Create an Account
username: password:
  MemeStreams Logo

MemeStreams Discussion


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Cisco's Backdoor For Hackers - You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Cisco's Backdoor For Hackers -
by Decius at 7:02 pm EST, Feb 4, 2010

Activists have long grumbled about the privacy implications of the legal "backdoors" that networking companies like Cisco build into their equipment--functions that let law enforcement quietly track the Internet activities of criminal suspects. Now an IBM researcher has revealed a more serious problem with those backdoors: They don't have particularly strong locks, and consumers are at risk.

In a presentation at the Black Hat security conference Wednesday, IBM ( IBM - news - people ) Internet Security Systems researcher Tom Cross unveiled research on how easily the "lawful intercept" function in Cisco's ( CSCO - news - people ) IOS operating system can be exploited by cybercriminals or cyberspies to pull data out of the routers belonging to an Internet service provider (ISP) and watch innocent victims' online behavior.

In And Out Through The Backdoor
by noteworthy at 7:47 pm EST, Feb 4, 2010

Steve Bellovin et al:

Architecture matters a lot, and in subtle ways.


Internet protocols are complicated and sometimes they fail in subtle ways that defy naive assumptions.

Tom Cross:

These are harder problems that require more thought.

Thomas Powers:

Is more what we really need?

Tom Cross:

We need to balance privacy interests with the state's interest in monitoring suspected criminals.

Bruce Schneier:

Will not wearing a life recorder be used as evidence that someone is up to no good?

Noam Cohen's friend:

Privacy is serious. It is serious the moment the data gets collected, not the moment it is released.

Andy Greenberg:

And once data has been collected using the lawful intercept, it can be sent to any destination, not merely to an authorized user.

Jean-Luc Godard:

It's not where you take things from -- it's where you take them to.

Straw Man:

It's gonna be cool. Give me money. No consequences, no whammies, money.

Tom Cross:

It's not just the router vendor and the [Internet service provider] who have an interest in how this interface is built.

We all do.

Viktor Chernomyrdin:

We wanted the best, but it turned out as always.

Tom Cross:

The situation is fairly bleak.


The ship has already sailed on the question of whether or not it's reasonable for the government to collect evidence about everyone all the time so that it can be used against them in court if someone accuses them of a crime or civil tort. This is just another brick in the wall.


What you tell Google you've told the government.

Andy Greenberg:

The exploitation of lawful intercept is more than theoretical.


Several rumors from Google sources [allege] that China accessed Google's US Government [lawful] intercept system, which provides Gmail subjects/dates.

A.C. Grayling:

The Chinese government tried to hide the incident. It failed to; think how often it succeeds.

There is a redundant post from ubernoir not displayed in this view.
Powered By Industrial Memetics