[LINK] What's Behind the Huawei Fracas

Rachel Polanskis grove at zeta.org.au
Wed Mar 28 21:35:30 AEDT 2012


On 28/03/2012, at 20:24, Richard Archer <rha at juggernaut.com.au> wrote:

> On 28/03/12 5:56 PM, Richard Chirgwin wrote:
> 
>> Consider - to snoop on the NBN the Ethernet-over-fibre kit needs to
>> accomplish the following without detection by the operator:
>> 
>> 1. Extract the data from the Ethernet frames,
>> 2. Decide what's interesting and what's not, and
>> 3. Send interesting stuff back to China.
> 
> I think that might be a bit naive.
> 
> If I was designing such a beast, I'd have it watch for control commands 
> passing through the device as normal traffic.
> 
> So all you would need to control the device is an IP or even digital 
> voice connection which passes through it. Such commands could be used to 
> instruct the device to do whatever you've designed into it.
> 
> The device would then act on these commands and inject the responses 
> into the control stream.
> 
> Your machine on the end of the link could then store/analyse the 
> collected data. It would be this machine which would send the collected 
> data "home".
> 
> I doubt there'd be any way to easily tell the device was doing anything 
> untoward. You would have to checksum all data streams into and out of 
> the device and make sure they hadn't been modified in transit.
> 
> As for deciding what's interesting and what's not... I expect this is 
> something the experts in this field would have no trouble with. 
> Especially if the code running on the device was upgradeable on the fly.

.....and do not forget the exploits discovered around SSL and fluctuating power supplies
vis: 
http://www.darknet.org.uk/2010/03/boffins-crack-openssl-library-using-power-fluctuations/

now such exploits are difficult, but my point is that not every contingency can be examined,
and some very clever people out there are finding some new and bizarre ways of circumventing
hardware and software protections....


rachel

--
rachel polanskis 
<r.polanskis at uws.edu.au> 
<grove at zeta.org.au>



More information about the Link mailing list