Jump to content
Not connected, Your IP: 3.149.27.153
OpenSourcerer

FYI: NSA actively installed spyware on Cisco routers

Recommended Posts

Posted ... (edited)

The following pictures are part of an article by Heise Online, referring to a book by Glenn Greenwald.

1-0d69dd8f551891c4.jpeg

The NSA intercepted packages containing Cisco routers in order to install spyware on it.

 

2-308ac3a95ad39d0b.jpeg

^ Proof ^

 

3-7365f4a60eee51a2.jpeg

That happened when the spyware wasn't working like it should

 

(Edit: Pictures were moved and renamed by heise's CDN; fixed <3)

Edited ... by gigan3rd

NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

gigan3rd,

 

Thanks for the info.    I would like to hear your opinion on this topic.

 

Would you think my Linksys WRT54GS running DD-WRT likely has the spyware (was this practice widespread for virtually all routers)?

Or would the spyware have been removed when DD-WRT was installed/flashed?

 

I appreciate it!

 

Best regards,

 

anonym

Share this post


Link to post

Would you think my Linksys WRT54GS running DD-WRT likely has the spyware (was this practice widespread for virtually all routers)?

Or would the spyware have been removed when DD-WRT was installed/flashed?

 

I can't tell you if possible spyware is gone because I can't tell you how DD-WRT gets installed. Does it replace the whole filesystem with a custom one or is it like Freetz on Fritz!Box where the system image builder downloads the original firmware and patch it with what you set up earlier (additional software (e.g. OpenVPN), filesystem patches (e.g. kernel replacement), removal patches (e.g. ftpd or even dsld))?! Or some method I can't think of right now?! I don't have the time to do some research on this now. Maybe in the evening today or tomorrow.

To answer your question in regards of the SerComm vulnerability, if you read elvanderb's GitHub (the one who discovered it in January) you will read:

 

 

Backdoor is not working in:

  • [...]
  • Linksys WRT54GL(v1.1) Firmware v4.30.16
  • Linksys WRT54GS v1.52.8 build 001 (thanks Helmut Tessarek)
  • Linksys WRT600N running 1.01.36 build 3 (@shanetheclassic & issue 46)
  • [...]

 

But that only answers your question partially. Let me do some research and I will write you.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

I just assume my router and modem are "backdoor'd".  Now comes something that has been weighing on my mind.  I ordered a laptop about 6 months ago because I wanted 7 Pro and it came via Amazon.  Would I be crazy to consider selling it and buying one directly from the store?  I am using Linux now for my private stuff so I don't need 7 anymore.  If in fact I have/could get a laptop that is "clean" then using multi hop VPN's and TOR would neutralize my issues with a bad router or modem.

 

I want to buy a pfsense hardware setup but I also fear "THEY" will intercept that and modify it as well.  I am done with buying online.  Maybe I should find a "Mother Theresa" type to buy stuff for me and then pay them back in cash.  Might not be too stupid!

 

Seriously, would you consider getting rid of this laptop?  It works great and is loaded (Linux) just how I want, but the nagging feeling is always in the back of my mind.  Responses???

 

 

Before you write my paranoia off, consider this;  my ISP called me and sent their modem to me telling me that mine can no longer be used.  That did NOT happen to my neighbors.  To make matters worse/stranger, they sent me the exact same model that I bought on my own.  No price difference.  That will screw with your head some, trust me.

Share this post


Link to post

Seriously, would you consider getting rid of this laptop?  It works great and is loaded (Linux) just how I want, but the nagging feeling is always in the back of my mind.  Responses???

 

You could get rid of this laptop. Or you can try to confirm your thoughts in every possible way, even decompilation/disassembling is a way.

Read the traffic logs in idle mode. Connect your PC to a device and run a pcap software on this device (e.g. Wireshark).

 

Before you write my paranoia off, consider this;  my ISP called me and sent their modem to me telling me that mine can no longer be used.  That did NOT happen to my neighbors.  To make matters worse/stranger, they sent me the exact same model that I bought on my own.  No price difference.  That will screw with your head some, trust me.

 

It will. What is your ISP?


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

I am going to go shopping for a new laptop while I consider this issue.  We actually could use another machine in the house since my wife's is a fossil (see how I try to justify this - LOL!).  I can easily secure wipe the drive and restore factory 7 Pro and then use this only for "family cruising".

 

I don't have a bottomless budget.  I would like to get an i7 with at least 16 Gig (upgradeable to 32) and something that works out of the box (mostly) with Linux.  Can be any flavor of ubuntu but desktop mainly since it will be a HOST ONLY OS.  I use all VM's for isolation.

 

Anyone have any "in store" suggestions?  I am partial to Thinkpads since IBM stuff seems to work great on Ubuntu.

 

I will also examine the laptop trade-in value.  As you know its likely 50 cents on the dollar and for that I'll keep it.

 

 

Regarding the ISP.  For now I have to still consider revealing that.  Its one of the largest in the country.

 

Side note:  if you could see my internet activity you would be convinced its all about privacy, and not anything like running a hidden TOR service.  Just a boring privacy advocate!

Share this post


Link to post

if you could see my internet activity you would be convinced its all about privacy

 

I'm not that simple-minded to classify high numbers of total traffic as pirate traffic. Most of those users are just hard Steam/Origin users or HD movie streamers.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...