This isn't surprising. What the US government wants the government gets. I was working for a large ISP in 2010-2011 and we were considering long haul transport gear between Huawei and Infinera. All things being equal Huawei had a better cost/performance value prop. That was, until the FBI came in with a heavy handed opinion. You see at that point in time the best place to siphon data was at large ingress/egress. As I understand it there are two reasons the FBI wanted Infinera: 1) Infinera is a US based company and had to abide, like Cisco, to provide "LE" (law enforcement) capable firmware/software and 2) to keep a Chinese firm from generally gaining that position in a large ISP.
So while it's huge Google was told what to do, it's not surprising as this is business as usual. And back to an earlier point... The best place to siphon data in 2019? Your phone. Times have changed, data collection by governments hasn't.
>The best place to siphon data in 2019? Your phone.
But can't you reverse engineer your phone and see what it's doing? And can't you monitor the network data it's sending? With a backdoor in long haul transport gear, academics, researchers, random hackers, watchdog groups, journalists, competitors, etc, don't have the ability to monitor for bad behavior.
AFAIK nobody has reverse-engineered even parts of the radio-firmware, the separate OS which has memory access to your other OS. Linux/Android/Iphones OS, is really just a guest, a side-show to what the radio-firmware can and is doing, ie spying.
This is not true anymore. Some android phones (samsung, google), have DMA disabled and modern iphones (around 2016?) use USB or SDIO without DMA.
I honestly believe that the theoretical DMA backdoor attack (and most other similar attacks) have been mitigated thoroughly. I am much more concerned about secretly held 0days (RCE) and most concerned about warrantless orders against cloud storage.
Are you citing "To protect the device from vulnerabilities in network processor firmware, network interfaces including Wi-Fi and baseband have limited access to application processor memory. When USB or SDIO is used to interface with the network processor, the network processor can’t initiate Direct Memory Access (DMA) transactions to the application processor. When PCIe is used, each network processor is on its own isolated PCIe bus. An IOMMU on each PCIe bus limits the network processor’s DMA access to pages of memory containing its network packets or control structures."? Correct?
The attention to hardware isolation and separation is appreciated, but I don't hold my breath for iBoot and SEPOS protecting an iPhone from powerful adversaries.
Blocking DMA is separate from 0days. One is a design decision, the other is a still-unavoidable consequence of complicated software.
I think that these mechanisms completely frustrate "bulk" in-field collection efforts; for example, scanning all phones at DUI checkpoints.
No technical control is perfect. If you personally piss off a nation state adversary, they are more likely to yeet you off to a black site and hit you with a wrench until you cough up your passcode.
Surely, someone will break iBoot, and surely, someone will break SEPOS. And surely, someone will chain a kernel exploit with a userspace exploit [0]. And surely, someone will leak the signing keys for a widely deployed cheap android phone [1]. And surely, someone will push 777 permissions to a cloud provider [2]. And most surely, powerful government adversaries will hold brutal exploits close to their chest in the service of power and politics [3].
So I guess, if you want to breath freely: host your infrastructure yourself where feasible. Choose providers who respect your privacy. Make a modest but financially fair donation to the EFF. Become politically active. Use better practices - not best - to avoid fatiguing yourself in the windmill chasing effort of being Perfectly Secure. Most importantly, stay awake and aware and ready to fight.
> The surveillance is performed through the use of wiretaps on traditional telecommunications and Internet services in voice, data, and multiservice networks. The LEA delivers a request for a wiretap to the target's service provider, who is responsible for intercepting data communication to and from the individual. The service provider uses the target's IP address or session to determine which of its edge routers handles the target's traffic (data communication). The service provider then intercepts the target's traffic as it passes through the router, and sends a copy of the intercepted traffic to the LEA without the target's knowledge.
Responding to lawful warrants and subpoenas is everyone’s obligation, and has been for hundreds of years under American law, and English law before that. The government is entitled to almost any evidence—it just has to follow the proper process to get it. Lawful intercept just supports that process. That’s also why the FBI having access to US data is fundamentally different than Chinese back doors in US networks. US law enforcement has legal ways to access data flowing in networks to perform their legitimate law enforcement functions. The Chinese have no legitimate reason to access data in US networks.
Lawful intercept isn't itself a backdoor, but it did provide one that was exposed via Snowden. In this case I'll call a spade a spade: many lawful intercept tools were used as backdoors, or overreach of legal authority. Again, keep in mind the context of my original comment: the years 2010-2011 which was pre-Snowden. The FBI may have stepped in with a heavy hand for many reasons but those reasons may have included inclusion of another large ISP in programs like PRISM.
PRISM was literally a system for handling the paperwork for lawful intercepts. There are instances of the USG exceeding its authority, but you've somehow managed to cite one of the few leaked programs that had an almost purely lawful purpose.
First of all PRISM was not purely "a system for handling paperwork for lawful intercepts", see [0].
Second your assertion assumes that somehow all requests within these programs abided by "lawful purpose", which we also know is not true. Whether FISA rubber stamps were lawful is subjective and your opinion but not fact. Your answer purports a black and white perspective on the past which I simply don't find appropriately represents all the shades of grey presented by all of the legal angles during this time.
It's not a 'just your opinion, man' sort of thing - more or less nobody seems to have thought PRISM was unlawful. Rand Paul, I think, made some noises about suing at the time and eventually did file some sort of suit that ended up not being about PRISM.
But it is... You're conflating two different things: the legal position accepted by the government and the reality. I don't think PRISM was legal, in my opinion, you can have an opposing view. People write opinions on lawfulness of all kinds of topics prior to making legal arguments regarding. And many do think it is unconstitutional / illegal [0] [1].
It wasn't legal because it completely violates the 4th amendment in the mind of any reasonable person. The government said that was okay, but really it wasn't okay, and we all know that it was unConstitutional under even the most liberal interpretation of the 4th amendment.
No, I'm sorry, what's happened here is that you (and "el Reg") don't know what PRISM is, but only innuendo about it, and so you've mistaken it for other USG programs that do offer instances of the government enabling "unlawful intercept". PRISM is a paperwork handling service for FISA 702 directives, not the backdoor into Google that Glenn Greenwald initially thought it was. But a lie travels halfway around the world while the truth is still grinding its way through the top of your "Read It Later" list.
You could have made the argument you were trying to make colorably and defensibly. All you had to do was not try to sound like you'd been "read in" to NSA's SIGINT programs. But, like I said above: you managed to cite one of the few NSA program examples that is in fact totally banal and, ironically, an almost perfect example of lawful intercept.
So... 702 and PRISM aren't still being litigated? It's fun to watch you twist reality with this type of non-informational response. I get with the above you'd like people to assume that, instead, you've been "read in" on the subject matter. <golf clap> But not all of what you've outlined here is the _whole truth_.
These are words, I acknowledge that they are, but they're assembled in an order that make it hard for me to understand what they mean.
As I said above: it's not hard to come up with cases where NSA is doing things that appear to contravene US law, but you managed to cite the one instance where all they're managing is paperwork.
Meh, if there is a backdoor it will be used, a warranty is a nicety and not required when the government steps in, including the US government. They break the law all the time, as was indicated by PRISM and numerous other illegal surveillance processes. All governments do it, it's just that China is turning it into an art form and flagrantly doing it and letting us all know they are building up a database on their own people to decide whether they are good people or not. Blocking Huawei is strictly to protect the USA's military interests, it's not about privacy. Cisco and Qualcomm may build in back doors but they are the USA sanctioned backdoors. That why Big H is getting the boot during 5G rollout
Doesn’t seem like a backdoor AFIACT—just support for handling a request from the government. (Distinction being that the ISP manually tells their equipment to intercept data instead of the government having technical access.)
TLS is still legal. So is routing all your traffic through Tor if you think the metadata is relevant.
I can't imagine much useful material comes from wiretapping these days. Maybe once in a while, but the real value largely exists in the application layer, which is obtained in a different way.
Bottom-up. The FBI sees that you're having a TLS conversation at X time with a server in Facebook's IP range, so they just go ask Facebook for what you were doing at that time.
Foreign-hosted services seem like they'd be hard to crack, but it's extremely likely their data flows though Cloudflare, Amazon, GCE, or a similar US-based company.
Following the requirements of a judge is not necessarily antithetical to Freedom. Even in societies where freedom is values, conspiracy to murder (say) tends to be frowned upon.
No, not at all. It was an extension of lawful wiretaps in to the digital age. CALEA required that manufacturers add the ability for lawful intercept to be done on their equipment by the providers that purchased them.
Law enforcement still had to go to a judge, get a court order, and take it to the ISP. The ISP could then configure the devices to siphon off traffic from a single customer to a collection device.
The same functionality and process has existed in phone networks basically since they became electronically switched.
While your statement on CALEA is true it also isn't the correct history. What CALEA put in place was designed for lawful intercept but we also know there were programs in use going against said law [0].
Remember the context of my conversation was 2010-2011 which was pre-Snowden. It's likely state, local and national agencies have less of an interest, today, at route/switch infrastructure simply because of the post-Snowden crypto push.
PRISM was a confusing program because neither the people reporting on it, or the tech companies impacted understood how it worked. The claim was the NSA had direct access in to providers networks, and the companies claimed they did not - the "logical" conclusion was an abuse of CALEA or similar access granted to FBI.
It was later discovered the NSA capability was the direct result of tapping fiber optic cables between international data centers, nothing to do with lawful intercept capabilities.
We never got the full picture on PRISM. We do know that at least a part of the program was a direct result of tapping fiber much of the program also went redacted. I've posted this before but during 2010 the main data center I had access to was closed one evening and the next morning we had a mobile server rack tied back to main routing gear via fiber which was in a mobile rack, blacked out and fully tamper taped. We knew a three letter agency was installing it and all floor access was revoked for that evening as well as being in the building. This was not off long haul fiber but was off of main routing infrastructure. I don't believe PRISM was purely fiber taps and that these programs had deeper hooks. Unfortunately I don't have any evidence beyond the assumption based on the facts I had been given and what I physically saw. I've used and installed a lot of long haul gear and have seen and installed many fiber taps in my day, this implementation was hardly passive in nature. But, that's just first hand knowledge of a random patron of the Internet.
I can assure you that every telecom equipment has lawful interception capabilities. Some countries even mandate a standard log format for metadata (Turkey does that). It's just one of the features that the operators ask for when getting their equipment, because they have to comply with local law enforcement.
Pretty much every developed country has some framework for collecting electronic data pursuant to legal process: https://tmt.bakermckenzie.com/-/media/minisites/tmt/files/20.... Country after country has decided that the government should have access to that information to perform legitimate government law enforcement functions. (The process can be abused, sure, but the functionality must be present to permit entirely proper and lawful requests for data.) And that is deeply rooted in precedent and practice. If you were a maritime shipper in the 1700s, you’d have to respond to law enforcement requests for information about the goods you transported on behalf of suspects. What’s not proper is when a foreign country that performs no law enforcement function in a jurisdiction tries to “siphon data.” Trying to draw an equivalence between the two is entirely fallacious.
> If you were a maritime shipper in the 1700s, you’d have to respond to law enforcement requests for information about the goods you transported on behalf of suspects
Tell me if I am mistaken, but in these specific case it looks more to me like forbidding customers and companies from using foreign made secure vaults because the government can't force them to secretly provide a master key.
Then sure, the argument is also valid that these vault makers could be providing a master key to their respective governments, but that would be a different argument and different enforcement.
What most people forget is that in a war the other party shoots back. It may take some time but it will happen and sometimes when you do not expect it. I think that Trump's move with banning Huawei is bad for the US in the mid and long run.
>What most people forget is that in a war the other party shoots back
Yes, and these actions are the US finally shooting back after enduring years of industrial espionage, forced technology transfers, and market access restrictions.
So while it's huge Google was told what to do, it's not surprising as this is business as usual. And back to an earlier point... The best place to siphon data in 2019? Your phone. Times have changed, data collection by governments hasn't.