Even if the NSA didn't use it as a backdoor -- I'm crying with laughter now -- the Chinese hacking group APT5 definitely did: https://blog.cryptographyengineering.com/2015/12/22/on-junip...

        • jandrese 361 days ago
          Why would you need proof that it has been backdoored? The fact that it can be backdoored should be enough to disregard it for all uses right from the start.
          • jiggawatts 361 days ago
            There are some algorithms where there's no obvious way to back door it, but it's always conceivable -- the person designing it may know some clever mathematics that you don't.

            With Dual_EC_DRBG, everyone knew that it could be back doored. It's not some guess, or "maybe it could have". It was obviously designed to be back doored. It should have been called "NSA_BACKDOOR_RNG", because that's literally what it is.

            And yes, all organisations that are not under the thumb of the US Government laughed at the transparent attempt to introduce a back door and rejected Dual_EC_DRBG. Only US-based companies use it, which ought to give you a hint.

          • thephyber 361 days ago
            The “need” for proof here determines whether there was likely malicious intent or negligence/ignorance.

            People who live in an evidence-based rational world don’t skip the evidence step and go straight to possibilities and counterfactuals.

            • jacquesm 361 days ago
              No, not really. If the data you hold is precious enough that you may have an actor with near infinite resources after you then you don't wait for proof to arrive, you assume the holes are there and act accordingly. Paranoia is fine if you have actual enemies, banking on the theory that evidence that a backdoor exists in a tool that you are using today will never surface is entirely the wrong approach.
            • samplatt 361 days ago
              There's a certain point in the security world where paranoia becomes a requirement, even though it only breeds more paranoia.

              An outcome of this is the requirement to treat all possibilities as certainties, regardless of evidence.

              In this way, entire sections of industry will auto-assume the backdoor was both deliberate, and used both both friendlies & hostiles.

              • AnthonyMouse 361 days ago
                Knowledge that this environment exists is also strong evidence that it was a backdoor.

                If you propose a clearly questionable security practice in some arbitrary bureaucracy, the assumption is it's incompetence because that happens all the time and no one detects it until it's already in production.

                If you propose a clearly questionable security practice to a cryptography standards body, the expectation is that you get laughed out of the room. Even the possibility of a backdoor would make everyone skeptical, which would be useless in a standard because no one would trust it.

                And yet it made it through the standards process for some reason, but there is only one plausible reason.

              • thephyber 361 days ago
                > In this way, entire sections of industry will auto-assume the backdoor was both deliberate, and used both both friendlies & hostiles.

                That’s fine. But they should be equally paranoid of all substitute products/services that use other recommendations from NIST, right? Are there greater than zero products on the (US) market with no encryption in the system recommended by NIST?

                Also, I don’t think I was limiting my thinking to a customer of the weak encryption product. I was also thinking through the lens of legal implications.

          • fragmede 361 days ago
            Trusting Trust says everything could be backdoored, but somehow I'm guessing you still use computers.
            • jiggawatts 361 days ago
              If, for example, SHA2 had a backdoor or a weakness known only to the NSA, then random contractors (like Snowden) could use that to extract money from the Bitcoin network, which uses SHA256 as its core cryptographic primitive.

              That's easily a billion dollar motivation right there, and I can't imagine a bunch of low-paid government drones resisting that cash prize. Everyone has a price.

              Hence, there's a level of trust that can be gained through observation of failures to abuse backdoors. If they don't exist, they can't be abused. If they exist, then they must be used/abused, otherwise what's the point? Such usage will be eventually discovered. E.g.: The use of the Dual_EC_DRBG back-door to tap into Juniper VPN connections by the Chinese government was discovered and made public.

              • leetbulb 361 days ago
                I'm not advocating in either direction here, but let's assume backdoors like this do exist: Just because they haven't been abused doesn't mean that they wont in the future.

                Of the people I know that work with highly privileged materials, none would take advantage or abuse something like this, even with such a high payout. Even if they did, how would they continue to live comfortably? That said, it just takes one person under the right circumstances to act maliciously, which is why screening and compartmentalization is critically important for these organizations.

                • jiggawatts 361 days ago
                  The SHA2 standard is now 22 years old. That's an awfully long wait to start utilising a back door!
            • GuB-42 361 days ago
              We use computers because it is pretty much impossible to live in modern society without using computers.

              But by the time Dual_EC_DRBG was published, we already had alternatives that were better in just about every way, including being much less likely to contain a backdoor.

            • dllthomas 361 days ago
              Interestingly, Trusting Trust style attacks on compilers was later (theoretically, idk to what degree it's been put into practice) solved by "diverse double compiling": https://dwheeler.com/trusting-trust/
            • suprfsat 361 days ago
              We should improve society somewhat.
        • thephyber 361 days ago
          I like the link and the explanations about the weaknesses.

          I detest the only evidence being circumstantial and the _argument from ignorance_ being the one that you lean on. Make the simple observations and don’t try to oversell it.

      • lazide 361 days ago
        It has constants chosen with NSA input which weaken it - and which were called out a long time ago as doing so.

        It isn’t a back door in the sense of ‘poke the code in a certain way and voila’, rather ‘if you know the counterpart to this constant, you can guess what values the RNG spits out at statistically improbable rates’.

        You’d never know if someone was doing so unless they admitted it or someone got arrested in a way that was only possible if they’d used it. Which good luck.

      • I_am_uncreative 361 days ago
      • carbotaniuman 361 days ago
        If you believe you are the only one who can break the cipher, then it doesn't really matter if your allies are using them - after all, spying happens even among ostensibly allied or friendly countries.

        I think most people's source of proof is the Snowden leaks, but I haven't actually read it or corroborated, and most backdoors should be deniable anyway - it'd be real dumb if they weren't. I think strong circumstantial evidence is really the only thing one can go on.

    • kurikuri 361 days ago
      You are wildly incorrect here.

      The cryptographic module uses the CTR_DRBG, not the withdrawn Dual_EC_DRBG. The Dual_EC_DRBG was withdrawn in 2014, but this Security Policy for this module was submitted well past that for FIPS 140-2 revalidation, and the CMVP would not have let a testing lab submit it at all.

      This isn’t the back door.

      • mike_d 361 days ago
        Irrelevant. This "revelation" is from pre-2013 information. Dual_EC may have been the capability before it was withdrawn.
        • kurikuri 361 days ago
          > Irrelevant Except it was relevant as a response to the OP in that: I was pointing out their conflation of two different DRBGs.

          Having an SP 800-90A DRBG does not mean you support all of them, nor does it imply the user could change between the 3 (or, in that hypothetical, 4).

          Outside of that, it is unlikely that this module had Dual_EC_DRBG at any point in time for three reasons: 1) Submitting a hardware module that has an entirely new DRBG would require a lot of low level work from Cavium, and the modifications made to the physical module would likely constitute more than an updated certificate (i.e., a new certificate). 2) Even though the DRBG was withdrawn, the CAVP lists algorithm certificates, and this includes historic certificates. Cavium doesn’t have a Dual_EC_DRBG certificate for any operating environment. A list of Dual_EC_DRBG certificates can be seen here: https://csrc.nist.gov/projects/cryptographic-algorithm-valid... 3) the earliest security policy for the module that I could find dates back to 07/22/2014, and it still uses the CTR_DRBG. Security policy here: https://csrc.nist.rip/groups/STM/cmvp/documents/140-1/140sp/...

    • stephen_g 362 days ago
      That's a very specific module - one of Cavium's dozens and dozens of products.

      Hard to tell what it is, more information is needed.

      • convivialdingo 362 days ago
        Well, there's several Cavium devices that support the deprecated/back-doored Hash_DRBG.

        For example, these devices were validated for the completely appropriately named "SonicOS 6.2.5 for TZ, SM and NSA". Gotta appreciate the irony.

        Cavium CN7020 Hash DRBG

        Cavium CN7130 Hash DRBG

        Cavium Octeon Plus CN66XX Family Hash DRBG

        Cavium Octeon Plus CN68XX Family Hash DRBG

        I don't know if that's hardware support or just a software validation - but it's still interesting that they validated it.

        https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Valid...

        • dfox 362 days ago
          Except Hash_DRBG is neither deprecated nor backdoored. See NIST SP 800-90A Rev. 1 section 10.1.1.1 for description of the algorithm.
          • convivialdingo 362 days ago
            Well, true.. the Hash_DRBG hashing algorithm remains. But it's rather likely that previous FIPS validations occurred utilizing the actual backdoored and deprecated algorithm as an input to the Hash_DRBG, rendering it's security properties suspect.

            In NIST SP 800-90A Rev. 1, the HASH_DRBG section has been significantly updated to that effect.

            For instance, Appendix E: (Informative) Revisions.

            Section 10: Section 10 now includes a link to the DRBG test vectors on the NIST website. Sections 10.1, 10.1.1 and 10.1.2 now include short discussions about selecting hash functions to support the DRBG's intended security strength. The Dual_EC_DRBG has been removed, and section numbers adjusted accordingly.

            • dfox 362 days ago
              The backdoor in DualEC_DRBG only works if there is some way for the attacker to directly observe its outputs (eg. using that for IVs). If you use it as an inner CSPRNG that seeds other faster algorithms the backdoor is irrelevant, but well, such a construction is total nonsense that only ever makes sense in the FIPS certification framework (DualEC_DRBG is ridiculously slow and not meaningfully more secure than the other FIPS CSPRNGs).

              On the other hand, I have the feeling that if you instantiate Hash_DRBG with certain classes of insecure hash functions (think MD2) the mechanism that protects the construction from effects of birthday paradox makes it simpler to break the underlying hash function, but for this attack to work the underlying hash function have to be really bad and this attack is probably impractical even for instantiations with MD4, much less the SHA variants in the specification.

    • araes 361 days ago
      Since Calvium got rewarded for being "Completely Enabling for _______ encryption chips used in VPN and Web encryption" and then lists these on its Nitrox III and Nitrox V (https://pbs.twimg.com/media/F6Y_zDQWgAAj96s?format=jpg)

      AES (128/192/256 CBC, GCM)

      Triple-DES (CBC, 3-key)

      SHS (SHA-1/256/384/512)

      HMAC (SHA-1/256/384/512)

      RSA (KeyGen, SigGen and SigVer; PKCS1 V1 5; 2048bits)

      ECDSA (PKG, SigGen and SigVer; P-256, P-384, P-521)

      CTR DRBG (AES-256)

      HASH DRBG (SHA-512)

      CVL Component (IKEv2, TLS, SSH)

      CKG (vendor affirmed)

      Does that imply that the NSA may have kleptographic (algorithm substition, or secondary key) attacks or something different for all of these?

    • _kbh_ 361 days ago
      > Looking more closely at this, the backdoor is almost certainly based on the back-doored random number generator, Dual_EC_DRBG, which is implemented as NIST SP 800-90A.

      This doesn't have to be backdoored.

      It could simply be a bug in their hardware RNG that uses something that isn't public to break it.

      Or something that Cavium did not realise was vulnerable.

    • distract8901 360 days ago
      Sorry, what does it even mean for a random number generator to have a backdoor? Is it leaking your generated keys to the NSA? Does it have some arbitrary code execution vulnerability?
    • 0xDEFACED 361 days ago
      Computerphile has a video about this algorithm and its potential backdoor, it’s a great watch.

      https://youtube.com/watch?v=nybVFJVXbww

  • zimmerfrei 362 days ago
    More interestingly, Cavium (now Marvell) also designed and manufactured the HSMs which are used by the top cloud providers (such as AWS, GCP, possibly Azure too), to hold the most critical private keys:

    https://www.prnewswire.com/news-releases/caviums-liquidsecur...

    • joezydeco 362 days ago
      Ayup. We use AWS CloudHSM to hold our private signing keys for deploying field upgrades to our hardware. And when we break the CI scripts I see Cavium in the AWS logs.

      Now I gotta take this to our security team and figure out what to do.

      • supriyo-biswas 362 days ago
        I'd be surprised if you get anything more than generic statements about how they take security very seriously and they are open to suggestions, but avoid addressing the mentioned concerns directly (and this applies to all cloud providers out there, not just AWS).

        I'm sure a few others here would like to see their response as well.

        • joezydeco 362 days ago
          We've had other issues with our CloudHSM instance, especially with the PKCS1.5 deprecation on January 1. And their support has been pretty dismal. Not expecting much from them at this point.
          • baz00 362 days ago
            AWS support is pretty fucking terrible generally. We’re a very high rolling enterprise customer and it’s pretty obvious that some of their shit is being managed by two guys in a shed somewhere who don’t talk to each other.
            • IntelMiner 362 days ago
              As someone who was IN AWS premium support, I got the distinct impression they had no idea what they're doing

              I was a Linux Sysadmin for a decade. They initially hired me to work on the "BigData" support team

              Then after hiring threw me into CI/CD instead. I told them I don't know python or ruby and would be a terrible fit

              I asked if I can join the Linux team. EC2 is bread and butter, that's easy stuff

              "Oh we're actually shutting that team down soon. I'll move you into containers instead"

              Spoiler: they didn't "shut down" the Linux group

              • baz00 362 days ago
                Thank you for this. Next time AWS try and tempt me over to them I’ll tell them literally fuck off. Not up for those games.
            • tormeh 362 days ago
              Another satisfied user of AWS Glue, I see. On a scale of 10 to “I have no mouth and I must scream” how much do you hate their error messages?
            • ta988 362 days ago
              The famous one poke bowl team. Saved costs on pizzas.
            • TavsiE9s 362 days ago
              Have you had the pleasure of working with Azure? I'll take AWS any day over that dumpster fire.
              • seadan83 362 days ago
                As someone that is deciding between AWS, Google and Azure - could give an outline of some of the Azure painpoints? Are there any blogs or other articles that outlines what your concerns would be?

                I'm pretty aware of how painful it can be to configure AWS well, IAM roles, the overly large eco-system that we won't need and unmitigated complexity to configure it all. It's not comforting to think Azure is worse yet.

                • jiggawatts 362 days ago
                  They’re just different. People like the devil they know.

                  The Azure Resource Manager system is much easier to use than the fragmented mess that is AWS.

                  The problem with Azure is that they’re still catching up to AWS. They have fewer products and the quality is worse.

                  Really basic issues will remain unaddressed for years.

                • Sylamore 362 days ago
                  I work on and off with both, AWS may be more feature complete in some areas but Azure is frankly easier to work with for me, I can actually get support on issues I have from Microsoft. And while I've generally only done so from the large enterprise account perspective, Microsoft is way more open to feature requests/enhancements than Amazon is. I don't have any experience with GCP so I can't speak on that.
              • SV_BubbleTime 362 days ago
                We selected AWS for very modest needs, but sometimes I glance over at Azure and wonder if the grass is greener. I'll take your word on it though.
              • PcChip 362 days ago
                We work with Azure and don't have any major complaints about it - what were your issues?
            • amaccuish 362 days ago
              AWS Client VPN and Ubuntu 22.04... Need I say more?
              • OBFUSCATED 362 days ago
                What issues are you having?
                • amaccuish 352 days ago
                  the required old version of libssl is no longer in Ubuntu's repos
            • wdb 362 days ago
              Using AWS Greengrass?
              • hhh 362 days ago
                Greengrass was so bad we built an entire edge platform.
              • baz00 362 days ago
                Never even heard of that one!
                • SV_BubbleTime 362 days ago
                  It's a cloud to edge system. Like hosting some of your stuff on the edge, think like a cloud that lives inside your factory.

                  It confused me when researching it.

                • wdb 362 days ago
                  Imagine doing a job interview they ask do you know AWS. Sure, I know AWS, and explain what you built with Greengrass, Lambda's, RDS etc. and then get rejected for not knowing AWS lol
              • robertlagrant 362 days ago
                Hate Greengrass; Love joy.
        • DyslexicAtheist 362 days ago
          wouldnt such a backdoor invalidate all promises made by external audits e.g. https://cloud.google.com/security/compliance/offerings and more importantly wouldn't it violate safe harbor agreement with the EU or whatever sham this safe-harbor was replaced with?
          • BlueTemplar 361 days ago
            As you say, a sham : as long as the Patriot Act is still effectively ongoing, everyone else is still trying really hard to look the other way, (especially while the war is still ongoing !), ignoring the CJUE, which has no choice but to shoot down one agreement after another, since they automatically violate the EU Charter of Fundamental Rights : https://en.wikipedia.org/wiki/Max_Schrems#Schrems_I
          • pyinstallwoes 361 days ago
            I mean, if you can detect it.
            • lazide 361 days ago
              And you’re allowed to notice it without dudes in suits And dark sunglasses convincing you it’s a bad idea to do so.
      • d-161 362 days ago

          The Intel Management Engine always runs as long as the motherboard is 
          receiving power, even when the computer is turned off. This issue can be 
          mitigated with deployment of a hardware device, which is able to disconnect 
          mains power.
        
          Intel's main competitor AMD has incorporated the equivalent AMD Secure 
          Technology (formally called Platform Security Processor) in virtually all of 
          its post-2013 CPUs.
        
        
        https://en.wikipedia.org/wiki/Intel_Management_Engine

          Ylian Saint-Hilaire, principal Engineer working on remote management software 
          including hardware manageability:
        
        https://youtu.be/1seNMSamtxM?feature=shared

        https://github.com/Ylianst

        • close04 361 days ago
          I think Ylian Saint-Hilaire hasn’t been with Intel for about a year now, after some layoffs. As a result the software ecosystem around AMT/vPro is lagging these days.

          Hardware wise nothing changed, it’s just even harder for the actual owner of the hardware to use the legitimate management features while presumably easier for whoever could illegitimately abuse them.

      • theamk 362 days ago
        Nothing?

        I mean, you are already in US-based cloud, so if NSA is interested, they will just request information directly, no backdoors needed.

        (This is a good test for your security team, btw: if they say anything other that "we do nothing", you know its all security theater)

        • garfieldnate 362 days ago
          But being able to request it and having a built-in backdoor for anyone with a key are different things. It has happened before that the Chinese government figured out network equipment backdoors that were put in for the US government. All your company secrets are there for the taking for anyone with the resources to figure out that backdoor. Especially now that people know it exists. Shouldn't this at least start the clock on expiring this hardware?
          • mytailorisrich 361 days ago
            Considering the scales of Amazon and Google, and their involvements with US government agencies in the US, I think it is fair to suspect that there is a lot we don't know about...
        • joezydeco 362 days ago
          Very good point. That was the consensus from our team, so I think we're okay.

          Ironically, the data we're securing is because of US government requirements. So if the government wants to spy on itself, who are we to say?

          • snypher 361 days ago
            The fact that this backdoor could leak and be used by a foreign government needs to be taken seriously.
      • datavirtue 362 days ago
        Nobody cares. If caring gets in the way of easy money. Spoiler...it does.
        • catchnear4321 362 days ago
          more accurately, nobody (with sufficient agency to act) cares.

          you wouldn’t be cynical if you didn’t care, or felt able to do anything about it.

        • sambazi 361 days ago
          future you will care and facepalm
    • api 362 days ago
      Is there anyone here who actually thought cloud provider HSMs were secure against the provider itself or whatever nation state(s) have jurisdiction over it?

      It would never occur to me to even suspect that. I assume that anything I do in the cloud is absolutely transparent to the cloud provider unless it's running homomorphic encryption, which is still too slow and limited to do much that is useful.

      I would trust them to be secure against the average "hacker" though, so they do serve some purpose. If your threat model includes nation states then you should not be trusting cloud providers at all.

      • jacquesm 362 days ago
        Lots of people believe that. They believe truthfully you can get to the level of AWS, MS, Google, Facebook or Apple whilst standing up to the nations that host those companies. I've walked into government employees in the hallways of tiny ISPs, I see no reason to believe at all that larger companies are any different except for when easier backdoors have been installed.
        • BlueTemplar 362 days ago
          The really concerning part is to be STILL believing that after the Snowden scandal, after everybody has seen the slides that explain in detail how the NSA sends an FBI team to gather data from (then, in 2013) Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, Apple (and Dropbox being planned).

          Also how Yahoo first refused but was forced to comply by the Foreign Intelligence Surveillance Court of Review.

          https://www.electrospaces.net/2014/04/what-is-known-about-ns...

          (Note that supposedly, "the companies prefer installing their own monitoring capabilities to their networks and servers, instead of allowing the FBI to plug in government-controlled equipment.")

        • eightysixfour 362 days ago
          I don’t know how many believe it and how much is willful ignorance. The big cloud providers make big mistakes but how many trust their organizations to do better against a nation state level actor?

          The underlying architectures of our systems are not secure and much of the abstractions built on top of them make that insecurity worse, not better.

          For nation state level issues, the solution likely isn’t technical, that is a game of whack-a-mole, it will take a nation deciding that digital intrusions are as or more dangerous than physical ones and to draw a line in the sand. The issue is every nation is doing it and doesn’t want to cut off their own access.

        • luxuryballs 362 days ago
          I always just tell people to lookup “Lavabit” to learn everything you need to know.
          • byteknight 362 days ago
            To save others a goog: https://en.wikipedia.org/wiki/Lavabit

            > Lavabit is an open-source encrypted webmail service, founded in 2004. The service suspended its operations on August 8, 2013 after the U.S. Federal Government ordered it to turn over its Secure Sockets Layer (SSL) private keys, in order to allow the government to spy on Edward Snowden's email

            • rvba 362 days ago
              > He also wrote that in addition to being denied a hearing about the warrant to obtain Lavabit's user information, he was held in contempt of court. The appellate court denied his appeal due to no objection, however, he wrote that because there had been no hearing, no objection could have been raised. His contempt of court charge was also upheld on the ground that it was not disputed; similarly, he was unable to dispute the charge because there had been no hearing to do it in.

              Land of the free...

      • TheRealDunkirk 362 days ago
        > If your threat model includes...

        At my Fortune 250, our threat model apparently includes -- rather conveniently and coincidentally -- everything! Well, everything they make an off-the-shelf product for, anyway. It makes new purchasing decisions easy:

        "Does your product make any thing, in any way, more secure?"

        "Uh... Yes?"

        "You son of a bitch. We're in. Roll it out everywhere. Now."

        • jdwithit 362 days ago
          This reminds me of our own security team, who as far as I can tell do nothing but run POC's of new security tools. And then maybe once a year actually buy one, generating a ton of work (for others) to replace the very similar tool they bought last year. Seems like a good gig.
          • Bluecobra 362 days ago
            And the sad/funny thing is that said tool would probably do diddly squat if one employee falls for a social engineering/phishing attack.
            • oefrha 361 days ago
              Occasionally security products turn into malware delivery platforms as well, because they run very privileged, are sometimes more shoddily developed than what they’re protecting, and have fewer eyeballs on them than the vanilla operating system.

              Not to mention they may be another Crypto AG.

              • jacquesm 361 days ago
                > Occasionally

                Much more frequently than that if you lump 'anti virus software' in with security products.

            • Prickle 361 days ago
              As someone who's company just suffered this exact issue, all I can say is yes.

              They gave me a laptop with 8gb of ram. The laptop runs invisible security software that nominally takes 6~6.8gb.

              We just got penetrated by two attackers in the last 40 days.

              • formerly_proven 361 days ago
                > We just got penetrated by two attackers in the last 40 days.

                * that you know of

        • calgoo 362 days ago
          And then when there is a security issue you ask them share the log files from all their spyware and suddenly half the stuff needed is not there because we did not get that module.
          • lazide 362 days ago
            Or ‘oh, that feature hasn’t been rolled out yet, expect it in 6 quarters.’.
        • Macha 362 days ago
          Ahh, I've been there. I'm sure no concern is given for usability of the result.

          Welding your vault shut may make it harder for thieves to break in, but if your business model requires making deposits and withdrawals, it's somewhat less helpful.

          • lazide 362 days ago
            Luckily, all but tiny portion of security products have a door you can open if you ask support nicely enough you didn’t know about before. So you can still get your stuff after you weld the door shut.
        • hiatus 362 days ago
          There's no thought given to if the cost to secure the thing outweighs the risk of exposure?
          • TheRealDunkirk 362 days ago
            I’m not privy to those discussions, but it certainly doesn’t feel like they’re happening. We implement every security “best practice,” for every project, no matter how big or small. We have committees to review, but not to assess scope, only to make sure everything is applied to everything. Also, we have multiple overlapping security products on the corporate desktop image. It feels EXACTLY like no one has ever tried to gauge what a compromise might cost.
      • johnklos 362 days ago
        It's interesting to consider the people who, with the very same set of facts, come to completely opposite conclusions about security.

        For instance, Amazon has a staff of thousands or tens of thousands. To me, that means they can't possibly have a good grasp on internal security, that there's no way to know if and when data has been accessed improperly, et cetera. To others, the fact that they're a mega-huge company means they have security people, security processes and procedures, and they are therefore even more secure than smaller companies.

        For one of the two groups, the generalized uncertainty of the small company is greater than the generalized uncertainty of the large. For the other, the size of the large makes certain things inevitable, where the security of smaller companies obviously depends on which companies we're talking about and the people involved. More often than not, people want to generalize about small companies but wouldn't apply the same criteria to larger companies like Amazon.

        There's a huge emotional component in this, which I think salespeople excel at exploiting.

        It fascinates me, even though it's a never-ending source of frustration.

      • enkid 362 days ago
        If your threat model includes the nation state where you physical infrastructure is, you're hosed.
        • outworlder 362 days ago
          > If your threat model includes the nation state where you physical infrastructure is, you're hosed.

          True. But even if you trust your nation state 100%, having a backdoor means you now have to worry about it falling into the wrong hands.

          • jacquesm 362 days ago
            Even if you trust your nation state 100% having a backdoor means it has already fallen into the wrong hands. That's because 'nation state' is not synonymous with 'people running the nation state'.
        • api 362 days ago
          Literally hosed. There's a funny jargon term "rubber hose cryptography" that's used to refer to the cryptanalysis method where you beat someone with a rubber hose until they give you the key. It's 100% effective against all forms of cryptography including even post-quantum algorithms.
          • ipaddr 362 days ago
            You would be surprised that for a percent this would not work. Some even like it. Some have a deathwish and want to be a martyr. Some people blow themselves up to further a cause. Also put under heavy stress memories of keys cannot be recalled at times.

            It's probably slightly less effective than threatening to kill family members but probably more than threat of jail time.

            Either way you require someone alive and with mental awareness. The mind reading tools found in science fiction hasn't been developed yet.

            • rangerelf 362 days ago
              It doesn't matter, something will be found that will coerce them into talking. Nobody is an island. Everyone has a breaking point, if it's not rubber hoses, it's socks full of rocks, or it's bottles of mineral water, or any number of methods. Don't think for a second that someone hasn't thought of a better way to get information out of somebody else.
            • 0xDEAFBEAD 361 days ago
              Yep... read up on interrogation resistance.
            • jacquesm 362 days ago
              We're talking about normal people, not psychopaths.
              • l33t7332273 362 days ago
                Terrorists are generally highly altruistic, not psychopaths.

                It’s a lot easier to blow yourself up(or to spread ideology which encourages it)for a cause that you believe is helping people, in particular _your_ people.

                • jacquesm 362 days ago
                  The terrorists that blow themselves up and that blow other people up are usually misguided brainwashed angry young men. It's nothing to do with ideology, everything to do with power. Or did you think blowing up schools full of girls is something people genuinely believe helps their people, to give just one example?

                  Ordinary people just want to be left alone. Old guys wishing for more power will use anything to get it, including sacrificing the younger generations.

                  • l33t7332273 362 days ago
                    > did you think blowing up schools full of girls is something people genuinely believe helps their people

                    It absolutely is something that they think helps their people, yes.

                    • jacquesm 362 days ago
                      No, it's something that a bunch of old guys with issues told them helps their people.

                      Beliefs stop when they are no longer about yourself but about how other people should live. Especially when those other people loudly protest that this is how you think they should be living. Killing them is just murder, not the spreading of ideas.

                      But hey, those human rights are just for decoration anyway.

                      • l33t7332273 362 days ago
                        > it's something that a bunch of old guys with issues told them helps their people

                        I don’t understand why you said “no” before this; I believe this agreed with what I’m saying.

                      • mcpackieh 361 days ago
                        The old men persuade the would-be suicide bomber that educating women will liberate and liberalize them, and that this is counter to the interests of those who prefer the traditional order of society. Are they even lying?
                        • jacquesm 361 days ago
                          Yes, they're lying.

                          The 'traditional order of society' is a society run by psycho pathological individuals and benefits nobody except for those individuals.

                          But you already knew that, didn't you?

                          • mcpackieh 361 days ago
                            You're deeply mistaken if you think there aren't men who don't genuinely prefer the traditional order of women being subjugated by men.

                            1. Not everybody shares your values.

                            2. People who don't share your values are not necessarily brainwashed.

                            3. People may do things that are irrational under your system of values, but rational under their own.

                            And BTW, there is no a single fighting force in the world that doesn't have old men persuading young men to sign up and risk throwing away their lives. There's not a whole lot of difference between regular soldiers persuaded to participate in a forlorn hope or banzai charge attacking a defended position and a suicide bomber or kamikaze.

                          • l33t7332273 361 days ago
                            Are you saying that liberalizing the society is not counter to the interests of those who prefer traditional society?

                            I think it clearly is.

                          • no-reply 361 days ago
                            Who makes that determination ? And by what justification ?
          • dmayle 362 days ago
            That's actually not true. It can do nothing about M of N cryptography. (That's when a key is broken up such that there are N parts, and at least M (less than N) are required to decrypt. It doesn't matter how many rubber hoses you have, one person can fully divulge or give access to their key and it's still safe.
            • hn_version_0023 362 days ago
              I always giggle a little when really smart people forget thugs exist and do what they’re told. If that includes breaking the knees of M people to get what they’re after, then M pairs of knees are gonna get destroyed.

              This isn’t hard to understand, but it’s easy to forget our civilization hangs by a thread more often than any of us care to admit.

              • ibejoeb 362 days ago
                I don't remember the provenance of the quip, but somewhere at a def con or a hope, I heard, "The point of cryptography is to force the government to torture you."
                • jacquesm 362 days ago
                  They're perfectly ok with that, and depending on where you live this may happen in more or less overt ways. If the government wants your information, they will get your information. Your very best outcome is to simply rot in detention until you cough up your keys.
                  • ibejoeb 362 days ago
                    Now that I think about it, I'm pretty sure it was a session about root zone security, and Adam Langley was in the room. I was thinking, damn, kinda sucks to be the guy that holds Google's private keys. They want someone's information, so they let you rot...
                • jazzyjackson 362 days ago
                  power in numbers

                  can't torture us all!

              • actionfromafar 362 days ago
                Are we deep enough in the thread for the customary reminder that each measure makes it incrementally harder to attack a system?

                (Including a system of people.)

                Even nation state adversaries don’t have infinite resources to allocate for all opponents.

              • __alexs 362 days ago
                I think you can probably get away with only breaking one pair of knees and sending a video of it to the other people.
                • solardev 362 days ago
                  Youtube would delist that before they could all see it though.
                  • sofixa 362 days ago
                    You know there are other ways to have a video and send it to people than YouTube, right? You can just email a link from dropbox or gdrive, or an attachment, or send a WhatsApp/Telegram/etc. message, send a letter with a USB drive, etc.
                    • solardev 362 days ago
                      Yes. It was just a dumb joke :/
                    • lmm 361 days ago
                      > You can just email a link from dropbox or gdrive, or an attachment, or send a WhatsApp/Telegram/etc. message

                      Why do you think governments are demanding those services give them access to quickly remove "misinformation"?

              • MichaelZuo 362 days ago
                Any organization that is really really serious about security will obviously keep at least N-M +1 folks, along with their family, in other countries.

                Which is a much much higher bar to clear for any would be rubber hose attackers.

                • solardev 362 days ago
                  Your secrets aren't really safe unless Xi and Putin each have part of your key personally memorized.
              • Randomizer42 362 days ago
                That’s hyperbole
            • pixl97 362 days ago
              Lets say for example

              Bob, Jon, and Tom have pieces of the key. Bob and Jon are in the US and arrested over and commanded by a court to give up the key. Tom is the holdout. The US will issue an international arrest warrant, and now Tom can never safely fly again or the plane will be diverted to the nearest US friendly airport where they will be extradited. So, yea, "safe" is very situational here.

              • BurningFrog 362 days ago
                Doesn't Tom's key fragment have to be on a disk somewhere for things to work?

                That's the actual weak link to attack.

            • kyleplum 362 days ago
              That situation just requires a longer hose
            • jacquesm 362 days ago
              Sure, so you hit all of the people that have all of the pieces. Problem solved.
              • saalweachter 362 days ago
                Or you publicly announce you're hitting 1 of the N people with the rubber hose until M-1 of the other people send you their key fragments.

                It's not like these keys are shared among disinterested strangers who have no attachment to each other.

                • worthless-trash 360 days ago
                  Somehow, somewhere you've just influenced a megacorp's internal crypto process.
            • LinuxBender 362 days ago
              This probably works if each person has a cyanide+happy drug pill or a grenade and is willing to sacrifice themselves and the rubber-hoser(s). I think that requires a rare level of devotion. This process must also disable a simple and fragile signalling device to let the others know what's coming.
          • aborsy 362 days ago
            This would not work well, because you can’t do it in a secret manner. Overuse of the rubber hose cryptography will become known, and there will be public backlash.
            • eastbound 362 days ago
              Seems like the NSA is threatening everyone of arrest (=state-organized violence) if they don’t secretly give them keys, and Snowden revealed it, and there is no public backlash.
          • amluto 361 days ago
            Hose-resistant cryptography is possible. Secret sharing comes to mind, or a system by which even the principals can only compromise a key slowly.
        • vasco 362 days ago
          I mean in the end everything is people just like Logan Roy said in Succession. Cryptography or any software protections are the same. It's a great quote that is very true:

          > "Oh, yes... The law? The law is people. And people is politics. And I can handle of people."

          • jhugo 362 days ago
            “I can handle of people”? Cannot parse.
            • dralley 362 days ago
              I think that was a mobile typo. The quote is just "I can handle people"
              • sambazi 361 days ago
                i feel like "typo" should mean "typing error" and not "autocorrect fubar"

                mixing the two implicates humans for the errors of machines

                edit:

                unless failure to disable autocorrect is counted as a user error

              • vasco 362 days ago
                That's exactly what happened!
        • PeterStuer 362 days ago
          Addendum: if your threat model includes any nation state that has significant ties to the nation state that hosts your physical or transit infrastructure, you're hosed.
          • Obscurity4340 362 days ago
            How might this apply or what are the implications of Signal given its US jurisdiction?
            • lmm 361 days ago
              The US authorities can make the same orders that they made with LavaBit (i.e. ordering them to produce a backdoored build and replace yours with it), and they can make them secretly. Given that Signal by design requires you to use it with auto-update enabled (and, notably, goes to some effort to take down ways of using it without auto-update), and has no real verification of those auto-updated builds, I would consider it foolish to rely on the secrecy of Signal if your threat model includes the US authorities or anyone who might be able to call in a favour with them.
              • wildfire 360 days ago
                How odd. I have, and continue, to use Signal without auto-update enabled.

                I have been prompted, twice in three years to update though.

                Perhaps the requirement depends on your country?

                • Obscurity4340 360 days ago
                  Ya, does it do that thing banking apps do where it insists on the most recent version in order to even be usable?

                  Otherwise, thats more of an iOS option that can be easily altered

                  Settings < App Store < Automatic Downloads > App Updates

            • autoexec 361 days ago
              Signal started keeping sensitive user data in the cloud a while ago. All the information they brag about previously not being able to turn over because they don't collect it in the first place, well they collect it now. Name, photo, phone number, and worst of all a list of all your contacts is stored forever.

              It's not stored very securely either. I wouldn't doubt that three letter agencies have an attack that lets them access the data, but even if they didn't they can just brute force a pin to get whatever they need.

              https://community.signalusers.org/t/proper-secure-value-secu...

            • Natanael_L 362 days ago
              Signal relies on the client program to not be compromised to keep conversations secret
      • numbsafari 362 days ago
        I believe this is why the government of Singapore appears to fund a lot of work on homomorphic encryption.

        Even when you are a nation state, you still have to worry about other nation states.

        • arter4 362 days ago
          Especially when you are a nation state.
      • wsc981 362 days ago
        I feel the same and Snowden kinda said as much regarding phones. To assume each phone is compromised by state level actors.
        • TheRealDunkirk 362 days ago
          I mean, there's a reason that the government was involved with setting up the first cell networks. No assumptions need to be involved. They ARE all compromised.
          • RF_Savage 362 days ago
            Lawful intercept has always existed in phone networks. Just that one cannot use that in non-allied nations.
            • TheRealDunkirk 362 days ago
              You’re missing the point. It was designed to be transparent to interception efforts up front, so you can’t tell if you’re being surveilled, lawfully or not.
              • RF_Savage 360 days ago
                For analog Gen0 and Gen1 networks I'd make the claim that it was just as much about technical limitations of the era.

                But for 2G export crypto it definitely was about keeping it weak enough to break on demand.

      • lokar 362 days ago
        Cloud HSM services have always been understood as a convenience with limited real world security, without even considering nation state threats.
      • dclowd9901 362 days ago
        I think there’s such a thing as plausible deniability here. We didn’t know for certain so we weren’t culpable, but now that it’s public record, we really have to do something about it or risk liability with our customer data.
      • bowmessage 362 days ago
        See the Cryptographic Control Over Data Access [0] section here for one answer to this problem.

        [0] https://cloud.google.com/blog/products/identity-security/new...

        • BlueTemplar 362 days ago
          That's nice, but the only reasons that public clients would use a well known bad actor from a rogue state is laziness / incompetence.
      • amenghra 362 days ago
        You don't need to think about this in a binary fashion. You can split your trust across multiple entities. Different clouds, different countries, or a mix of cloud and data centers you own.
      • ipaddr 362 days ago
        The cloud act ensures this
    • pyinstallwoes 361 days ago
      This breeds the familiar scenario where a group will start saying the link between the two is so clear that there must be a connection. Then you’ll get another group calling the first group conspiracy theorists, and say it’s just a coincidence of probability.

      Narrative control and information modeling is so powerful it’s scary.

      • jacquesm 361 days ago
        Post Snowden the first group has some formidable ammunition.
        • pyinstallwoes 361 days ago
          Now apply that to every other "conspiracy.."
          • jacquesm 361 days ago
            That's not how this works. Plenty of conspiracies are just that: idiots pretending they have special knowledge or that believe that behind everything that doesn't quite mesh with their worldview there is someone pulling invisible strings. Those people have a mental issue. The big trick is to be able to tell the two apart, not to categorically assume that because some conspiracies that had a whole bunch of evidence to go with them turned out to be true that all conspiracies, even those that have no evidence to go with them are true as well. That's just faulty logic.
      • sdiupIGPWEfh 360 days ago
        Now get yourself some half-decent psyops and contaminate the first group with supporting voices that emphasize weaker evidence, use poor logic, name-drop socially questionable sources, and go out of their way to sound ridiculous.
    • amluto 362 days ago
      …which is really weird. At least Google and Microsoft are quite outspoken about their in-house secure element technology.

      If nothing else, at Google/Amazon scale, I’d be concerned about a third-party HSM losing data.

      • jhallenworld 362 days ago
        It's not surprising because who wants to make their own FIPS 140-2 level 3 compliant key store device?

        Also, the Cavium one was the fastest one on the market the last time I looked at this. Thales, Safenet and IBM also had them..

        • amluto 362 days ago
          Google? Titan appears to meet FIPS 140-2 level 1.

          I find the levels bizarre. Chromebooks are highly exposed to physical attack. Keys in the cloud are not nearly as exposed. Yet people seem okay with level 1 for chromebooks but apparently want level 3 in the cloud?

          I’d rather see a level 1 or level 2 auditable cloud solution, with at least source available.

          • fireflash38 362 days ago
            Level 1 is pretty easy to meet IIRC. It's 2-4 that are hard, with pretty much no Level 4 certified ones on market I believe?
            • jhallenworld 362 days ago
              The IBM one for z was level 4 I think..

              Yes: https://www.ibm.com/docs/en/cryptocards?topic=4768-overview

              • amluto 361 days ago
                This is so weird. The idea of an adversary covertly walking off with an IBM Mainframe or covertly bringing an electronics lab, a microscope, logic analyzers, glitching hardware, etc to the aforementioned mainframe is rather strange. Whereas someone doing that to a phone or a laptop or a game console is very likely.

                If I wanted to store an important long term key in a secure facility, I would worry, first and foremost, about software attacks, attacks doable over a network, malicious firmware attacks, and maybe passively observed side channel attacks. Physical attacks would be a rather distant second.

                • gunapologist99 361 days ago
                  It's not weird.

                  The adversary will show up and badge in just like everyone else. They might have worked there for 20 years, or they might be an outside repair person or external consultant.

                  They will definitely fit in. They're supposed to be there.

                  It will be the most normal thing in the world. And you may never know their real purpose.

                • lazide 361 days ago
                  Evil maid attack applies to data centers too doesn’t it?
                  • amluto 361 days ago
                    Sure. But the attacker needs to actually get in, which is considerably harder than getting into a hotel room. But more relevantly, the kinds of countermeasures that get you from level 1 to a higher level don’t seem likely to help at all — if some evil-maids or otherwise fully compromises a machine hosting a FIPS 140-2 level 4 HSM, they likely get the unrestricted ability to perform cryptographic operations using keys protected by that HSM, but they get this by using the HSM’s normal API. If they can convince the HSM to export its keys to another HSM (oops) or to otherwise leak the key material, they get the key material. But this doesn’t seem like it has much to do with physical attacks against the HSM.

                    Now if someone evil-maid attacks the HSM itself, that’s a different story. Any good HSM should resist this, especially one found in a portable device. And this is because you can steal an entire important corporate laptop or other portable device without necessarily raising an quick alarm, whereas I have trouble imagining someone walking off with the HSM out of an IBM mainframe or with an AWS HSM without the loss being noticed immediately.

                    (To be fair, in the mainframe case, some crusty corporations seem to have a remarkable ability to fail to notice obvious crypto problems like their public facing certificates expiring. But a loss of an entire HSM from a secure large cloud datacenter will, at the very least, immediately trigger “elevated failure rates” or whatever they like to call it…)

                    • hulitu 361 days ago
                      > Sure. But the attacker needs to actually get in, which is considerably harder than getting into a hotel room.

                      It depends who is the attacker. There are countries (western democracies) where the police regularly "visits" datacenters.

        • bbarnett 362 days ago
          Gotta be better than Utimaco HSM cards. I've worked with them, and have issues with them throwing false low power alarms, and wiping for no reason.

          And tech support is horrible, incompetent.

          • jacquesm 361 days ago
            Wiping for no reason: that could well be a difference between the view of the firmware of the world versus your view and I guess they just decided to err on the side of caution?

            And low power alarms may well be a variation on that theme. Glitching the power supply has been a tool in the arsenal of reverse engineers for a long time so that sort of sensitivity may well make sense. Voltage spikes and drops can be very short, short enough for you not to see them on a DVM but on a memory scope with a trigger value set much lower than you might expect they'd show up with alarming regularity in some hardware that I've worked on. And that explained some pretty weird instability issues. Good power is rare enough that really sensitive hardware usually has power conditioning circuitry right up close to the consumer.

            • bbarnett 361 days ago
              Wiping for no reason: that could well be a difference between the view of the firmware of the world versus your view and I guess they just decided to err on the side of caution?

              No. I said I've been in touch with technical support, and the manuals, docs, and their support is clear. It should not be wiping, it has a backuo battery too.

              We've spent hours and hours testing, to validate the issue, and cause.

              They likely have a firmware bug, or bad board design. And we've seen this from cards from different batches, bought years apart.

              Their support is incompetent, and I say that with 30+ years of dealing with, and providing tech support. They fail to read tickets, and even spend (supposedly) weeks running tests, while ignoring vital data in tickets, and conveyed in support calls.

              They. Are. Incompetent.

              In terms of "issues with power", no. Not over dozens of servers, in different datacentres, and even just with the card at rest, out of server, on battery.

              Understand, their job is to provide stable. HSM cards are useless, if they randomly wipe when in use, while under power "just cause".

              I find it weird that you're playing devil's advocate here, describing how hard this is, this is an enterprise grade card, and people have been making reliable, and safe HSMs for decades.

              The problem is 100% them, their desogn.

              And even more so, their incompetent tech support.

              Did I mention their tech support is incompetent?

              • jacquesm 361 days ago
                Hehe, ok! Clear case of faulty product then. Thanks for the extra context.

                I'm not so much playing devils advocate as that I'm aware how hard making such devices is and the difference between 'user error' and 'incompetent staff/faulty product' can be hard to distinguish in a comment.

      • teepo 362 days ago
        Time to leverage IBM Cloud KYOK model. You need level 4 especially if you're using 3rd party: FIPS 140-2 Level 4 certified HSM

        https://cloud.ibm.com/docs/hs-crypto?topic=hs-crypto-faq-bas...

      • tgsovlerkhgsel 354 days ago
        In-house stuff is for security.

        HSMs are mainly for compliance, where a customer needs to check a regulatory box, because some rules says you must use a HSM. The more standard it is, the easier it is to demonstrate to the auditor that you've checked the box.

    • BlueTemplar 362 days ago
      [flagged]
    • milesward 362 days ago
      Not Google..
  • NelsonMinar 362 days ago
    For anyone wondering "what's the big deal" it's worth remembering the NSA has a bad track record of keeping their own hacking tools secure. https://en.wikipedia.org/wiki/The_Shadow_Brokers

    It infuriates me the NSA actively works to undermine American security. Their brief is to protect us, not plant backdoors and then lose the keys.

    • boffinAudio 361 days ago
      >It infuriates me the NSA actively works to undermine American security.

      It infuriates me that the NSA actively works to undermine International security.

      Seriously.

      • jokoon 361 days ago
        I believe they do this because most critical softwares are American, and as long as the NSA has better offensive capabilities, it's better for the NSA if international defenses are low.

        I don't think china or Russia really have good offensive capabilities, so as long as it is the case, this helps the US maintain some form of cyberweapon supremacy.

        As long as china or small black hats don't do harm, they will not raise security standards.

        • thewileyone 360 days ago
          So much projection when the US accuses China of backdoors ...
    • Aerbil313 361 days ago
      Hahaha. That “concern” is only for you guys in the US. I live in a state which has conflicting interests with the US.
      • unaindz 361 days ago
        So what if you are not in the US?

        If they manage to put a backdoor in any software or hardware you use you are affected. They could spy on you and trade that with your government or just lose the keys and now anyone can do it.

        PD:Also from outside US btw

      • guyonthewall 361 days ago
        [dead]
  • JanSolo 362 days ago
    The tweet seems to imply that the entire Ubiquiti Networks line of network hardware could be compromised. That's a shame; I was thinking of installing some in my house. I'm sure that Ubiquiti's customers will not be happy if they find out that the US Govt can access their private data.
    • andreasley 362 days ago
      I think at this point it's pretty safe to assume that all of the well-known network hardware is compromised.
      • tekeous 362 days ago
        I wonder if MikroTik would be compromised- they’re Latvian and don’t necessarily have to bow to the NSA.
        • HideousKojima 362 days ago
          I assume by default that any hardware from any NATO nation is compromised by the NSA and other Western intelligence agencies. I also assume that any Chinese or Russian hardware is compromised by their respective intelligence agencies. And I assume that the NSA and other Western agencies are constantly trying to get backdoors into Chinese hardware (and I assume the Chinese are trying the do the same to ours). You're basically screwed no matter what.
          • ok123456 362 days ago
            Buy products that are compromised by both, and let them battle it out. Sort of like the inverse of the plot of the movie hackers.
        • pizzalife 362 days ago
          There's been plenty of remote 0days in MikroTik's products. At one point people were paying a pretty penny for them.
          • somehnguy 362 days ago
            I think it’s worth noting that these vulnerabilities affected devices which had their management page open to the internet, which is universally known as a bad idea. At least the ones I’ve seen.

            There is a big difference between an exploit affecting all devices vs a subset which requires a specific not-best-practice configuration. Regardless, still good to be aware they exist.

        • chinathrow 362 days ago
          > have to bow to the NSA

          You don't have to bow in order to be compromised. You can be compromised without even knowing it.

        • ElectricalUnion 362 days ago
          Several MikroTik routers use marvel hardware underneath. So marvel might be compelled to backdoor the hardware for the NSA.
        • some_random 362 days ago
          Why would the NSA need to strong arm MikroTik to implement a backdoor when they can pay ~10k for an 0-day to do the exact same thing?
          • irreticent 362 days ago
            Because zero day vulnerabilities are usually patched when discovered by the vendor. They're completely different than an intentional backdoor.
        • paganel 362 days ago
          > they’re Latvian and don’t necessarily have to bow to the NSA. reply

          The majority (I'd say all) of the Eastern-European countries that are also NATO members do in fact bow to the US, and thus to the NSA/FBI/the Secret Service.

        • smolder 362 days ago
          MikroTik has come up in their slides before, yes...
        • lowkeyoptimist 362 days ago
        • greenie_beans 362 days ago
          i've always assumed they were the least secure of all my networking hardware
          • greenie_beans 361 days ago
            ah shit now i've outed myself to the fbi if they didn't already know this about my network
    • some_random 362 days ago
      In a world where local PD can kick my door in, shoot me in the face, and the news will report that I had it coming because I own a gun, I find it hard to care that the IC can burn a technical access backdoor to access my private data.
      • Aachen 362 days ago
        Integrated circuit?
        • davikr 361 days ago
          Intelligence community
          • Aachen 361 days ago
            TIL, thanks
      • cryptonym 361 days ago
        Whataboutism. Both are wrongs and concerning.
    • mrweasel 362 days ago
      I'm currently replacing my network equipment with Mikrotik, not because I believe it to be safer than Ubiquity, but because then at least it's made in the EU.

      But now I'm thinking: Is it better that the US is spying on me in Europe, vs. having EU governments do it? I feel like I'd be somewhat more safe from the US, compared to if my own government decides to spy on me. Maybe I should look into Chilean network equipment, I can't imaging that they'd have much interest in my online activities.

      • owenmarshall 362 days ago
        > But now I'm thinking: Is it better that the US is spying on me in Europe, vs. having EU governments do it? I feel like I'd be somewhat more safe from the US, compared to if my own government decides to spy on me.

        https://en.wikipedia.org/wiki/Five_Eyes

        > In recent years, documents of the FVEY have shown that they are intentionally spying on one another's citizens and sharing the collected information with each other, although the FVEYs countries claim that all intelligence sharing was done legally, according to the domestic law of the respective nations.

        So in practice, it's entirely irrelevant: your data will end up Hoovered up by someone, coated with a veneer of legality, and provided back to your government to act on (or not).

        Don't be too interesting to your government, I guess?

      • Freestyler_3 362 days ago
        Other countries spy on you and sell it to your own country.
      • manmal 362 days ago
        Europe doesn’t make that many chips (unfortunately), chances are high there’s US/Chinese components in there too. Since your network hopefully sees mostly encrypted traffic anyway (even if you're running Plex on the LAN, that should use SSL), I‘d be more concerned about HW in desktops, notebooks and tablets.
      • isykt 362 days ago
        I think in order to address this question, we need to know more about your threat model.

        Are you a journalist working in a sensitive/dangerous area?

        Do you often participate in discussions with dissident groups?

        Do you frequently access content that is illegal in your jurisdiction?

      • BlueTemplar 362 days ago
        In democratic countries we also have rights against (unjustified) spying by our governments. Sounds like a better long-term plan for everyone is to make them work. Especially when even the ideal equipment won't do much against metadata spying by ISPs and cellphone carriers...
    • ricktdotorg 362 days ago
      okay, so assuming the US gov can access my private LAN data due to my use of the Ubiquiti USG as router/firewall, USG wifi APs etc, of what form would this data exfiltration take? can we please explore/explain how this "compromise" would happen in real-life.

      if i were sniffing for outbound WAN traffic as root on the unix-like that the USG run, would i see the exfiltration traffic? or is this [supposedly/apparently] happening at a lower layer that an OS can't see i.e. some kind of BMC or BIOS layer?

      wouldn't such traffic also have to navigate the varieties/restrictions of DOCSIS etc? or are they also compromised?

      is the worst-case scenario here some kind of giant C2 network with waves hands tons of compromised lower-than-OS mini pieces of firmware exfiltrating data over waves hands compromised network providers hardware into the giant NSA AWS cloud?

      • lofaszvanitt 359 days ago
        Would be an interesting experiment to see what an oscilloscope sees on the wire vs what tcpdump records... There was a story somewhere on the net where someone complained thay they wanted to include a do not record payload parameter in tcpdump and couldn't get it through.
    • stephen_g 362 days ago
      Pretty sure only the EdgeRouter and some of the older Unifi Security Gateways use Cavium chips. Most of the newer stuff (like the Dream Machine line) I don't think are anymore. None of the Unifi APs did either I don't think (the U6 ones have Mediatek chips in them)
      • slau 362 days ago
        Annoyingly, the ER4 uses the Cavium Octeon III. I have a few of those in production.
        • stephen_g 362 days ago
          Yeah, I have one at home too, so I really want more detail on what the exploit is (I wonder if if is perhaps IPSEC specific, like an RNG flaw since they talk about VPN and encryption appliances, or it could be something to do with Cavium HSMs and unrelated to the network processors).
      • inferiorhuman 362 days ago
        Some of the EdgeRouter stuff (ER-Lite, ER-4) use Cavium SoCs. The ER-X uses a MediaTek SoC.
      • djangelic 361 days ago
        I recently upgraded my USG for a dream machine, glad it seems the upgrade was worth it.
    • RationPhantoms 362 days ago
      If you're not under the threat cone of nation state surveillance (like trying to exfiltrate the radar-asborbing paint formula on the F35) then I wouldn't be too concerned.

      "That's not the point! It's about privacy!"

      Sure. I'll choose it ignore the fact that our civilization is somehow still functioning in a post-nuclear world.

      • tinco 362 days ago
        It's not about privacy, it's about security. If there's a backdoor in a HSM or network interface, that backdoor can be used by others as well. That might start with foreign nation states, but might eventually leak to regular private persons or entities as well.

        A backdoor is an extra attack vector with often very unfavorable properties that you as a user are unaware of.

      • sschueller 362 days ago
        A Mann is being executed in Saudia Arabia for tweeting a negative tweet about the government to his tiny following. Not exactly someone who thinks they are a target of a nation state.

        [1] https://www.hrw.org/news/2023/08/29/saudi-arabia-man-sentenc...

        • RationPhantoms 362 days ago
          Not sure if this a joke but SA is the exact country I would expect to utilize spyware against its citizens.
          • MSFT_Edging 362 days ago
            With how good of friends SA is with the US, its likely all they need to do is ask nicely for some dirt on an alleged dissident.
      • isykt 362 days ago
        100% agreed. If you’re concerned about privacy, being tracked online by corporations is a bigger concern than the the NSA. If you’re the target of an NSA investigation, you’re already fucked. Changing your network equipment is not going to help.
        • Minor49er 362 days ago
          On the contrary, changing equipment may actually help quite a bit when dealing with the NSA. The 2016 documentary "Zero Days" which was centered around the creation of Stuxnet showed that the NSA targeted specific hardware models to look for security holes. They had to buy matching hardware themselves and rigorously try to break it which took time and wasn't trivial to do
          • isykt 361 days ago
            So you’re saying that no matter what hardware you have, the NSA will buy that specific hardware and take the time to break it.
            • Minor49er 361 days ago
              That's right. And I'm also saying that switching hardware will make the break attempts take longer
              • isykt 361 days ago
                And in the mean time, all my browsing, payment, and location data collected by corporate ad brokers got handed over to the NSA for just the cost of a letter.

                I don’t see the point in constantly changing hardware that I don’t even know is safe, just to prevent what will already happen.

                • Minor49er 361 days ago
                  You don't see the point in constantly changing hardware, but you have no problem with changing subject, I see. I would encourage you to give Zero Days a watch sometime
      • jimkoen 362 days ago
        > If you're not under the threat cone of nation state surveillance

        The average reader may be surprised by how far this cone can extend in some circumstances.

        It has been established that the NSA conducts industrial espionage [0], under the cover of national security [1]. To what degree the term "national security" narrows down the scope of any surveillance measures is likely unfamiliar to the laymen, but an NSA representative gave a short description on the agencies views to that regard in 2013:

        "The intelligence community's efforts to understand economic systems and policies, and monitor anomalous economic activities, are critical to providing policy makers with the information they need to make informed decisions that are in the best interest of our national security." [1]

        While it affirms that it does not steal trade secrets, the NSA reserves the right to pass on critical information about economic developments towards policy makers, who then can use this knowledge in their decision making.

        Notable examples of industrial espionage conducted by the NSA consisted of spying on EU antitrust regulators investigating Google for antitrust violations [1], alleged espionage of business conducted by brazilian oil giant Petrobas [2], international credit card transactions [3], SWIFT [4], and the infamous allegations of espionage against european defense company EADS [5].

        It's noteworthy that this short list only comprises cases that got attention of the media, the actual list of targets in europe was much higher, about 2000 companies in europe, many of them defense contractors.[5]

        So, to summarize, it may be much easier to fall into this cone, than one would assume. The agency is also at odds with it's own claims as this this excerpt from a Guardian article [2] clearly shows:

        "The department does not engage in economic espionage in any domain, including cyber," the agency said in an emailed response to a Washington Post story on the subject last month. [...] "We collect this information for many important reasons: for one, it could provide the United States and our allies early warning of international financial crises which could negatively impact the global economy. It also could provide insight into other countries' economic policy or behavior which could affect global markets."

        But he again denied this amounted to industrial espionage. "What we do not do, as we have said many times, is use our foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of – or give intelligence we collect to – US companies to enhance their international competitiveness or increase their bottom line." [2]

        To me these statements are mutually exclusive: How is providing policy makers with insights from foreign politics and possible industrial espionage (i.e. not necessarily actual technologies, but research objectives of foreign companies) not giving an advantage to domestic companies, if those policy makers act appropriately?

        [0]https://theintercept.com/2014/09/05/us-governments-plans-use... [1]https://www.cnet.com/tech/tech-industry/nsa-spied-on-eu-anti... [2]https://www.theguardian.com/world/2013/sep/09/nsa-spying-bra... [3]https://www.spiegel.de/international/world/spiegel-exclusive... [4] https://www.spiegel.de/international/europe/nsa-spying-europ... [5] https://www.theregister.com/2015/04/30/airbus_us_german_inte...

        • irreticent 362 days ago
          The NSA has been caught lying before (see: the Snowden leaks) so I wouldn't trust them to be forthcoming about their industrial espionage, if they are engaging in it. Of course they'd deny it.
        • p337 362 days ago
          > How is providing policy makers with insights from foreign politics and possible industrial espionage not giving an advantage to domestic companies, if those policy makers act appropriately?

          Let's imagine OpenAI was a Russian company operating mostly in secret. This RU OpenAI secretly discover and use GPT-4-like technology, and show promise that they are not done innovating. While these LLMs are often overhyped, these recent innovations no doubt present a policy issue, right? I'd say there are legitimate national security reasons to know about that technology, not just about making money or making a better product for cheap.

          The distinction being made is that the NSA may steal data related to this, but they aren't just giving it to Google to make Bard better. They are getting intel and giving lawmakers the tools to fund research, write policy, or whatever else our elected representatives deem beneficial. Any side action or under the table dealings would make this distinction meaningless of course. So, for the example above, if we started funding departments to research the threat of LLMs/AI, inform the public of the issue, and inform companies that their data is being pillaged to train AI... that is all very different from just stealing a cool new widget design and getting it to market first.

          I think there's no debating that this is morally gray, but I think it's a few steps off of what other nation states are doing by stealing tech and implementing it in "private" companies. It's certainly worthy of criticism, but I think it's unhelpful to bucket it with the other type.

          If the LLM example isn't your thing, it also makes a lot of sense for the NSA to steal information related to weapon/defense tech, even if developed by a private company, and even if we use what we stole to implement countermeasures. I can't honestly be morally outraged about invading the privacy of someone developing tools of war against you. Fwiw, I wouldn't blame Russia or China for trying this against the US gov or defense contractors either, but it's not like I'd be happy about it. My point is that that is not so much economic espionage or corporate espionage as much as it is just plain old espionage. It saves lives and protects American hegemony - which I recognize may be counter to many people's ideal situation.

          It's a nuanced thing. When you take two morally questionable things and reduce them down to both just being bad, the ones doing the worse things benefit. E.g. "all politicians lie" is a handy phrase for truly corrupt politicians because the ones who make small mistakes or half-truths are in the same bucket as them, and the outcome is apathy for the issue rather than being upset at all of it. Kinda the classic whataboutism trope - not to imply you are doing that, but just to say that's where it often leads.

          • jimkoen 362 days ago
            So we're evaluating the US policy on international espionage on constructed examples now?

            > Let's imagine OpenAI was a Russian company

            Nevermind that they're not and that Russia can't currently develop these models, due to lack of silicon. All targets I mentioned, with the exception of the brazillian oil company we're in european states, at the time (and still!) closely allied with the US.

            > The distinction being made is that the NSA may steal data related to this, but they aren't just giving it to Google to make Bard better.

            How would you even know at this point? Who controls the NSA? There haven't been any leaks since the Snowden revelations and there likely won't ever be any again, since Snowden could only make his move due to some misconfigured/outdated network quota control software.

            Hell you can't even FOIA information about these policies, and agencies will go so far to withhold evidence in court when it concerns espionage! And soon as a court case involves this information, the court recedes from the public and is held in secret.

            My hostility against US policy is by no means anywhere above the european average, but when it comes to public statements about surveillance, I have no reason to trust the US Government. The Bush administration has proven that it is possible to flout the US constitution on a massive scale with just 10-12 people. At this point I can't blame people putting forward some crazy conspiracy theories about the deep state or qanon, because the US gov has given no indication to be believably concerned about compliance with their own laws.

      • runeofdoom 362 days ago
        And if you are in a position where nation-states are a likely adversary, you'd best assume that all commerically available hardware is compromised.
      • slackfan 362 days ago
        Sure. See you in the gulag, comerade
        • MSFT_Edging 362 days ago
          Gulag is just Russian for prison.

          The US currently has about 1.2M people in their gulags, comrade*

          • slackfan 362 days ago
            Гулаг (gulag) is the acronym for "Гла́вное управле́ние исправи́тельно-трудовы́х лагере́й" which translates to "Head management office of correctional work camps". And if you're going to go for all incarcerated, the number is actually somewhere in the 2.1mil range in the US, because hey, jails are a thing.

            Sorry that you're wrong on all three points.

        • RationPhantoms 362 days ago
          Oh please, the United States is so incredibly armed, my death will likely come at the hands of some misplaced right-wing militarized fascist group performing mass murders under the guise of "Freedom" and "A return to the constitutional purity of the US".
          • digging 362 days ago
            I mean, that more or less describes most police departments in the country. And they are spying on you.
          • slackfan 362 days ago
            I've been promised that that was going to happen any day now since the wrong person got elected back in 2000. Nearly a quarter century on I am beginning to suspect that somebody was overstating something, I can't quite put my finger on what though...
          • salawat 360 days ago
            You... could defend yourself you know.

            Cuts both ways.

        • cpursley 362 days ago
          Comrade is of Latin origin. In Russian, tovarisch is the correct term. At least get it right if you're trying to be edgy.
          • slackfan 362 days ago
            Sounds like I hit a nerve?
    • hedora 362 days ago
      So, Marvell bought the company that backdoored all my Ubiquiti gear.

      Since it was never working as advertised, do I contact them or Ubiquiti to get my refund / warranty replacements?

      • snoman 362 days ago
        It’s an interesting thought experiment to wonder if consumer protections extend to defects from state sponsored acts of espionage.
    • ilyt 362 days ago
      Flashing openWRT on some boxes is probably your best bet;

      Or, alternatively, treat your LAN/WiFI like public internet and don't send anything unencrypted thru it

      • wil421 361 days ago
        Unifi lets you flash custom firmware? I thought they started singing all firmware years ago to stop it.
    • Astronaut3315 362 days ago
      Some specific Ubiquiti gear uses Cavium SOCs, but certainly not all. The UDM Pro uses an Annapurna Labs SOC and my old EdgeRouter-X was Mediatek.
      • sneak 362 days ago
        Unifi stuff auto updates from the vendor, which is subject to US law.

        The SoC manufacturer is irrelevant.

        If the USG wants in, it's just a click away in any case.

        • pvg 361 days ago
          If the USG wants in, it's just a click away in any case.

          What's a legal and practical mechanism the US Government could use to do this? In almost any number of clicks, never mind one.

    • blueridge 362 days ago
      I was also going to move to Ubiquiti but decided to go with Peplink instead based on recommendations from: https://routersecurity.org/

      https://www.peplink.com/products/balance-20x/

      • locusm 361 days ago
        Had never heard of Peplink till now - their modular stuff looks useful.
    • drexlspivey 362 days ago
      Trying to understand what crypto is the network hardware itself performing? TLS is end to end, even if you run a VPN on the router the keys were not generated there probably
      • slt2021 362 days ago
        crypto doesn't matter if chip itself has backdoor that will grant root access on some "magic" packet
        • dna_polymerase 362 days ago
          Crypto matters for exactly this reason. All my internet traffic passes through unsafe middle-boxes, it is TLS and DH that make sure I can pass through untrusted middlemen without them knowing what is going on.
          • slt2021 362 days ago
            Cavium chips are installed on security appliances (lol): think Palo alto firewall, fortinet firewall, F5 Big-IP etc.

            they will see your traffic in plain text by design

          • irreticent 362 days ago
            If everything is encrypted then you're safe... until you decrypt the data on a machine with a backdoored CPU.
    • sneak 362 days ago
      Ubiquiti is all cloud based. If the government wants in to your auto-updating ubnt hardware, it's just a simple court order away. They don't need a backdoor.
      • stephen_g 361 days ago
        That's part of the reason I've started moving away from their routers - I still have an Edgerouter but never went to the Dream Machine or USIP routers. At the moment the OPNSense appliances [1] which are made by the company that sponsors the fork (Deciso B.V.) are my pick for that. They're an EU company, and the thing runs fully open source software on a commodity embedded AMD chip.

        I'm still using the access points, since I can run my own controller still, either virtualised in a container or VM, or a raspberry pi and you don't have to connect it to the cloud. I haven't found anything better, TP Link seem to have some interesting looking stuff but I worry about the security given they're based in Shenzhen...

        1. https://shop.opnsense.com/product-categorie/hardware-applian...

      • anderiv 362 days ago
        It may be auto-updating by default, but that can be trivially disabled. Likewise, their cloud connectivity/management is optional. I'm running without issue multiple air-gapped Ubnt networks using their self-hosted controller software.
        • sneak 362 days ago
          If it's airgapped, what do you care about it being backdoored?
          • lofaszvanitt 361 days ago
            Airgapped doesn't necessarily mean it can't be accessed remotely...
            • sneak 361 days ago
              That's literally and precisely what it means.

              Perhaps there is some new watered down usage (like what happened to "literally" or "bricked") but that is precisely why people use the term "air-gapped" - to denote networks with PHYSICAL separation from other means of access.

              (Of course, if you connect an AP, it's no longer air-gapped."

              • lofaszvanitt 359 days ago
                All your computers are plugged into the mains for electricity... Always, always the thing that's ubiqutious is the perfect entrance for the oppressors, since noone suspects anything about those innocent things.
        • fyloraspit 362 days ago
          Yeh but it is still closed source, no? I guess if it is air gapped that could be fine, but we are talking mid level network gear here, so for 99% of its use, it isn't air gapped. It is enabling broader connectivity. So you would have to trust the closed source software at some point.
      • locusm 361 days ago
        Yes, but you can host & run your own controller from anywhere.
    • tltimeline2 362 days ago
      wasn't ubiquiti totally compromised in that breach a couple of years ago?
      • tristor 362 days ago
        No. It turns out that breach was faked, effectively. It was done by manipulating Brian Krebs. He's since issued a mea culpa (although a somewhat weak one): https://krebsonsecurity.com/2022/08/final-thoughts-on-ubiqui...
      • stephen_g 362 days ago
        That was an insider trying to extort the company by pretending to be an outside hacker. He then posed as a whistleblower to try and throw investigators off the trail.
    • colordrops 362 days ago
      Ubiquiti has many other problems besides this. The worst is their vendor lockin, where even basic network operations are not possible if you happen to have any non-ubiquiti hardware in your network. You should stay away.
      • tssva 362 days ago
        I have a mix of Ubiquity and non-Ubiquity equipment and have no problem achieving not only basic but fairly complex networking operations.
      • Freestyler_3 362 days ago
        I ran UBQT hardware with mikrotik router and third party firewall. UBQT replaced old frankenstein hardware that had the worst channel management etc. Everything got so much better, customers issues dropped to almost zero (sometimes was hundreds of issues a day) We always had other vendor for part of the network, and that had no impact.
      • georgebashi 362 days ago
        Can you provide an example of this issue? This has not been my experience.
        • colordrops 362 days ago
          People are misinterpreting me, thinking I mean that it's not even possible to intermingle equipment. That is not the case.

          The specific issue I ran into was that I had a non-ubuiqiti router and AP on my network, and there was absolutely no way to set firewall rules on the Ubiquiti gateway for any clients connected through the non-ubiquiti equipment. This should obviously not be a problem. The gateway provided those clients IP addresses through DHCP and they are in its ARP table, so it should be supported.

  • rdtsc 362 days ago
    They are now part of Marvell Technology https://en.wikipedia.org/wiki/Cavium

    Wonder if agreeing to enable NSA backdoors they agreed to be compensated when eventually that fact is leaked. "If nobody starts buying your chips, don't worry, we will! ... and then promptly throw them into the recycling bin"

    Also interesting is if Marvell knew their acquired tech had this "cool feature".

    • rvnx 362 days ago
      The agreement with the NSA is more likely like this: "if you don't comply, you will get arrested / fined for whatever reason (crypto exports issues or failure to comply with the law), maybe even by another authority, or journalists may discover your little things about X.

      If you comply we may help you with some tips occasionally to make sure our partnership is working well, or just not reveal your trade secrets to your competitors"

      • bananapub 362 days ago
        er...what? why do you think any of that has happened?

        we already saw this happen in public once with Qwest: https://www.eff.org/deeplinks/2007/10/qwest-ceo-nsa-punished...

        • hedora 362 days ago
          It’s happened at least three times. They got Yahoo’s CEO to [bypass SOX compliance and] hand over access to 500 million email accounts. Last I heard, she said they convinced her she wasn’t allowed to ask corporate lawyers for guidance.

          https://www.theguardian.com/technology/2016/oct/04/yahoo-sec...

          Both she and Yahoo’s shareholders suffered greatly for complying.

          There’s also Crypto AG, which was a foreign-owned CIA front that spied on US allies:

          https://www.theguardian.com/us-news/2020/feb/11/crypto-ag-ci...

          The Washington Post article is now bullshit-walled, but goes into more details.

          One of my favorite parts of the story is that the intelligence agency handlers needed to make sure they only hired incompetent / mediocre engineers and mathematicians at the actual company (algorithm and backdoor design was done at a US government agency that employed competent people).

          One day, a brilliant woman applied for a job. She aced the interview, and there were concerns she might be too smart, but upper management hired her on the grounds that the interview results were probably spurious. She was just a woman, after all.

          She ended up exposing and fixing their backdoors pretty quickly, which caused a huge containment problem for them.

          • dylan604 362 days ago
            > Last I heard, she said they convinced her she wasn’t allowed to ask corporate lawyers for guidance.

            To me, anyone purporting to be an official government employee advising you that you cannot speak to an attorney throws up so many red flags, that I just can't imagine it being anything but sinister.

            • hedora 362 days ago
              If an official government employee is already apparently breaking the law and also threatening you personally, you need to ask yourself whether they'll worry about continuing to break the law in order to make good on their threats.

              Note that none of the people that coerced Mayer into breaking the law have been disciplined or even named, so I guess they didn't need to worry about such things after all.

              I've heard EFF and corporate lawyers advise people to never speak to law enforcement under any circumstances. The reason is that the police are allowed to lie about their intentions and the facts of the case, and if you say something that is incorrect, you can be prosecuted for lying to them.

              So, for example, they can spew a bunch of lies and trick you into incorrectly speculating ("Since Jim was waving that gun at you, then I guess he really did buy it after all"), and then later, you need to prove (probably without the benefit of a recording) that it should have been clear to the officers that it was just speculation, or you go to jail.

              Their advice boiled down to politely and repeatedly respond with "I want my lawyer". At least one court has ruled that failing to respond at all to a question (even after repeatedly asking for a lawyer) means that you're now responding (perhaps with body language) and the interrogation is therefore admissible.

              • zzo38computer 362 days ago
                It is they will need to make the police not so bad.

                Make it illegal for police to lie about their intentions and the facts of the case (although perhaps they should be permitted to hide some of the facts of the case (although they cannot hide what you are actually accused of, or anything like that, if they are actually arresting you (since otherwise they should have no authority to arrest anyone)), and anyone (whether police or not) should always be permitted to claim "I don't know").

                If you lie (or make a mistake) to the police while you are being interrogated, that should not be illegal (although making a false police report (while you are not being interrogated) would still be illegal).

                Furthermore, any claim they make that, if valid, would not authorize them to do what they are doing to you, makes what they are doing illegal in that instance. For example, if you ask them if they are police and they say they are not police then they have no authority to arrest you (although they can still make a citizen's arrest (for situations where that is permitted, so, not necessarily all of the things that the police might arrest you for), or to call some of the police other than themself (using the methods that ordinary people would use, not the ones reserved for police), etc.

                This isn't even half of enough to fix the problems with police, but it is a start.

          • bananapub 361 days ago
            what on earth does Crypto AG have to do with this subthread?

            they apparently just happily sold themselves to German and American intelligence.

        • AdmiralAsshat 362 days ago
      • delfinom 362 days ago
        Yea, people forget we literally have a secret kangaroo FISA court being abused to issue "national security letters" with rubber stamp that demanded compliance and threatened to throw you in jail for resisting and/or talking about it. The Patriot Act largely was responsible for it, but even now they've wiggled to other avenues since the Patriot Act expired.
    • KingLancelot 362 days ago
      [dead]
  • nonrandomstring 362 days ago
    Another tragic blow to the environment and economy.

    We treat these stories as if they were simple matters of politics and tech. But the blast radius is huge. When this happened to Cisco, and their value dropped to about 7% of the market they created, I passed massive dumpsters of Cisco gear in the car park, prematurely torn out of racks and consigned to crushing as e-waste.

    Has anyone done a serious cost analysis of just how hard this hits? If a foreign entity sabotaged our industry this way we'd take the battle right to them.

    • chillbill 362 days ago
      [dead]
    • hnthrowaway0315 362 days ago
      Where can I find dumpsters of Cisco gears? I guess they are good targets to hack on.
  • perihelions 362 days ago
    How the NSA successfully manage to prevent the Washington Post and friends from discovering and reporting on this malicious backdoor? They've been sitting on these documents for a decade. Are the journalists just that *uncurious* about the deep contents of the documents they hold exclusive access to? Was this some kind of organizational failing?
    • michaelt 362 days ago
      I suspect when a trove of documents is big enough, newspaper readers lose interest before you run out of documents. I mean, even on this tech forum hardly anyone knows who Cavium are, let alone your average Washington Post reader.
      • elif 362 days ago
        Maybe the moral of the story is that future snowdens should leak to selected law firms instead of selected journalists? If there's one organization designed to comb through large documents for details and understand the impacts to potential parties, it is law organizations. Put 2-3 in time competition to make cases out of the documents and it will be a scramble race for justice.
        • hcurtiss 362 days ago
          Law firms aren't terribly entrepreneurial. Absent somebody paying them their hourly rate, I suspect not a single document would be read. Newspapers regularly take risks deploying humans to investigate issues without any assurance there will be a story at the bottom, but even the newspaper business has less appetite for that these days (as an aside, I suspect it's that margin that the financial investors have exploited -- at the expense of high quality reporting).
          • hammock 362 days ago
            >Law firms aren't terribly entrepreneurial.

            Personal injury guys are the most entrepreneurial people I know...

            • kube-system 362 days ago
              And they make money by going after low-hanging fruit. Ever wonder why they advertise 90%+ success rates and work on contingency? Because if your case isn't easy, you aren't their customer.
              • hammock 362 days ago
                If you are injured in a car accident and the insurance company is trying to screw you over, they seem like an important advocate
            • thewildginger 362 days ago
              That's why other lawyers call them ambulance chasers. Their ethics are notoriously questionable.
              • asveikau 362 days ago
                More importantly, there's money out the other end for them. The payoff is more questionable for information from Snowden leaks. Yes, I guess a journalistic outlet can get a big scoop and that drives eyeballs which leads to advertisers... But that's pretty different from the ambulance-chaser payout.
              • iinnPP 362 days ago
                We're such a weird society when it comes to enforcing laws on business. It's all "scummy" behavior.

                For examples: Accessibility laws, consumer protection laws, and privacy laws.

                It's a trivial matter to determine which websites don't comply with the easy targets of accessibility. Yet the concept of running such a scanner, automatically, and charging for corrections, is seen as predatory behavior.

                There was an article about grocery pricing with obvious collusion, dark practices, and misinformation yet nothing is done. Business as usual, people need to understand it and work around it. Problem is, it's clearly outside the realm of the average intellectual ability.

                Predatory behavior is everywhere. I don't feel compelled to list even a single example.

                If the lawyer chasing the ambulance results in a law being followed instead of ignored, that is a positive thing.

              • ChrisMarshallNY 362 days ago
                …and patent trolls…

                Just Sayin’…

        • cbsmith 362 days ago
          You'd be surprised. Top journalism organizations do this kind of thing with tremendous efficiency. The Pandora Papers were impressive for exactly that reason.
        • shortrounddev2 362 days ago
          I can't imagine there's any money in it for them
        • yieldcrv 362 days ago
          All the big leaks should be done this way

          The Ashley Madison leaks should have been one name a week and making it a big spectacle till this very day!

          Same for the Snowden leaks

          you can also get bigger bidders for the data by drumming up interest and suspense

          hackers really suck at marketing, so far.

          • ipaddr 362 days ago
            Then your risk identifying yourself in the Ashley Madison leak. You run the risk of not getting your message out in the Snowden case. The biggest threat is future publishing which is why so many countries broke laws made up charges going after Wikileaks.

            A wikileak revival scares the most powerful

      • akira2501 362 days ago
        > newspaper readers lose interest before you run out of documents

        So.. what's your case here? It would be so expensive to host and publish the documents that they would be unable to recoup their investment based upon lack of interest?

        > hardly anyone knows who Cavium are, let alone your average Washington Post reader.

        Oh.. I don't know.. maybe that's because no one has reported on it and explained why it would be important?

        There's a lot of circular reasoning present to create excuses for an entity that really doesn't need or deserve it.

      • ormax3 362 days ago
        sounds like something LLMs can help with, sift through huge amounts of documents to summarize and highlight the interesting ones
        • jstarfish 362 days ago
          If only. The biggest problems right now are limited context size and basic security, including having to share such documents with God-knows-how-many third parties.

          Tangent, but we use Azure instead of OpenAI due to data-retention concerns. To ensure nobody's inputting anything classified or proprietary, Legal demanded implementation of an "AI safety" tool...so we demoed one that ships all prompts to a third party's regex-retraction API.

          So you never know who ends up the recipient of your LLM prompt, where it's getting logged to, who's reviewing those logs, etc. Even some local models require execution of arbitrary code, and Gradio ships telemetry data. Uploading Snowden's docs into a black box is a good way to catch a ride in a black van.

          • ormax3 362 days ago
            Nowadays even consumer-level hardware can run some decent local LLMs, completely offline.

            You might want to browse /r/LocalLLaMA/ if "security" is an issue for you.

    • KaiserPro 362 days ago
      The snowden leak was huge and reverberated for weeks. There were lots of followups.

      However at the time it was the more sexy things like tapping google's fibre and backdoors in cisco's kits that were more interesting. This is because the public could understand those things and therefore it sold papers.

      The difference between "cisco, dell and many other leading manufacturers shipped backdoors in their kit" and "cavium the small provider you've not really heard of" is large.

      Most people reading the snowden stuff will have assumed that the NSA had put in backdoors to most things.

    • some_random 362 days ago
      Snowden leaked a shit ton of documents, the vast majority of which had absolutely nothing to do with any kind of NSA wrongdoing. Journalists then had to go through and try to figure out what these documents actually meant (which they frequently misunderstood). Obviously they're still doing it to today.
      • c7DJTLrn 362 days ago
        >Snowden leaked a shit ton of documents, the vast majority of which had absolutely nothing to do with any kind of NSA wrongdoing

        Like how NSA collects a shit ton of data on citizens... the vast majority of which has absolutely nothing to do with any kind of wrongdoing.

        I'm only pointing this out because your comment has a negative tone towards what Snowden did.

        • freedomben 362 days ago
          I didn't read anything negative in there. GP might have been negative but I don't think there's enough to tell just from the post
        • sheepshear 362 days ago
          Making a strawman argument doesn't point anything out.
      • mindslight 362 days ago
        As a general rule when criminal conspiracies are taken to task, they don't retain a right to privacy for their communications that aren't about the criminal conspiracy. Rather it all comes out in court. I understand why Snowden released the way he did, and given how it kept attention on the subject for longer than Binney/Klein it was probably the right call. But there should have also been an escrow/intent to dump the whole trove raw after some time period.
        • 0xDEF 362 days ago
          >As a general rule when criminal conspiracies are taken to task, they don't retain a right to privacy for their communications that aren't about the criminal conspiracy. Rather it all comes out in court.

          That doesn't seem to be true. There are many court cases involving criminal conspiracies where you cannot find unrelated information about the involved people.

          • mindslight 362 days ago
            "in court" may have been a bit too strong, but police do generally have carte blanche to the entirety of someone's private life. For most people the police show up, confiscate anything that might possibly be evidence, damaging it or at least denying its use for several years. Never mind what happens to people, who often get arrested first and then sorted out later.

            Due to the severe corruption of our institutions, the investigators in this case are the public. A time period of a decade is more than enough time to recall all the HUMINT assets that might be harmed by such disclosure.

        • some_random 362 days ago
          Do you really think the entire American IC is a "criminal conspiracy", or are you just trying to justify the fact that Snowden is an angry and vindictive sharepoint admin who simply dumped everything he had access to without regard for what was actually in those documents?
          • mindslight 362 days ago
            Yes. By the straightforward standards that non-governmental criminal conspiracies are prosecuted, a large chunk of the NSA is engaged in a criminal conspiracy. We don't hold back on prosecuting other criminal conspiracies just because their associations produce other results like financially supporting their communities and coaching their kids' soccer teams.
          • wnoise 362 days ago
            The only way they're not is by the Nixonian "when the President does it, that means it's not illegal" standard.
    • denton-scratch 362 days ago
      I don't think the journos were lazy, and I don't think there was an organisational failing. The Guardian, in particular, evidently fell out with Snowden and his collaborators; they turned on him. I assume that was coordinated with Washpo and Spiegel. That is: I think there was a decision made, to stop publishing information from the Snowden trove.

      I don't know what the reason for the betrayal was. I'm pretty sure Alan Rusbridger knows though. He resigned as Editor-in-chief shortly after these events.

      I don't get why whistleblowers rely on newspaper publishers to unpack their leaks for the public; it's not as if the press are known for either their honesty or their scruples.

      • jstarfish 362 days ago
        > I don't get why whistleblowers rely on newspaper publishers to unpack their leaks for the public

        They have an interest in drama and a platform to publish on.

    • miguelazo 362 days ago
      Are you kidding? WaPo serves the intelligence community.

      >After creation of the CIA in 1947, it enjoyed direct collaboration with many U.S. news organizations. But the agency faced a major challenge in October 1977, when—soon after leaving the Washington Post—famed Watergate reporter Carl Bernstein provided an extensive exposé in Rolling Stone.

      Citing CIA documents, Bernstein wrote that during the previous 25 years “more than 400 American journalists…have secretly carried out assignments for the Central Intelligence Agency.” He added: “The history of the CIA’s involvement with the American press continues to be shrouded by an official policy of obfuscation and deception.”

      Bernstein’s story tarnished the reputations of many journalists and media institutions, including the Washington Post and New York Times. While the CIA’s mission was widely assumed to involve “obfuscation and deception,” the mission of the nation’s finest newspapers was ostensibly the opposite.

      https://www.guernicamag.com/normon-solomon-why-the-washingto...

      • pxc 362 days ago
        The WaPo is relentlessly pro-US and pro-'intelligence community' in its writings today, too. It's transparent. Idk how it could be missed, even without knowing the history. Just read a couple articles about contemporary whistleblowers or US involvement in the Syrian civil war or the war in Ukraine or whatever.
        • mcpackieh 362 days ago
          > It's transparent. Idk how it could be missed,

          Support or criticism for the intelligence community became very partisan during Trump's campaign and presidency. Once something like this becomes partisan, the average political creature loses some degree of rationality for it. The IC becomes patriotic good guys, stalwart defenders of American democracy standing up to fascism; their past and present malfeasance goes unnoticed, forgotten, or simply ignored. This is how the WaPo's relentless pro-IC stance could be missed; they've been telling a lot of people what they want to hear and all people are less critical and suspicious of things that support their biases and prejudices.

      • wsc981 362 days ago
        There was also a German ex-journalist (dr. Udo Ulfkotte) who wrote a book about how journalists (in Germany and EU I suppose) are “bought” by intelligence agencies like the CIA:

        https://www.amazon.in/Journalists-Hire-How-Buys-News/dp/1944...

      • StillBored 361 days ago
        I personally had my eyes opened during the run up to the Iraq war in 2022. Pretty much every single news org with national recognition seemed completely incapable of the smallest amount of critical thought. They would basically parrot the whitehouse/etc press releases, and never question a single thing in them.

        So, the behavior you point out is enabled by politicians who show such bad judgment in such a critical area, and yet few if any lost their positions over their votes. I personalty have been wondering for the past few years how many of our leaders are actually there of their own accord, rather than put there by various backroom cabals of business leaders and intelligence (foreign and domestic) agencies that want to put their thumbs on the scale with a representative or dozen. How would you ever know, except by their behavior.

        • miguelazo 361 days ago
          Not sure if you meant 2002 instead of 2022 or Ukraine instead of Iraq. Either works!
      • stephen_g 361 days ago
        This happens a lot. I've read stories too about British journalists being cultivated by their intelligence services to make sure that the leaks they want to be published get published and the leaks they don't want published don't.

        There's a lot of pontificating about the virtuous, important, selfless job journalists do, but when they're manipulated to such an extent not just by the Government and intelligence agencies but also by their corporate sponsors... It's hard to not be a bit cynical...

    • pangolinpouch 362 days ago
      Our media companies are rife with intelligence agents. Corporate / State media has no incentive to make you the wiser.
      • ekianjo 362 days ago
        > Our media companies are run by intelligence agents

        Fixed that for you

      • hangonhn 362 days ago
        It's quite a bit more subtle than that. News organization have their sources that are in the intelligence community. They use each other. Sometimes the journalist wants to use their sources for information. Other times their sources feed them disinformation disguised as information. Other times they want a back channel to leak some real information but can't be seem as coming from a government source. Being a good journalist is hard and often doesn't pay very well.

        I'm often remind of PG's essay on corporate PR and the media: http://www.paulgraham.com/submarine.html

        • the-dude 362 days ago
          I have no sources at hand, but I understood the FBI/CIA is embedded within every major news org in the US.
          • Clubber 362 days ago
            The twitter files showed government agencies were coercing Twitter into suppressing information. I would find it hard to believe they don't also coerce at newspapers, particularly with the cozy relationship they already have with "anonymous sources" from said agencies.
            • throwawayq3423 362 days ago
              > The twitter files showed government agencies were coercing Twitter into suppressing information.

              They very much did not. Twitter's own lawyers when pressed in court (the place where there are consequences for lying) admitted that nothing in the "Twitter Files" cited by Donald Trump actually show that the social media platform was a tool of government censorship.

              https://storage.courtlistener.com/recap/gov.uscourts.cand.38...

              • Clubber 361 days ago
                The 5th circuit court of appeals found that there was coercion. Read the first 5 or so pages and the last 5 or so pages, specifically that it upheld the unconstitutionality of provision 6 and at the end it lists the offending agencies.

                https://www.ca5.uscourts.gov/opinions/pub/23/23-30445-CV0.pd...

                • throwawayq3423 361 days ago
                  > So, the district court reasoned, the Plaintiffs were “likely to succeed” on their claim because when the platforms moderated content, they were acting under the coercion (or significant encouragement) of government officials, in violation of the First Amendment, at the expense of both private and governmental actors.

                  You are moving the goalposts. First it was "gov policing speech" which there was no proof of. Now it's "gov coercion/encouragement" which is entirely up to how you subjectively interrupt what interactions occured.

                  Which fine, lets go over the facts. Any exchanges of information were voluntary, at times set up under the initiative of social media companies themselves, and the vast majority of instances of mis/disinfo flagged by the gov were not acted upon by platforms. Social media companies could have stopped talking to the gov at any time (a few did), and they didn't have to act on anything.

                  Not exactly the picture of an authoritarian government policing speech. The Twitter Files were set up as an exercise in confirmation bias for people that believe gov was censoring speech (and targeting them), which is why they disappeared so quickly when a lack of proof was highlighted in court. It served its purpose.

                  • throwawayq3423 361 days ago
                    Reading this document, it's in extremely bad faith:

                    > We start with coercion. On multiple occasions, the officials coerced the platforms into direct action via urgent, uncompromising demands to moderate content. Privately, the officials were not shy in their requests— they asked the platforms to remove posts “ASAP”

                    The ASAP was in reference to a case of revenge porn, something not only against the Twitter TOS, but illegal.

                    > When the platforms did not comply, officials followed up by asking why posts were “still up,” stating (1) “how does something like [this] happen,” (2) “what good is” flagging if it did not result in content moderation, (3) “I don’t know why you guys can’t figure this out,” and (4) “you are hiding the ball,”

                    Again, this was in reference to illegal content (iirc an OFAC sanctioned entity not only posting content but making money off it). Using such language when a private company isn't following the law isn't "coercion for censorship".

                    This reads like a political document by partisan lawyers. This document makes no attempt to distinguish between actually illegal content and suggested violations of TOS (such as when spreading COVID disinfo was against Twitter's rules, which it no longer is). It provides no context for how this "coercion" was mostly civil servants either pointing out violations of Twitter's own rules, or federal crimes. Either way, inaction was baffling, as communicated.

                    But, again, the mere fact that Twitter ignored so much of this, so often, proves they clearly didn't feel the need to respond to gov requests as if they had to.

          • throwawayq3423 362 days ago
            We live in a world where people believe things with no proof (therefore with no reason), but a little humility and less certainty might benefit the conversation.
          • ganoushoreilly 362 days ago
            Wait until you realize their footprints on Wallstreet, many of which openly admit their former employment.. Once a company man always a company man.. or something.
    • rdtsc 362 days ago
      WP is a very close ally to the government agencies in general. That's where it gets those juicy "anonymous government sources claim ..." news. If WP all of sudden wanted to prevent democracy from dying "in darkness" as their motto says, it would mean to start digging a lot harder going against the government as a whole. Don't think they are prepared for it.
    • 45y54jh45 362 days ago
      Well yes, why do you think the noise died after the initial hype of Snowden leaking the docs? Do you honestly believe the mechanisms of for-profit journalism lets journalists be journalists? They got to eat and in this world you don't eat by covering yesterdays news.

      NSA didn't have to lift a finger. Wait a few weeks and people move on to the next story, this should not be a shocking revelation to anyone.

      • ben_w 362 days ago
        The British intelligence agencies forced the Guardian to literally shred the laptop with the contents while they were in the swing of running headlines about the things it was revealing.

        While the USA and the UK are different, I suspect there was a bit more difficult for the NSA than "didn't have to lift a finger".

    • boomboomsubban 361 days ago
      According to Appelbaum, the person publishing these new leaks,

      >Primarily these documents remain unpublished because the journalists who hold them fear they will be considered disloyal or even that they will be legally punished

      Whether that's true I can't say. But as a reminder, despite constant claims that Assange is being extradited over hacking charges, something like 17 of his 18 charges are over publishing documents.

    • erdos4d 362 days ago
      WaPo, NYT, et. al. are tied to DOD and the intel community. They are the anonymous sources that provide many of their story ideas as well as quotes and sourcing. That doesn't come for free.
    • drak0n1c 362 days ago
      Closed orgs can take years to find what takes an open source crowd mere days. Regardless of organizational competence.
    • ramesh31 362 days ago
      >How the NSA successfully manage to prevent the Washington Post and friends from discovering and reporting on this malicious backdoor? They've been sitting on these documents for a decade.

      Washington Post -> Bezos -> AWS -> Cavium

      Pretty simple to understand, really.

    • londons_explore 362 days ago
      I personally suspect that security services visited the newspapers a few days after the leak [1], and ever since then, every article has been about stuff that wouldn't be a surprise to rival security services.

      Sure - it was a surprise to the public. But rival security services I'm sure would expect US controlled backdoors in US made technology.

      [1]: https://www.theguardian.com/uk-news/2014/jan/31/footage-rele...

    • PKop 362 days ago
      Some of them are deputies for the state. State-run-media, or Media-run-state, whichever you prefer.

      The FBI and CIA had agents inside Twitter and Facebook. Of course they have them inside news agencies as well. Part of it over time is access-media, the ones that play ball get the stories and info, the others get weeded out.

      • throwawayq3423 362 days ago
        The casual nature of stating a completely impossible conspiracy theory has been common place online for years, HN news used to be immune.

        It's illegal for FBI or CIA to actively target a US company. Anyone doing so would be fired for cause.

        • logicchains 362 days ago
          It's illegal to lie under oath to Congress, did James Clapper go to jail? It's illegal to sleep with underage girls, how many people on Epstein's client list went to jail?
          • throwawayq3423 361 days ago
            So, rank and file gov employees will risk their jobs to break the law because powerful people away with it, why wouldn't they?

            Does that make sense to you? It doesn't to me.

    • luxuryballs 362 days ago
      that moment you realize “democracy dies in darkness” is a mission statement
    • kome 362 days ago
      mainstream journalists are incredibly unreliable. it's absolutely clear to everyone that you cannot trust nyt and similar publications. i never read them anyway, and when I do come across articles on topics I'm knowledgeable about, i'm appalled by how wrong they are.
      • Workaccount2 362 days ago
        Modern journalists are just terminally online twitter heads.

        "Why go out or talk to anyone when I can just stay home and be on twitter all day!?!"

        It's the absolute worst outcome for journalism, and none of publications seem to care. If I had a publication the first thing I would do is ban twitter use (and probably go bankrupt because of it.)

        • dylan604 362 days ago
          publications probably encourage it so they can slash the operating budgets. if people are "staying at home on twitter all day", then they don't need office space. if they are willing to stay home to be on twitter all day, they are probably much younger less experienced/credentialed employee so they're cheaper too!
      • dylan604 362 days ago
        >i never read them anyway, and when I do come across articles on topics I'm knowledgeable about, i'm appalled by how wrong they are.

        I never do that, except when I do. What kind of soapbox are you trying to stand on. It looks more like a cardboard box collapsing under the weight of your own hubris.

        I get the suspicion of news outlets of any kind. It doesn't matter what stream the journalists are fished out of, but they cannot all be subject matter experts in all subjects. This is also an expectation full of hubris on your part.

      • bigger_inside 362 days ago
        exactly. When I read things I KNOW about, it's incredibly obvious that the news entertainment business (which WP and NYT and CNN and Fox all are) exist to serve the prejudices of their audience. A few times I made the mistake to let myself be interviewed by a newspaper who wanted an "expert" on something (flattering, but meh); something copletely benign and harmless, nothing political. They twisted my words to serve up stuff that fit what their "normal reader" already believed about the world.
      • colordrops 362 days ago
        It's crazy to me that people pay for access to these outlets. I wouldn't pay for any content except from individual journalists and a few very small outlets, and even then, would immediately stop if things ever turn for the worse.
    • orangepurple 362 days ago
      Operation Mockingbird never ended. Full stop.

      (2010) https://weirdshit.blog/2010/07/23/cointelpro-operation-mocki...

      • BlueTemplar 362 days ago
        Well, COINTELPRO certainly didn't : we've got recent examples about how the FBI monitored the Parler group discussions that were planning the January 6 2021 United States Capitol rally - including convincing some of the most risky elements to not participate, and (supposedly) warned Washington law enforcement about it well in advance.

        Which is fine I guess, as long as it doesn't go into the more abusive examples listed.

        One thing that jumped at me when (re-?)reading the letter to MLK from the FBI : first you have some very informal speech :

        "look into your heart", "you are done", "you are [] an evil, abnormal beast", "there is only one thing for you left to do"

        Then SUDDENLY : "You have just 34 days in which to do it (this exact number has been selected for a specific reason, it has definite practical significance)."

        Lol, talk about a change in tone, I wonder if MLK noticed it ? (The specific reason being Christmas, but still...)

      • throwawayq3423 362 days ago
        Cold war history really broke people's brains. Yes this took place in the 1970s, no such thing happens today.
    • theropost 362 days ago
      Lack of real journalistic resources - Meta has more "journalists" then the Washington Post.
    • what-no-tests 362 days ago
      > Was this some kind of organizational failing?

      No...the organization is behaving exactly as intended.

    • 0xDEF 362 days ago
      Why are you surprised that backdoors in "boring" non-consumer facing hardware didn't get much attention?
    • syndicatedjelly 362 days ago
      Do you think there was a list in the document neatly titled “NSA_BACKDOORS_DONT_SHARE” or something?
      • hammock 362 days ago
        More likely an IC plant in the editorial office that said "NSA Backdoors Don't Share."

        NSA also pays the owner of the Washington Post upwards of $10 billion for cloud services

        • gruez 362 days ago
          >NSA also pays the owner of the Washington Post upwards of $10 billion for cloud services

          That's not the only publication that had access to the documents. From wikipedia

          >the first of Snowden's documents were published simultaneously by The Washington Post and The Guardian. [...] The disclosure continued throughout 2013, and a small portion of the estimated full cache of documents was later published by other media outlets worldwide, most notably The New York Times (United States), the Canadian Broadcasting Corporation, the Australian Broadcasting Corporation, Der Spiegel (Germany), O Globo (Brazil), Le Monde (France), L'espresso (Italy), NRC Handelsblad (the Netherlands), Dagbladet (Norway), El País (Spain), and Sveriges Television (Sweden).

        • dylan604 362 days ago
          >More likely an IC plant in the editorial office that said "NSA Backdoors Don't Share."

          Wouldn't be more likely that a plant would actually not say that, but rather come up with something else? Seems much more likely that a plant would promote some other aspect of a leak that would be less damaging as the story. Or even possibly making part of the document dump disappear.

    • Consultant32452 362 days ago
      Supposed news organizations openly employ spooks as commentators on things like foreign policy.

      Journalists knowingly report lies, acting as the mouthpiece of the government.

      We know at least one news organization had the whole Epstein story locked down and they buried it because they were afraid they’d lose access to the royal family for future news/puff pieces.

      You think you hate journalists enough, but you don’t.

    • chillbill 362 days ago
      [dead]
    • garba_dlm 362 days ago
      > Was this some kind of organizational failing?

      sure, why not. and while we're on this deluded train: Julian Assange's legal problems are not political persecution

    • TheRealDunkirk 362 days ago
      In the US, we have this passionate fantasy about Woodward and Bernstein and the Post and the Pulitzer and the movie and Redford and Hoffman and the Academy Award, about how the Press played the part of the "fourth estate" as the Founders intended, and rooted out a corrupt politician, and forced him to resign. It's all bullshit. The people who broke into the Watergate Hotel were CIA, Woodward was formerly CIA, and "Deepthroat" was a Deputy Director of the FBI. It was all a deep state plot to get rid of Nixon. Any time the deep state wants to get rid of a politician, the "press" does its "job" by exposing things. When the deep state likes a politician, the "press" ALSO does its "job" by covering things up. Look absolutely no further than Hunter Biden. The hypocrisy is utterly astounding, even to someone who is deeply cynical at this point. The rest of the US needs to wake up to the fact that the press is just another branch of the deep state, and stop pretending that there's ANYTHING useful being fed to us through ANY of the large media corporations.
      • sofixa 362 days ago
        > about how the Press played the part of the "fourth estate" as the Founders intended

        The rest of your post is quite the bullshit (easily probable with publicly accessible archives bullshit at that), but this is also wrong. The mythological god-like creatures that crafted America as their divine powers ordained it didn't "intend" for the press to be "the fourth power". That term was first used after the US revolution, and in the UK. You're just retconing stuff into your mythology, and everyone knows that doesn't work and leaves a poor taste.

        • TheRealDunkirk 362 days ago
          I have no idea what you're on about. The Founders of the US absolutely intended the press to be the last counterbalance on government overreach. It's literally why it's the First Amendment. Getting bogged down by terminology is perfect HN pedantry. Well done, sir!
          • sofixa 361 days ago
            Few counterpoints:

            * it's an amendment, so not part of the original text

            * "Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press" . I don't know, it doesn't sound to me like the freedom of the press was the most pressing matter when that amendment was written considering the ordering, and again, the fact that it's an amendment and not part of the original text where the rest of the "checks and balances" are written.

            • TheRealDunkirk 361 days ago
              They got the Constitution ratified based on the promise of the first ten Amendments to be passed later. The fact that they weren't part of the original document was just the political process they used. I don't know; maybe read a book.
      • pakyr 362 days ago
        Wow, the deep state is so powerful that they got Nixon to say on tape that he was going to try to get the CIA to falsely use national security as an excuse to stonewall an FBI investigation. Poor innocent Nixon was no match for their telepathic powers.
        • TheRealDunkirk 362 days ago
          Whoosh. You went clean over my head, anyway.
          • pakyr 361 days ago
            What's so hard to understand? Nixon was literally caught on tape[0] conspiring to cover up CREEP payments; it's a bit funny to claim Watergate was all a deep stage conspiracy to screw Nixon when he was recorded committing crimes.

            [0]https://watergate.info/1972/06/23/the-smoking-gun-tape.html

            • TheRealDunkirk 361 days ago
              I never claimed anything about his character or his innocence. I don't understand that you don't seem to understand that this was part of the process. They used his narcissism and paranoia to effect the plan.
  • colatkinson 362 days ago
  • throwfaraway398 362 days ago
    Original source from march 2022 : https://pure.tue.nl/ws/portalfiles/portal/197416841/20220325... page 71, thanks to wikipedia
  • jdblair 362 days ago
    Help me out here:

    if my network hardware is compromised, but all of my communication is encrypted, that leaves… traffic analysis? hoovering up the data and storing it to decrypt in the future when it becomes feasible? using the router as a foothold to attack the rest of my network?

    The first two are already happening for data that leaves my LAN. Unencrypted data on my LAN is vulnerable, and there is plenty of unencrypted traffic on my LAN in practice. Is that the risk?

    • jdblair 362 days ago
      still thinking… if the three-letter-agency has compromised the random number generator, then that means all traffic encrypted by the router may be easier to crack.

      What data is encrypted on the router? VPNs, for one. So a VPN, and all the plaintext traffic sent over it, could be made vulnerable.

      • 0xDEAFBEAD 361 days ago
        >What data is encrypted on the router? VPNs, for one.

        What sort of VPN are we talking about?

        • thenickdude 361 days ago
          You can run OpenVPN or Wireguard directly on Ubiquiti network equipment for example, and some Ubiquiti EdgeRouter equipment has Cavium CPUs
    • someonehere 361 days ago
      I think I had read the three letter agency is storing this kind of data somewhere in a database for later technologies to decipher.

      So I’d assume they could snoop packets and store that data elsewhere. Whenever they harness quantum computing I could assume they put that stored data of yours through it and decrypt it all.

      • jdblair 361 days ago
        but they’re already storing data off the IXs, why do they need to target my router?
  • w7 362 days ago
    Is this not just related to the Dual_EC_DRBG and other tainted RNG issues we've known about, and mitigated, for years?

    You can see discussion on this going on as far back as 2015, explicitly in regards to what "SIGINT enabled" means and Cavium: https://www.metzdowd.com/pipermail/cryptography/2015-Decembe...

    Am I missing something here? People are talking as if there is some new backdoor that's somehow avoided detection. Did everyone just miss this discussion in 2015?

    Discussion of the "Sigint Enabling Project" goes as far back as 2013 on HN itself.

  • AndrewKemendo 362 days ago
    Genuinely, at this point you should just assume 100% of your electronics are compromised by someone. If it’s not a government (yours or otherwise) then a corporation will fill the gaps (while in most cases also giving it to those governments)

    You should assume you have no privacy anywhere in your life.

    • 0xDEAFBEAD 361 days ago
      If the NSA had hardware backdoors everywhere, it seems to me there would be no need for TAO or hoards of 0-days. And yet we know from the Snowden leaks that the NSA invests a lot in that stuff, correct?
    • eimrine 362 days ago
      I have a laptop with no communications functioning and I'm sure it is not compromised. The proof of it is openly stored the wallet.dat file with no any password.
      • AndrewKemendo 362 days ago
        Is the idea to challenge someone to prove you wrong?

        Or are you suggesting that there no way for one of the aforementioned groups to recover your data remotely should they have a focused desire to recover it?

        • eimrine 361 days ago
          Idea is to challenge someone to propose a hardware + OS which can be as secure being online. Probably it has to be OpenBSD and the latest architecture with open BIOS.
  • purplecabbage77 361 days ago
    The linked tweet screenshots a blog post[1] that is an analysis of a pHd thesis[2]

    [1] - https://www.electrospaces.net/2023/09/some-new-snippets-from...

    [2] - https://pure.tue.nl/ws/portalfiles/portal/197416841/20220325...

  • minzi 362 days ago
    I don’t know much about security, especially at the hardware level. However, I have a question for those of you that do.

    Suppose you were given a healthy budget, a team, and a few years. Would you be able to build network hardware that did not contain back doors? How healthy would the budget need to be? How skilled would the team need to be? I assume you’d have to assume most external vendors are compromised and rebuild whatever you needed from them. What would that take?

    • hedora 361 days ago
      First, read “Reflections on trusting trust”.

      If you care about performance, then you need to start by building a fab. $100B+, and you’ll end up with government moles.

      So, I assume you don’t care about performance. If you keep stuff under 100MHz or so, then you can avoid complicated signal processing.

      Design for a old process, and tape out. Now, read up on decapping and reverse engineering old dies with garage-built microscopes.

      Make many copies of your chips, then decap a random sample and verify they are to spec by hand. Use the rest to build a computer that can verify the output of the microscope.

      You can print circuit boards using hobbyist kits on a laser printer. Since they are 1 or 2 sided, you can visually verify them.

      If you can find commercially available chips that are primitive enough for you to decap, scan, reverse engineer and verify, then use those instead (following the random destructive sampling procedure above).

      Good luck!

    • c7DJTLrn 362 days ago
      I don't think it would be that hard. There's RISC-V SBCs out there which the schematics are open for. I don't think it's correct to assume absolutely everything out there is backdoored/compromised. That would be an very difficult undertaking and word would get out. NSA target their attacks very finely.
    • 6d6b73 362 days ago
      Impossible. Sooner or later one of the 3 letter agencies would have somebody on your team and they would introduce multiple backdoors one way or another.
  • ZoomerCretin 362 days ago
    I'm looking forward to someone explaining to me why Chinese telecom equipment should continue to be off limits. Is the problem that we are afraid of possible Chinese backdoors, or that Chinese telecom equipment isn't backdoored by the NSA?

    An interesting question I'd like answered: Are the TPM 2.0 modules that Microsoft is requiring for Windows 11 installs similarly backdoored?

    https://www.theverge.com/2013/6/6/4403868/nsa-fbi-mine-data-...

    I think it's a safe assumption that all American microprocessors have backdoors.

    What does this mean for OpSec? If I am a dissident (or garden-variety cyber criminal), how do I evade my online activities being tracked by a sufficiently determined team at the NSA? We've known (or have assumed to know) for years that CPUs produced by AMD, Intel, and Apple have backdoors. If my machine lacks any personally identifying information, only interacts through the internet through a network device that uses a VPN and encrypted tunneling, then I should be fine in spite of CPU/OS backdoors. However, using a VPN with encrypted tunneling doesn't seem to be enough if my router also has a backdoor, and the data or encryption keys can be intercepted and tied to the personal information I've given my ISP.

    Where do we go from here? Do I need a Loongson-based PC and a Chinese router on top of an encrypted VPN? Obviously we have to assume that these are all backdoored as well, but that shouldn't matter as my activities don't likely won't make me a target of the PRC.

    • 0xDEAFBEAD 361 days ago
      >We've known (or have assumed to know) for years that CPUs produced by AMD, Intel, and Apple have backdoors.

      What's the evidence for this?

      >Obviously we have to assume that these are all backdoored as well, but that shouldn't matter as my activities don't likely won't make me a target of the PRC.

      Elsewhere in this thread it was claimed that the NSA has hacked Huawei. The NSA could have stolen the backdoors then, or it could've analyzed e.g. Huawei's hardware independently.

  • samgranieri 362 days ago
    So in real life terms, what does this mean for people that own USG3s? If you're so inclined, replace it? Or not use the VPN feature in the Unifi admin console?

    Personally, I just forward all WireGuard traffic to another computer on my network and use https://github.com/burghardt/easy-wg-quick to setup a simple VPN.

    • stephen_g 362 days ago
      We don’t know which types of Cavium products may have vulnerabilities, which models or what the nature of it is (could be only applicable to certain features, sounds like possibly related to VPN acceleration).

      So absolutely no way to know whether anything needs to be done or not, unless you expect you’re at risk of a nation state actor having a reason to specifically target you, in which case it’d be wise to stop using it.

    • BlueTemplar 362 days ago
      What kind of people ? Your average person can't do squat if targeted by a state actor anyway (except complaining to their own state about it, and let them sort it out).

      It's another thing when it comes to resisting surveillance capitalism :

      https://web.archive.org/web/20180919021829/https://www.alexr...

      It's completely disproportionate that Hollywood is making people lose control of their own computers because they are worried about copyright infringement !!

      That a boycott of Intel and Ryzen CPUs, "Trusted" Platform Modules, and Windows (8+) also probably makes the job of NSA/CIA/FBI harder (because they have likely backdoored them) is just a bonus.

      (Of course there's also a potential failure mode that some much more hostile actors might get their hands on some of these backdoors, but it doesn't seem worth worrying about it until we get a high profile example of that happening ?)

      Of course if you have the responsibility of, say, protecting your non-US company from industrial espionage, the situation is very different.

  • rwmj 362 days ago
    On a technical level how would this work? Could it be observed by the router occasionally sending packets unsolicited to nsa.gov? [joke, obviously it wouldn't send them to a well-known address, but to some "unexpected" place] Or maybe when the router has to generate a private key [does it?] it would generate one with a flaw?
    • xmodem 362 days ago
      Weak or compromised RNG is enough to make most crypto algorithms brute-force-able at NSA scale.
    • Filligree 362 days ago
      The router is most likely also compromised, and will neglect to inform you of those packets.
  • pwarner 362 days ago
    Maybe there's something sinister here, or maybe Cavium and other similar network chips can be used for sigint, as well as many other things. Basically these are chips designed to look at every packet and can be programmed to take action on them. One could program a chip like this to find all the packages from user X and send an extra copy over to user Y (NSA). It's possible all this tweet means is that these NP chips are powerful and flexible enough to perform sigint. I wonder if this is like saying Intel CPUs can be used to evil things. Or C. Of course it's possible there is a back door, but that seems like the less likely scenario.
  • apienx 362 days ago
    “You can't defend. You can't protect. The only thing you can do is detect and respond.” -- Bruce Schneier
  • fidotron 362 days ago
    On a technical level this wouldn't be too surprising. Cavium hardware has things like configurable/programmable in hardware hashing of packets which can then be used by the (much slower, but in the Cavium case numerous) CPUs to decide how to handle it. Their SoCs contain enough that hiding something on there would not be impossible, and using the hashing/routing etc. that enabled performance requires trusting blobs from Cavium.
  • hammock 362 days ago
    Earlier this year, a man was sentenced to prison for six years for stealing Ubiquiti data that the NSA also apparently can steal.

    https://www.justice.gov/usao-sdny/pr/former-employee-technol...

    • acdha 362 days ago
      Leaving out the extortion part makes it very hard to read your comment as being made in good faith.
      • hammock 362 days ago
        Learn about Qwest if you think NSA doesn't also extort to get what they want: https://www.eff.org/deeplinks/2007/10/qwest-ceo-nsa-punished...
        • acdha 361 days ago
          Oh, I remember when that first came out. I’m not defending the NSA but criticizing the idea that it’s somehow unfair for some dude to go to jail for trying to extort his former employer. The NSA misconduct is a much less clear-cut question of Congressional approval and oversight - similar to how it’s not as simple as a murder charge when a soldier is accused of a war crime.
  • belter 362 days ago
    Ok the claim is the CPU was compromised and they were using ARM based tech. Is then ARM compromised? Cavium is now Marvell Technology.
    • moyix 362 days ago
      ARM just licenses the ISA and provides some reference designs. Individual manufacturers can (and often do) add their own extensions and design the actual chips.
      • SV_BubbleTime 361 days ago
        And peripherals that have direct CPU and memory access. You could easily design a “backdoor peripheral” to a completely bulletproof CPU.
    • monocasa 362 days ago
      Or other elements of an SoC. Biased RNG would be a good bet.
    • Fnoord 362 days ago
      > Ok the claim is the CPU was compromised and they using ARM based tech.

      MIPS and ARM.

      And Linux MIPS doesn't even have DEP and ASLR.

  • azinman2 362 days ago
    If your threat model is Nation states, then you probably have a lot more to worry about than this chip, including compromising employees which is way easier, cheaper, and more effective.
    • Havoc 362 days ago
      The risk impact isn’t just nation states though. Intentionally weakened hardware makes you more vulnerable across the entire threat actor spectrum. Any of them could stumble across it whether through skill or luck.
  • AtNightWeCode 362 days ago
    At the end of the day. We need cryptography that is understandable. There is absolutely zero need for the complexity in this field that exists today.

    And we need something better than just private keys.

  • halyconWays 362 days ago
    If it's sold in a Western nation, the NSA has a backdoor in it, and probably everyone in the Five Eyes. If it's sold anywhere else, China has a backdoor in it.
    • keyme 362 days ago
      China *also has a backdoor in to. FTFY
  • whalesalad 362 days ago
    my edgerouter ER4 has a cavium processor =(
    • obogobo 361 days ago
      I'm so upset I loved this thing
  • andy_ppp 362 days ago
    Presumably the NSA are in and out of everything in ways people haven’t even thought of yet. Back doors are great but I’m not convinced they need them!
  • Obscurity4340 362 days ago
    Just want to point out that iMessage makes a lot more sense in this regard. iMessage is that skeleton key that was requested years ago in San Beradino
    • SV_BubbleTime 361 days ago
      That was low stakes, they already had the shooters.

      What if that was theater?

      • Obscurity4340 361 days ago
        That's the really annoying part and the massive cultural red herring: they already have such insane levels of access to the latest toys and technology or equipment plus institutional access to records and documents they can subpeona and warrant from a judgethat will basically yield everything after it is aquired, why the fuck do they need that remaining 0.00000001% of evidence that constitutes everybody's private data when they already have a slamdunk case because of said totalitarian access described above?
        • Obscurity4340 360 days ago
          + the illegal but inscrutable parallel construction
      • Obscurity4340 360 days ago
        Can you elaborate on that? I thought everyone knew it was trying to set some bullshit precedent plainly?
  • xyst 362 days ago
    Is this only limited to “USG” products? Or safe to assume UDM also impacted?

    edit: FUCK

    “ Quad-core ARM® Cortex®-A57 at 1.7 GHz”

    https://store.ui.com/us/en/pro/category/all-unifi-gateway-co...

    People paying premium $$$ for this. UI better redesign and compensate users.

    • dna_polymerase 362 days ago
      Cavium provides purpose-built chips used for the ER & USG products. The UDM line uses ARM chips, most likely built by Annapurna labs.
  • greatNespresso 362 days ago
    I wonder, how would one find out such backdoors at the CPU level? And also, are Snowden's leaked documents archived somewhere?
  • jacknews 362 days ago
    I'm extremely sure it's far from the only one, and the practice is not limited to the US govt.
  • ChrisArchitect 362 days ago
    [dupe]
  • tamimio 362 days ago
    Not even surprised, how would it be a surprise? Anyone in security field knows that hardware backdoors or even server OS memory injected backdoors are a thing and been for as long as electronics existed, but some neo-security folks get upset when you say most of the “secure” software they use isn’t really secure, chats like signal, emails like protonmail, or even VPNs, assume it’s compromised, but will it be worth it to expose that cover for what you did?
  • Condition1952 361 days ago
    I was looking forward to using a NETGATE 1100 PFSENSE+ SECURITY GATEWAY. It’s full of Marvell SoC.

    I guess I can spare myself the money

  • 31337Logic 362 days ago
    Wow. This is massive!!
  • RecycledEle 362 days ago
    It all contains back doors.
  • robbywashere_ 362 days ago
    cmd+F lawsuit 0 results?
  • squarefoot 362 days ago
    When I buy something electronic, my approach is "everything that is closed and goes online will be used to spy on people". It may seem a stretch, but governments can't exercise power over something they cannot control, and truly private communications would take away some of that control. To me there are no conspiracy theories or other strange reasons for being able to decrypt any seemingly private information except the will to preserve the status quo at any cost, which implies knowing in advance what a potential adversary may think or do. I would expect every device to be bugged for that reason, including all cellphones and computers and associated hardware, from CPUs with closed subsystems down to network chipsets with closed firmware. There will be no way to ensure private communications until someone will find a way to make a device which is 100% open and auditable from the operating system to the CPU, from all chipsets down to the last screw.
    • iballing 362 days ago
      “100% open and auditable from the operating system to the cpu” is the main goal of the Betrusted project: https://betrusted.io/
      • Fnoord 362 days ago
        Which seems to be an iteration of the Precursor (Mobile, Open Hardware, RISC-V System-on-Chip (SoC) Development Kit) by Bunnie Huang and Sean Cobs

        > Part of the purpose of Precursor is to validate the system-on-chip (SoC) design we hope eventually to produce as a custom ASIC for use in future such products. This SoC, which we call "Betrusted-SoC," is meant to be the central pillar of security for devices like Precursor. The version of Betrusted-SoC used in Precursor is based on a Xilinx FPGA and has the following features [...] [1]

        As for the person who replied to you requesting LTE: won't happen, there's no completely FOSS stack for LTE. Always there is closed source firmware due to regulations. Oh, that wonderful world of transceivers. If you want FOSS, go wired. Tho it seems Precursor found a way to utilize Wi-Fi with a FOSS stack?

        [1] https://www.crowdsupply.com/sutajio-kosagi/precursor

      • ramesh31 362 days ago
        >“100% open and auditable from the operating system to the cpu” is the main goal of the Betrusted project: https://betrusted.io/

        Hopefully there's a 4G version coming. This seems too good to be true.

        • 0xCMP 362 days ago
          It's possible to modify it and add a 4G modem, but that would probably be third-party.

          The creators of the project suggest using your phone's hotspot if you need connectivity when not connected to Wi-fi (something I heard in interviews they gave).

        • RF_Savage 362 days ago
          The 4G modem is exceedingly unlikely to be audittable. Something like srsUE is not welcome on many telcos networks and requires some decently beefy hardware to run.
    • archontes 362 days ago
      It's clear that they feel that way also. The engineer Andreas Spiess recently appeared in a briefing on dangerous, anarchy-enabling technologies simply for making a youtube video on an encrypted messaging protocol over lora mesh networking.

      They're carefully watching and cataloging any communications technology they can't compromise.

      • s3p 362 days ago
        It's also hard to distinguish between legitimate security threats and scare tactics designed to make us think we're in danger. Remember the Bloomberg Supermicro "bombshell"[0]? I still don't know if that was ever confirmed true or false, but to my knowledge Bloomberg never retracted it.

        [0] https://www.theregister.com/2021/02/12/supermicro_bloomberg_...

        • Lammy 362 days ago
          I still believe it. Wouldn't surprise me if ASPEED were a "SIGINT enabled" vendor as well. It would be foolish not to target the most widespread BMC platform.
      • SamPatt 362 days ago
        The guy with the Swiss accent?

        What's your source on this?

      • madars 362 days ago
        Which briefing was that? Edit: it appears to be this https://networkcontagion.us/wp-content/uploads/NCRI-White-Pa... ("Network-Enabled Anarchy: How Militant Anarcho-Socialist Networks Use Social Media to Instigate Widespread Violence Against Political Opponents and Law Enforcement" via https://www.youtube.com/watch?v=EAQI2ZSmxPU; thanks to a sibling comment)
      • lawlessone 362 days ago
        TBF that same tech would probably be great for them or militaries to have.
        • dkqmduems 362 days ago
          Well advertising is a form of psychological warfare.
      • dfc 362 days ago
        The guy's video was linked to from /r/SocialistRA and a screenshot of the link was included in a paper about "How Militant Anarcho-Socialist Networks Use Social Media to Instigate Widespread Violence Against Political Opponents and Law Enforcement." The paper never mentioned Spiess or meshtastic. What are we supposed to infer from that?
    • mbakke 362 days ago
      I generally hold a similar opinion. However I have two data points that suggests back-doors are not available by default (for my government at least), but that they are aggressively bugging (or auditing, lol) devices:

      * When I ordered the first generation Raspberry Pi, they were stuck in the toll a long time, and when they arrived all the warranty seals were broken. Consequently I never really used them.

      * When I ordered the first generation Google Pixel, before it was generally available in my country, it was stuck in domestic mail for almost a week. The person who imported them sold and sent two phones the same day: the other one arrived after just two days and travelled a lot further. I used it regardless as I already considered phones a lost cause... (and could not with good conscience sell a possibly compromised device).

      At this point I don't trust anything sent by mail.

      • ilyt 362 days ago
        I just assume I'm not interested enough to be spied upon by randoms

        > When I ordered the first generation Raspberry Pi, they were stuck in the toll a long time, and when they arrived all the warranty seals were broken. Consequently I never really used them.

        If state have means to bug raspberry pi it has means to re-seal the box...

        • phero_cnstrcts 362 days ago
          > I just assume I'm not interested enough to be spied upon by randoms

          I believe the fewest are. But constant surveillance is an advantage if you need to monitor general opinions or if they find you interesting at a later point and want to check your history.

          So if you talk about burning wood in your stove a lot and it later becomes illegal you might have a hard time denying you have a stove if they ask you to pay extra carbon emission taxes.

          Or if you talk about chest pain a lot and later want to get a new health insurance you might find that your options are mysteriously more expensive than others.

        • mbakke 362 days ago
          > If state have means to bug raspberry pi it has means to re-seal the box...

          That's a good point that I never made sense of. The most likely explanation is simply an oversealouz toll agent. It just left a bad taste in my mouth so I didn't want to play with them...

          I had largely forgotten about it until the Google Pixel got stuck.

        • backtoyoujim 362 days ago
          unless they wanted you to know and feel threatened by it
        • croes 361 days ago
          As we learned from Snowden, they spy ob everyone they just don't look in every data point but they still collect everything they can get.
      • TheRealDunkirk 362 days ago
        You act like the NSA has been caught intercepting Cisco switches during shipping, and installing backdoored firmware, or something. Crazy conspiracy theorists...
    • tromp 362 days ago
      If I want to do some computation that should not be spied on, I can still program it in BASIC on my Sinclair ZX Spectrum. If it doesn't fit in its measly 48KB of RAM, I'm probably still safe programming it on my Commodore Amiga 500.

      Basically, you can only trust things manufactured before "going online" became a thing.

      • fallat 362 days ago
        or you know, just don't connect your computer online.
        • doublerabbit 362 days ago
          And ensure it's not by any windows, the case HD LED doesn't blink nor does the FAN make any noise.
          • TacticalCoder 362 days ago
            Hardware and software backdoors does scale.

            Data exfiltration through audio / fan speed / LEDs blinking / power draw / etc. simply doesn't.

            I think that a discussion about metric shitloads of networking gear being compromised is not the place to make fun of the few that didn't compromise on security.

            There's a place for offline/airgapped devices and private keys (PGP keys, seeds, whatever) being generated by throwing dice.

            If anything all these backdoors do show that math/cryptography do work. The NSA's budget may be 100% of the US GDP, they still wouldn't be changing Sun's gravity or the math behind cryptography.

            The joke today is on those who kept making fun of those who didn't trade security for convenience.

          • tromp 362 days ago
            Both these computers were fan-less, like nearly all hobby computers at the time (clockspeeds were single digit Mhz). The Amiga only had a floppy disk drive.
    • wombat-man 362 days ago
      For sure, but since a state has basically unlimited resources to find vulnerabilities, I'd assume it's possible for state actors to reach a target if they are determined enough.

      Might as well make it difficult though.

    • AndrewKemendo 362 days ago
      This is the right approach IMO.

      Just assume you’re being persistently surveilled - if you use a computer or electronics then the likelihood approaches 100% over your lifetime.

      • phito 362 days ago
        I try to have this approach, but I find it so exhausting tbh. It makes me want to just not use technology.
      • flangola7 362 days ago
        If you have to take this approach they have already won
        • AndrewKemendo 362 days ago
          You are correct, “they” have won so far unfortunately

          Doesn’t mean we don’t do anything about it, just means we have to acknowledge reality

    • 13of40 362 days ago
      "If it's technically possible, they're doing it."

      It's their job.

      • dizhn 362 days ago
        If it exists, they're buying it. (States)
    • mk89 362 days ago
      If that is the case they are doing a pretty s** job spying on people, considering the amount of harm being done to children (and people in general).
      • irreticent 362 days ago
        I wouldn't say they are doing a bad job spying on people for that reason; I think it's more likely that the reason they are spying is not to help children/people but rather to strengthen their control over the people. Knowledge is power and they want to be more powerful than everyone else. I've always assumed that the spying wasn't altruistic but more for selfish reasons.
      • eastbound 362 days ago
        This. All of this spying, not even being used for security ever, ie their goal might as well be general insecurity. It feels like their goal is the stability of the social layers, no or rare promotion, and maximum impermeability for the masses.
  • scrumlord 361 days ago
    [dead]
  • dr-detroit 362 days ago
    [dead]
  • kome 362 days ago
    [flagged]
    • tristor 362 days ago
      Huawei stuff is proven to be compromised, just not by NSA, instead by China.
      • ElectricalUnion 362 days ago
        If anything, you probably need several layers of different, non-aligned country vendors to have some Swiss cheese model security. So some Huawei stuff, somewhere, as long as it isn't only Huawei stuff.
        • slt2021 362 days ago
          checkpoint firewall (Israel), PAN/fortinet firewall (US), and huawei firewall (china) daisy chained - should keep each other in sync and provide defense in depth :D
        • phatfish 362 days ago
          Network designs i have seen often include this for much the same reason. A perimeter firewall is from one vendor and an internal firewall is from another. If there is a security issue with one device the other should not be effected in the same way.
        • J_Shelby_J 362 days ago
          lmao it's like using a multi-hop VPN to hop through multiple jurisdictions, but in your own home!
        • arecurrence 362 days ago
          This is a great idea in that they’ll likely also patch their stuff when they discover the other team has exploited it.
      • DiogenesKynikos 362 days ago
        To my knowledge, no proof has actually been publicly presented for this claim. There have been a few stories that didn't pan out (like the one that boiled down to, "Huawei devices have telnet installed"), but no actual evidence of backdoors has come to light yet.

        This is despite the fact that Huawei has been under an extraordinary level of scrutiny for years. British intelligence was given extensive access to Huawei's hardware and code, as a condition of Huawei equipment being installed in the UK. We know from Snowden that the NSA hacked into Huawei HQ, but there's no indication that they found any evidence of backdoors. And despite running a global campaign to convince/pressure other countries not to use Huawei, the US hasn't publicly unveiled any evidence of Huawei backdoors. British officials have even admitted that the UK's decision to ban Huawei was based on pressure from the US, not evidence of wrongdoing.[0,1] This all makes me think that the US, UK et al. don't actually have proof of backdoors.

        0. https://www.theguardian.com/technology/2020/jul/18/pressure-...

        1. https://www.euractiv.com/section/politics/short_news/uk-bann...

        • bombas 361 days ago
          Great post. Seeing similar with TikTok and DJI FUD
      • NorwegianDude 362 days ago
        Isn't that just the US speaking in order to get more control? How is it proven? I've never seen any evidence of that, but there has been much evidence that the US does what they blames others of doing, like this and Cisco.

        At this point it seems the US is accusing others for doing bad things because that's what they themselves do.

        Huawei was growing really fast, threatening both Apple and Google. Then the US said it was not safe while trying to sabotage both smart phone sales and mobile networks sales. The US pressured allied countries to not choose Huawei for 5G, and didn't let companies work with them.

        Huawei was also willing to compromise by giving network operators acces to source code.

        Is Huawei bad? I don't know, and I've yet to see any evidence. Does the US do exactly what they are accusing other for? Yes, that has been proven multiple times.

        We live in a day where we talk about privacy and security, while giving large corporations full control over our iOS and Android devices. How useful is e.g. E2E encryption really when the os itself has a direct connection to the mothership?

        • BlueTemplar 362 days ago
          China has a LOT to gain from industrial espionage, is extremely well known for its industrial espionage, and also happens to effectively own EU telecoms (the 5G thing was like a decade too late).

          It would be astounding if they didn't take advantage of this.

        • HardlyCurious 361 days ago
          There is ample evidence of China's intentions and capability to install backdoors. Everything made in China or a heavily influenced Chinese country should be assumed to be compromised, even if 'proven' otherwise. Chances are we just haven't found the backdoor yet.
          • lmm 361 days ago
            Sure - but all that is equally true of the US.
            • HardlyCurious 359 days ago
              True of the US yes. Equally? I probably wouldn't say that. The US govt doesn't have the same control over media the the Chinese govt has. So they have to work harder to keep things out of public view. The US also has to massage the way they work to be somewhat within the bounds of the constitution.
      • throwaway67743 362 days ago
        It was never proven to be compromised though. GCHQ concluded after many years that they were sloppy, not malicious. All of the fear mongering by the US is what gave everyone the impression they were compromised.
      • rakoo 362 days ago
        China is way less dangerous to me than the NSA
        • Aaronstotle 362 days ago
          How is the NSA personally dangerous to you?
          • MSFT_Edging 362 days ago
            If you live in the US, you're under US federal jurisdiction.

            Unless you're regularly traveling to China or unearthing info that can seriously harm China, they're not going to send anyone after you.

            I rather be spied on by a foreign government than my own.

          • lcnPylGDnU4H9OF 362 days ago
            Compared to any TLAs in China, the NSA is far more likely to take action against a US citizen for a thing that citizen chose to say. It's likely there's a low amount of actual danger but it's greater than that of what China poses.
          • rakoo 361 days ago
            As a non US citizen living in a western country, the NSA has no qualms analyzing everything I do/say/think, including in my activism, and tell on me to the government of my country.
      • MaKey 362 days ago
        Where is the proof?
        • kube-system 362 days ago
          Chinese law requires Huawei to cooperate with their intelligence agencies.
          • Aachen 362 days ago
            As does the USA, so we shouldn't be using Windows or Yubico either, or virtually any other software/hardware from any other vendor because there's few countries that let you do illegal-over-there things without having a mechanism to force you

            It's a "pick your poison" situation, not a "they've got national security letters and so you can't trust them" one

            • kube-system 362 days ago
              This is why security is not a "one size fits all" exercise. The first thing you must do is define your threat model.

              The reason the Chinese government doesn't want to build their telecom system on Cisco hardware is the same exact reason the USG doesn't want to do the same with Huawei hardware. Because neither government is delusional enough to think that parts/service/updates wouldn't be immediately sanctioned in times of war.

              The US and China are already sanctioning each other's tech. The risk of building critical infrastructure on it is obvious.

              • DiogenesKynikos 362 days ago
                > The US and China are already sanctioning each other's tech.

                It's not symmetrical. Since Trump, the US has been extraordinarily aggressive in its use of sanctions against Chinese companies, whereas China has been very reluctant to retaliate directly.

                The US has sanctioned hundreds of Chinese tech companies. China has only recently begun to retaliate in kind, but has so far only sanctioned a few US companies (Micron is the only prominent example that comes to mind).

                • kube-system 361 days ago
                  It isn't. And I didn't say it was. But the current state isn't the ultimate risk that is being considered. The ultimate risk is war, under which both the US and China would invoke defense powers to compel industry to act in their respective nations' interest, and would apply wide sanctions.
                  • DiogenesKynikos 361 days ago
                    The zero-sum thinking of the Trump and Biden administrations, in which China is seen purely as a threat and all sorts of cooperation and economic integration are being rolled back, makes war more likely. The US is not compelled to ban Huawei and sanction all sorts of Chinese tech firms - that's a choice.
          • DiogenesKynikos 362 days ago
            That doesn't prove anything. You're just saying that Huawei could theoretically be compromised, but the above commenter asked for evidence.
            • kube-system 362 days ago
              They are compromised in terms of governance, and their legal environment is the proof of this.

              Nobody has ever claimed that Huawei devices have backdoors. The issue is that the supply chain is compromised by legal means, not the hardware or software currently being shipped has technical vulnerabilities.

              • lmm 361 days ago
                If you're using that non-standard definition of "compromised" then anything substantially made in the US, Australia, South Korea, Israel or Kazakhstan (non-exhaustive list) should be considered compromised.

                I'd love it if people actually stuck to some principles and stopped buying from any of these countries. But using that legal situation as a reason to single out China/Huawei is bullshit.

                • kube-system 361 days ago
                  "compromised" might be a word used by the tech community to refer specifically to technical compromises, but the word means something much more broad outside of tech forums.

                  > then anything substantially made in the US, Australia, South Korea, Israel or Kazakhstan (non-exhaustive list) should be considered compromised.

                  Not really, because many of those countries you listed have mutual treaties of cooperation and are not hostile to each other.

                  • lmm 361 days ago
                    > Not really, because many of those countries you listed have mutual treaties of cooperation and are not hostile to each other.

                    Doesn't seem to stop them from taking immensely hostile actions, e.g. the US spying on Merkel's emails, or helping killers and rapists who work for them evade arrest in "allied" countries. Governments are large and complex and have many competing interests. Why would/should one trust any of the ones I mentioned more than the government of China?

                    • kube-system 361 days ago
                      People/governments should trust whoever is more closely working in cooperation with their own interests over those who are working against them.
                      • lmm 361 days ago
                        Agreed, so how do you get from that to mistrusting only China? Everyone, including China/Huawei, has an interest in growing the pie. Some entities have an interest in zero-sum competition with me and mine. That's more likely to be someone closer - Chinese companies aren't competing directly with my business, but American, Australian and Israeli ones are.
                        • kube-system 360 days ago
                          I don't. It's just that this thread was about Huawei.
              • DiogenesKynikos 362 days ago
                > Nobody has ever claimed that Huawei devices have backdoors.

                Just a few comments up in this thread, someone claimed definitively that Huawei equipment has been proven to be compromised, meaning backdoored.

                > They are compromised in terms of governance

                We don't have any known examples of Huawei being forced by the Chinese government to compromise its equipment. This is still a wholly theoretical discussion. In contrast, we know that the US government has inserted backdoors into American (and not just American) equipment, and is able to secretly compel companies to comply with US spying.

        • HideousKojima 362 days ago
          Since the Snowden leaks (and honestly since long before) it's been safe to assume that if a nation state has the means and motive to commit <insert form of illegal surveillance here>, then they will.
      • croes 361 days ago
        Proven?

        Did they ever show any evidence?

        I hear that claim pretty often but have never seen any proof unlike in Cisco hardware.

      • tristor 362 days ago
        [flagged]
        • dang 361 days ago
          You broke more than one of the site guidelines quite badly here. Please don't do that, regardless of how right you are or feel you are. Those rules are for good reasons.

          If you'd please review https://news.ycombinator.com/newsguidelines.html and stick to them when posting here, we'd appreciate it.

        • NorwegianDude 362 days ago
          That's not proof, that's just an accusation. Huawei even offered up source access to customers as a way to prove that they didn't do that.

          Not saying they don't do such things, but the evidence is lacking.

        • Aachen 362 days ago
          The first link depends on the second. The second requires some sort of sign up to read, but archive.is works as proxy https://archive.ph/Dov1N

          The proof amounts to essentially one sentence spoken by an unnamed source

          > U.S. officials said Huawei has built equipment that secretly preserves its ability to access networks through [lawful intercept interfaces]

          but I understand that source confidentiality is useful so if WSJ trusts that, perhaps so should I. Not sure I'd then go so far as to independently say it has been "proven" when all that I truly know is that someone else believes someone else who has a commercial interest in saying this. It's probably true but that's not the same thing

        • bilbyx 361 days ago
          I would trust a proven security research group's analysis and evidence of backdoors rather than CNN or WSJ that has a track record of lies and biases. They always cite government sources or experts without provided a single shred of evidence. I have read a lot of articles in relations to the so called "Chinese backdoor" and the "evidence" was either the equipment contains default root or admin passwords or the software has vulnerabilities. Last time I checked, most if not all vendors have default admin accounts and passwords so you can configure the device and change the initial password. Similarly I have not come across any network equipment software without security vulnerabilities. If you can refer me to an article with conclusive evidence please send me the link. This would be much appreciated.
        • yazzku 361 days ago
          You can't take the WSJ as proof of anything, let alone in regards to China.
        • RockRobotRock 362 days ago
          [flagged]
          • dang 361 days ago
            "Don't feed egregious comments by replying; flag them instead."

            a.k.a. please don't feed the trolls

            https://news.ycombinator.com/newsguidelines.html

          • tristor 362 days ago
            I'd usually agree, except when it comes to saying anything critical of China on the Internet, my statement is very true. The wumao is a real thing, and they're pervasive within online tech.
            • airgapstopgap 361 days ago
              I wonder if you have enough self-awareness to notice why your behavior here might be considered bizarre. No, people who point out that your government routinely and brazenly backdoors equipment and software everyone uses (or rather, has forced upon them to use), while Chinese actions of this sort are evidenced to a lesser extent, and so the onus in justifying the use of that country's products is on the US at least as much as on China, are mostly not "wumao", nor whataboutists, nor anything of the sort. They're making an entirely sound argument an unbiased person would make given the context, you're just using those mind-killing political notions to dismiss a topic that offends your patriotic sensibilities.

              Wumaos are low-paid grunts and sincere idiots who disingenuously downvote, report and post irrelevant nonsense regarding racist imperialist AmeriKKKa or legitimate Chinese clay/territorial waters/6000 years of peaceful history. This is very easy to see. You're free to suspect any interlocutor as being one, of course, but if that's your only retort, you'd do better not stooping to the level of an undeniable propagandist and instead conceding the object-level issue – or keeping silent.

            • RockRobotRock 362 days ago
              Well your comment isn't greyed out or flagged, so they must be on vacation today :)
      • bigger_inside 362 days ago
        a CIA claim isn't "proof". I've never seen anything to prove it, just imperialist hysterics
        • bhouston 362 days ago
          It is fair to think that if the CIA is compromising US companies, then China is likely doing the same to Chinese companies. To assume otherwise is wishful thinking.
  • einvolk 362 days ago
    [flagged]
  • auntie_sam 362 days ago
    [flagged]
  • shoe_meal 362 days ago
    [flagged]
    • dang 361 days ago
      Please don't troll.
    • ech0riginal 362 days ago
      Y’all really need to work on your finesse.
  • declan_roberts 362 days ago
    The intelligence agency enjoyed a supremely underserved SURGE in popularity during the Trump era because they were seen as an enemy of Trump.

    Let's all get back to reality now. They LIE and influence US politics to preserve their operations (not political, it's self-preservation).

    If you see something like "100 former intelligence agents sign letter saying ..." then run, RUN!

  • wnevets 362 days ago
    Snowden also said Russia wasn't going to invade Ukraine in 2022.
    • stephen_g 361 days ago
      Most of the Ukrainian Government and military leaders were also pretty adamant Russia wouldn't invade either at that point.
      • wnevets 361 days ago
        Incorrect. Ukraine revamped their entire military and their relations with the West after Russia stole Crimea. Russian's 2 week war wouldn't be entering it's second year if Ukraine's government and military leadership were adamant they weren't going to be invaded.
        • mardifoufs 361 days ago
          They still didn't think they would be invaded at that point in time.
          • wnevets 361 days ago
            Russia's buildup of equipment and personal began months if not over a year prior to the 2022 [1] invasion. The idea that Ukraine's military and the West didn't know this was happening is comical. If Ukraine didn't think there was going to be invasion we wouldn't be entering year two of what was supposed to be a two week special military operation.

            [1] https://en.wikipedia.org/wiki/Prelude_to_the_Russian_invasio...

    • SV_BubbleTime 361 days ago
      Is everyone living in Russia supposed to be a Russian military expert?
      • wnevets 361 days ago
        Not being an expert has never stopped Snowden claiming to be one.
  • I_am_tiberius 362 days ago
    And people still believe Apple is secure because they say themselves. "Nobody" knows what their devices do in reality.
  • 2OEH8eoCRo0 362 days ago
    Do we need to do this every day?
    • ReactiveJelly 362 days ago
      Every fucking day until democracy kicks in.
      • codexb 362 days ago
        Democracy gave us the NSA
        • miguelazo 362 days ago
          No. Allen Dulles and the rest of the fascists gave us NSA.
  • WhereIsTheTruth 362 days ago
    Why now? Looks like Snowden is being weaponized, wich might indicate that he is still part of the group he is denouncing, is he a psyop? What's the goal?
    • r721 362 days ago
      From one of Twitter replies:

      >... this is not new... It states in the article that this thesis from Jacob R. Appelbaum was released March 25, 2022. The only thing that makes these 'new' (?) is that electrospaces discussed September 14th

      https://twitter.com/vxunderground/status/1703995620250325405

      Electrospaces article discussion: https://news.ycombinator.com/item?id=37562225

      • WhereIsTheTruth 362 days ago
        My question was why is it relevant today, specially after Arm going public, is the Mi6 trying to cover himself by denouncing the NSA?
        • r721 362 days ago
          Matthew Green is a well-known cryptographer, apparently he read Electrospaces piece, and noticed a thing which is interesting from a cryptography angle. So he posted a thread on Twitter, moyix submitted it here and people upvoted it to #1. Where is the supposed conspiracy?
  • sim7c00 361 days ago
    Didn't read all the leaks but it seems a bit wild to conclude a vendor implemented a backdoor purposefully. There's some been found ofcourse, but simply being SIGINT capable, why does that imply 'backdoor'.? If they have a nice exploit for the device it would also make it SIGINT capable no? without the vendor's cooperation (apart perhaps from a buggy implementation.)

    If you have the chip, you can find the backdoor... if you cannot find it, you can't conclude its actually there. There's ways to analyse chips to see if they are backdoored. Decapping, fuzzing and whatnot. Simply basing such of a conclusion from a few lines in a document seems a bit off to me...

    Did anyone actually find the thing??

  • one_shilling 362 days ago
    Very impressive work by the NSA, if true. Both from a political and technical perspective. It's good to know that our intelligence services are doing what they're supposed to, and doing it well.

    However, as interesting as this revelation is, it's unfortunate that Snowden decided to defect to the Russians and share his stolen cache of top secret documents with them and China, using Western journalists as ideological cover. I look forward to the day when he is brought to justice for treason.

    • Freestyler_3 362 days ago
      You can't hold it against someone that they don't want to be tortured/killed.
      • empath-nirvana 362 days ago
        Nobody was going to torture or kill snowden. His risk was prison, no more.
        • oaththrowaway 362 days ago
          Nobody gets tortured or killed in prison?

          Regardless of your thoughts on the guy, nobody deserves what Assange has gone through in custody. Same with Manning.

        • wnoise 362 days ago
          After Guantánamo, that's not a risk I'd like to take.
    • mullingitover 362 days ago
      This is the thing that rubs me the wrong way about Snowden - had he stayed and faced the music as a true whistleblower, he would've earned my respect for sticking to principles and acting as a loyal citizen acting in the interest of the country, even in the face of persecution.

      He did not do that. Instead, he's living a comfortable life in the bowels of a country that is committing vicious, daily war crimes. I don't hear him make a peep about kidnapped Ukrainian children, or the civilians that Russia tortures and kills. He's not a principled activist who's suffering for the cause of freedom at any cost, he's now just a loyal Russian citizen who opportunistically committed a massive act of espionage a long time ago.

      • oaththrowaway 362 days ago
        Was he not living a comfortable life in the bowels of a country that was committing vicious, daily war crimes when he lived in the USA? We kill/displaced over a million civilians in Iraq, not to mention the mess we left in Afghanistan. The carnage we've unleashed with drone warfare, CIA black sites, Guantanamo Bay, ect...

        Yes, Russia are the bad guys, but we have done some truly heinous things as well. Snowden revealed a little of the crimes we commit and you're ready to wash him away because it hurts your position that we are somehow morally superior to other countries?

      • xcdzvyn 362 days ago
        I think this is incredibly rich. Snowden is undoubtedly on the US' "really, really naughty" list -- would you, personally, sit back and be imprisoned for the rest of your life (and possibly be tortured), or live comparatively freely elsewhere?

        > I don't hear him make a peep about kidnapped Ukrainian children, or the civilians that Russia tortures and kills.

        Can you really not see why that would be a bad idea? He's kind of tied up here, if he doesn't want to end up dead by somebody's hands.

        > opportunistically committed a massive act of espionage a long time ago

        How exactly do his past actions go from heroic to a "massive opportunistic act of espionage" because of his actions in the present?

        • agent_788365 362 days ago
          Snowden's past actions were never heroic, that is just spin manufactured by journalists with a vested interest in constructing a narrative.

          He's been arrogantly self-serving from the start, and it's rather disappointing that some people still haven't grown out of their juvenile phase of blind hero worship.

          • oaththrowaway 362 days ago
            > He's been arrogantly self-serving from the start

            Maybe if he was as self-serving as you thought he'd continue to live a comfortable life while destroying the rule of law that we pretend to have instead of having to abandon his home and never again be able to see his country or friends again?

      • monocasa 362 days ago
        As a contractor he didn't qualify for whistleblower protections at the time.

        He would just be in solitary confinement for the rest of his life, and there's a much better chance the leak to the public would have never been completed in the first.

        • mullingitover 362 days ago
          I see no evidence that merely being convicted of treason is enough to get you thrown in a solitary cell forever. There's a long list of plain old convicted spies[1], and they just went to regular, run of the mill prison. I would like to see the evidence that Snowden would be treated any differently.

          And again, I'm not saying he would've been protected as a whistleblower, just that he had to choose one or the other: take his chances as a martyr for freedom, or escape all consequences and with them, his legacy as a respectable historical figure. He chose the latter.

          [1] https://en.wikipedia.org/wiki/List_of_imprisoned_spies

      • greenie_beans 361 days ago
        LMAO comment on hacker news whenever you leak the severity and amount of information like snowden and let us know how valiant you are for reaping the unjust consequences.

        you'll be a loyal citizen to a nation state that spies on its people, while torturing and killing other people for no good reason.

        why is going to jail for whistleblowing honorable? that makes no sense to me.

    • miguelazo 362 days ago
      Being stranded in Moscow because the State Department cancels your passport while you're en route to Ecuador = "defection"? Cute.
      • CodeArtisan 362 days ago
      • phatfish 362 days ago
        I doubt Russia cared much about a cancelled US passport. If they felt he was not worth something to them they would have made sure he was out of Russia.

        Personally I don't think it was intentional on his part to get stuck in Russia, just a bad error. But he is certainly living there by their "good will" now, and it shows in his public behaviour.

        • miguelazo 362 days ago
          Russia may not care (doubtful), but the airline will not even let you board.

          Not trashing your host is probably wise, but given his experience with the US government, he probably no longer subscribes to the naive worldview that Putin (or Xi) are uniquely bad, just bad in their own ways and responding to the world with their nation's interests (and their legacies) in mind.

          • phatfish 361 days ago
            This is a fun narrative that the US is just the same as the Russian or Chinese governments, i wonder who could benefit from pushing that...

            The fact Snowden is still alive pushing anti-US propaganda shows the difference, if the roles were reversed he would have been assassinated long ago.

            • mardifoufs 361 days ago
              Oh no, not anti us government propaganda. That's a capital sin. Everyone who disagrees with the US government is obviously a sovi-i mean a Russian plant.
              • miguelazo 361 days ago
                Yup! It's amazing how often you see this pathetic red-baiting even on HN where you expect people to be more thoughtful.
            • miguelazo 361 days ago
              You mean the way the US/UK is slowly assassinating Julian via the torture of extended solitary confinement (and only because it was too hard for them to do it in one fell swoop)?
    • jklinger410 362 days ago
      Shilling indeed.
    • oaththrowaway 362 days ago
      [flagged]