A List Of Companies Where NSA Has A "Backdoor" Thus Allowing Snooping On Customers (Apple, Dell, Microsoft, Cisco And..)
(Apple, Dell, Microsoft, Cisco And..)
Security Experts Pull Out of RSA Conference in NSA Protest
At least six speakers have withdrawn from the February 2014 RSA Conference, one of the top cybersecurity events of the year, in protest over allegations that EMC Corp.'s RSA security division accepted $10 million to essentially create a backdoor in one of its products.
Mikko Hyppönen, chief research officer for the Helsinki, Finland-based security firm, F-Secure, Taia Global Inc. CEO Jeffrey Carr, ACLU technologist Christopher Soghoian and Josh Thomas of Atredis Partners were among the speakers to take to social media to express their displeasure over allegations first revealed in a December 20 story by Reuters’ Joseph Menn.
“You can’t get much worse than this, in terms of a security company betraying its customers,” Mr. Carr told CIO Journal. Mr. Carr, who also founded his own conference called Suits and Spooks, withdrew from the conference on January 3.
Digital Dao: Joining @Mikko in Protest, I’ve Cancelled My Talk at RSA http://t.co/EyFkVPwrqL — Jeffrey Carr (@jeffreycarr) January 3, 2014
Mr. Hyppönen was the first speaker to pull out of the conference on December 23. Since then, others have joined him. “I’ve given up waiting for RSA to fess up to the truth” regarding NSA and withdrew from the conference, wrote Christopher Soghoian, principal technologist and senior policy analyst at the American Civil Liberties Union, Tuesday, in a Twitter message.
I’ve given up waiting for RSA to fess up to the truth re: the NSA and Dual_EC. I’ve just withdrawn from my panel at the RSA conference.
— Christopher Soghoian (@csoghoian) January 7, 2014
Josh Thomas, partner at security firm, Atredis Partners, recently cancelled his plane ticket and withdrew from the conference. Mr. Thomas has worked in cryptography for the Defense Department, has held top-secret security clearance and still has friends in the government. But the Reuters story, alleging that RSA accepted $10 million from the NSA to essentially put a backdoor in a product called Bsafe was too much. Mr. Thomas said he could no longer “lend his credibility” to the RSA Conference. “It’s just not good for business, it’s not good for the population and I don’t really want to support that at all,” he told the Wall Street Journal.
EMC’s RSA unit has said, in a statement, that it “categorically denies” the allegation that it entered into a “secret contract” with the NSA.
Mr. Carr, who labeled RSA’s public statement “misleading and lacking details,” in a January 6 blog post, said RSA and the NSA were at odds in the 1990s during the so-called encryption wars. It wasn’t until after 9/11 that the relationships between many security companies and the government began to change, he said. “The government went to private industry and said, ‘we’re in this war against terrorism together and our country is counting on you,” he added.
Now, besides boycotting the conference, he is calling for a boycott of RSA products
Hugh Thompson, program committee chair of the RSA Conference, says the conference has a history of being neutral and that the recent allegations regarding the NSA would likely be discussed at the conference.
Still, he noted that the cancellations represented a small percentage of the 500 speakers scheduled for the conference. “My personal expectation is that it’s going to be a big event and there’s going to be a lot to discuss,” he added.
Mr. Thompson is chief security technologist and SVP at security technology vendor Blue Coat Systems Inc.
The NSA Has Targeted Manufacturer's Products With Malicious Software And Hardware That Create Backdoors In Products.
Many Customers Are Upset And There Is Skittishness About Whether Their Internal Networks Have Been Somehow Compromised By The NSA.
Companies Are Looking For Suppliers Not Based In The U.S. The Trust Level Is At Rock Bottom. This Is Really Going To Hurt U.S. Company Business – We’re Already Seeing It.
“There’s a very real concern for political or geography-based balkanization, which is in nobody’s best interest,” said William Plummer, Huawei’s Washington, D.C.-based vice president of external affairs. On December 30, Der Spiegel reported that the NSA has targeted Huawei products, among those of other manufacturers, with malicious software and hardware that create backdoors in products.
Huawei is familiar with what happens when trust splinters. For years it has received complaints from the United States government about the Chinese government potentially introducing backdoors into Huawei equipment. Huawei has denied that this has happened. In October 2012, a U.S. House Intelligence Committee Report urged U.S. telecom providers not to do business with Huawei and ZTE Corp., another Chinese equipment manufacturer. Now that the tables are turned, Huawei is not expressing schadenfreude. Instead, Mr. Plummer suggests that the industry find a global standards-setting organization such as the International Telecommunications Union to help manufacturers bolster security in their products.
Huawei is “conducting audits of its products to determine if any compromise has occurred.” If so, it will develop and communicate appropriate fixes, said Mr. Plummer.
Cisco is investigating allegations about the creation of alleged implants for some of the Cisco PIX and Cisco ASA platforms and is posting updates on a blog.
Juniper Networks, in a statement, said it is not aware of any implants and the company takes “allegations of this nature very seriously and are working to address any possible exploit paths.”
H-P, in a statement, said it “was not aware of any of the information presented in the Der Spiegel article, and we have no reason to believe that the HP ProLiant G5 server mentioned was ever compromised as suggested in the article.”
The NSA, in a statement, said that the U.S. technology industry builds the most secure hardware and software in the world today. “Given its own reliance on many of the very same technologies that the public uses, the U.S. Government is as concerned as the public is with the security of these products.” The NSA won’t comment on specific alleged intelligence-gathering activities, but the “NSA’s interest in any given technology is driven by the use of that technology by foreign intelligence targets.”
For now, many customers are upset and there is skittishness about whether their internal networks have been somehow compromised by the NSA, said Avivah Litan, vice president and distinguished analyst at Gartner Research Inc. “You can’t just redo your network,” she said, adding that IT budgets are tight.
Most customers are trying to find more information at the moment, which includes putting pressure on vendors to delineate which products may have been impacted. Some are looking at taking legal action, she said, which could take years. The prospect of closing the alleged backdoors could take several months from a technical perspective.
Already, in Europe, companies are looking for suppliers not based in the U.S., said Ms. Litan. “The trust level is on rock bottom,” she added. “It’s really going to hurt U.S. company business – we’re already seeing it.”
Apple Denies Working with NSA on ‘Backdoor’ for iPhone
Apple Inc. said it never worked with the National Security Agency to create a back-door way for the organization to spy on iPhone users and it was unaware of any program to target its products.
The company issued a statement Tuesday in response to a leaked document alleging that the NSA had targeted Apple's iPhones in a spyware program called "DROPOUTJEEP" in 2008. The document said once the software was installed on an iPhone, it had the ability to access the device's data, activate the phone's microphone or camera, intercept text messages or narrow down a user's location using cell towers.
"Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone," the company said. "Additionally, we have been unaware of this alleged NSA program targeting our products. We care deeply about our customers' privacy and security. Our team is continuously working to make our products even more secure, and we make it easy for customers to keep their software up to date with the latest advancements."
The leaked document was dated October 2008, implying that these methods were for older devices running older versions of Apple's iOS operating system. A person familiar with the matter said Apple doesn't believe that such spyware has attacked its latest hardware—from iPhone 5 and beyond—or software including its iOS 7 operating system.
The document relating to Apple was part of a larger cache detailing ways the NSA can gain access to equipment made by Cisco Systems Inc., Juniper Networks Inc., and others.
The Wall Street Journal reported in August that U.S. and foreign law-enforcement agencies used software to turn Internet-connected devices, such as laptops and smartphones, into digital eavesdropping posts. Such programs often are created and installed without the device manufacturer's knowledge.
In a statement Tuesday, the NSA said that, because it uses commercial technology made by U.S. companies,"the U.S. government is as concerned as the public is with the security of these products. While we cannot comment on specific, alleged intelligence-gathering activities, NSA's interest in any given technology is driven by the use of that technology by foreign intelligence targets. The U.S. pursues its intelligence mission with care to ensure that innocent users of those same technologies are not affected."
* Mixing Services Add Complete (NSA-Proof) Anonymity To Bitcoin Transactions
Next-Generation Bug / Microwave / ELF / Spy Phone / GSM And Camera Detectors (Buy, Rent, Layaway) tinyurl.com/2eo8mlz Open...
— Spy Store Rentals (@MontyHenry1)
Nanny IP (Internet) Cameras, GPS Trackers, Bug Detectors and Listening Devices, etc, (Buy / Rent / Layaway): tinyurl.com/396jlw6...
— Spy Store Rentals (@MontyHenry1)
• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)
• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)
• Live Monitoring, Recording And Event Playback Via Internet
• Back-up SD Storage Up To 32GB (SD Not Included)
• Digital Wireless Transmission (No Camera Interference)
• View LIVE On Your SmartPhone!
* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* 2GB SD Card
* USB Receiver
FACT SHEET: HIDDEN NANNY-SPY (VIEW VIA THE INTERNET) CAMERAS
* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* Supports up to 32gig SD
* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking
* You Buy Our DVR Boards And We'll Build Your Products! (Optional)
Our New Layaway Plan Adds Convenience For Online Shoppers
Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320
Google+ and Gmail
AOL Instant Messenger
Yahoo Instant Messenger
Alternate Email Address
Join my Yahoo Group!
My RSS Feed