[LINK] What's Behind the Huawei Fracas

[Richard Archer]

On 28/03/12 5:56 PM, Richard Chirgwin wrote:

> Consider - to snoop on the NBN the Ethernet-over-fibre kit needs to
> accomplish the following without detection by the operator:
>
> 1. Extract the data from the Ethernet frames,
> 2. Decide what's interesting and what's not, and
> 3. Send interesting stuff back to China.

I think that might be a bit naive.

If I was designing such a beast, I'd have it watch for control commands 
passing through the device as normal traffic.

So all you would need to control the device is an IP or even digital 
voice connection which passes through it. Such commands could be used to 
instruct the device to do whatever you've designed into it.

The device would then act on these commands and inject the responses 
into the control stream.

Your machine on the end of the link could then store/analyse the 
collected data. It would be this machine which would send the collected 
data "home".

I doubt there'd be any way to easily tell the device was doing anything 
untoward. You would have to checksum all data streams into and out of 
the device and make sure they hadn't been modified in transit.

As for deciding what's interesting and what's not... I expect this is 
something the experts in this field would have no trouble with. 
Especially if the code running on the device was upgradeable on the fly.

...Richard.