These routers would not be a danger in any classified e-massages as they are encrypted with AES, RSA or encryption systems that we do not know about.

The biggest danger from these routers is if the Chinese wanted to shut down the Internet.
They could be used as controlled bot-nets to launch a DoS attack.(controlled hardware virus)
And because they are in the US cutting connections with china would not stop the attack.
Even cutting all the connections with the outside world would not stop this type attack.

This type of complete shutdown would hurt the US military but would basically force all there massage traffic to secure radio or other means.

This would slow call-ups of personal and the supply chain ect

I see this FBI story as a little disinformation as to the real danger.
the FBI knows the real danger but does not want to tip there hand to china.

If they came out with the real problems the Chinese would just go to plan B

The FBI want these router out of the system because of the ability to use them for a DOS attack.

The real danger to the US military is a hardwired virus in motherboards that may be used in computers coming from china that could pick off secrets before they were encrypted or after they were decrypted

Standard cop practices is to never let the suspect know what the cops know
always leave the suspect guessing.
the FBI are masters at this.
that is why lawyers tell you never talk to the cops if you are a suspect in a crime.
the FBI is not going to come right out and tell china what they suspect.

Well ,think aout this.I am sitting here typing this out on a laptop made in China and I have always wondered about what is exactly on it.I know for a fact that the computers that the Navy has been purchasing are made in China, because I worked for a contractor on a base and one of my responsibilities was setting them up.If there are back doors on routers there are probably some nerfarious programs on these computers.
I believe even the digital photo frames have recently been found to be infected with viruses.
As a side note, notice that the Air Force has changed their logo so it now says Air,Space and Cyberspace.

You are incorrect about the encryption protecting the data.

Most forms of data encryption utilize a process where data are decrypted and re-encrypted on each router. Own the router, own the data.

Only a true point to point VPN tunnel would protect from this that encrypts from the desktop to the final destination without intermediate decryption.

Furthermore many communications are not encrypted for communications behind the DMZ which is a section with routers between two firewalls.

So if this router lands behind the internal firewall of the DMZ, the unencrypted data can be redirected, encrypted for receipt by the hacker, and sent through the DMZ, for their eyes only.

Even more worrysome is the fact that these are in widespread use in the US.

Any decent security professional must now assume that all the data has been compromised. That means our medical and credit data and everything else. You might just as well say the USA has been hacked and that they know everything.

What is potentially wore is that if there is one Secret network somewhere which is improperly connected to the unclassified network or public network then we must assume the enemy has everything.

This should never have been allowed to occur in public or Govt. The concept is not new.

This should be public knowledge and have been formally announced publicly. Ordinarily when a major hack occurs it is kept quiet from the public until a fix is available. It would be irresponsible to announce a vulnerability for others to exploit, when there is no defense.
In this case the defense is quite clear, get the counterfeit systems out of the network.

Originally posted by fievel3782

Originally posted by jankopernik
Counterfeit products from China is not new, and is not the point in this thread. The point is the 'backdoor' which isn't there... From my 19+ years in the IT field I would be much more concerned with a fire risk in my data center from one of these knock-off devices than the security breach potential.

This guy is correct. I'm in the IT industry as well...

The only thing being compromised here would be Cisco's profit, and the ripping off of innocent and unsuspecting customers thinking they're getting a real Cisco router, instead they're data center catches on fire.. lol

Well, if we're gonna be throwing our credentials and expertise around the place, I've been in the IT "industry" (not that we have any serious enough around here) for 3 years, plus my 5+ years of university education (both software and hardware design) which gave me a well all-round knowledge of microprocessor design, data encryption, database programming, computer network design and communication, etc...

On top of all that, I'm also very interested in psychology and warfare. Does that make me a better expert than other people around here? Not really. These concepts (spying and disruption of communication lines) are so universal that anyone can grasp them, regardless of educational level.

What people (I certainly do) usually think of when they hear of "fixed" hardware, is network sniffing and password collecting (encryptions are implemented on several different levels, but some information cannot be completely protected - like network topology if router is "fixed"). While these are important parts of network spying (a good example would be those optical underwater cables that were cut recently, and most probably "equipped" with U.S. sponsored "enhancements"), what is more important is the communication line itself.

Ask any site owner how they felt when they were hit with DoS attack... Or, heaven forbid, with DDoS one (Distributed Denial of Service - absolutely no chance of stopping that one... short of cutting all connections to the outisde world, which is kind of the point of attack, isn't it?).

As far as I know, all military communication lines are backed up by at least 2 or 3 spare lines, but... has anyone tested them recently? What would happen if some of them went dead, and others started transmitting "echo" data? My guess would be that there would be total chaos in the system. There is no software smart enough to deal with that kind of disruption. False data would be taken as genuine, and genuine would be taken as false. All kinds of interesting mis-communications would take place...

Simply put, the whole system is so big that it would be virtually impossible to test it against such a scenario.

On a side note, there's an interesting tendency I've noticed recently. People are more ready to place their trust in computer systems. Actually, they go as far as to demand that software does every possible job people now do, and even track all human activities in the process. What I've seen personally is that this tendency leads to software systems so big and cumbersome that they end up beating their own purpose. The work that has to be put in maintaining such system, and feeding it with information, far surpasses its value as a tool.

Examples? How about U.S. robotic warriors? Haven't I read somewhere that those U.S. warrior robots recently tested in Iraq turned against U.S. troops? Ah... Maybe I just dreamt about it.

Digital Engineer, CISSP, Network Engineer, Security Analyst.
Talk my 80 year old mom through Windows reinstalls on weekends for years.

If the systems are designed for espionage, then they are not just poorly constructed copyboxes. They are trojan horses. You cannot know what additional features they could have built into them without peeling the chips one layer at a time and back-engineering them.

Since all of your data passes through the routers on your network, they see everything which is not strictly local to your PC. They could let anyone they want to into your network.
They could choose to log or not log events leaving the hacker invisible.
They could give the hacker more bandwith, higher security rights than root admins.
They could cause chaos on demand within your network.
They could lock all of your real users out of network communicaitons while allowing only the hacker access to everything, most authentication is passed through the router via Tacacs+, Radius or RSA SecurID. While the SecurID changes each minute, if you own the router, you borrow the 1 time password (passcode) , bump the real owner and steal his basket of goodies. logon to his desktop and steal his certificates, if they have not been configured to be non exportable, or been placed on a usb device which precludes export of the private key.

They could ignore any security requirements.

You no longer have non-repudiation, you no longer have authentication, you no longer have access control. Account numbers can change in mid transfer, dollar amounts too.

You can wake up one morning and find that your corporations accounting and payroll has been wiped out and that you can do nothing to save your company because the backups for the last year all say "From China With Love!", over and over again.

If you know security, then you know what a security kernel is. Well you don't own them for your network anymore. China does.

In effect you have only the security of a stand alone PC left.
Yes encrypted files are good. But if you own the routers, you own the router certificates, you hold the keys.
You turn the encryption off if you want to. You peek at the constantly changing session keys in Secure SSL.


Almost Everything on a network passes through the network sooner or later. A trojan horse router is the ultimate weapon in cyber warfare!

To sum that up, "Chang owns you!"


Sleep well dreamers, the sand is running out of the clock.

[edit on 23-4-2008 by Cyberbian]

[edit on 23-4-2008 by Cyberbian]

If you store the private key for your RSA keypair on a smartcard or USB then they are non recoverable. The private key is generated on the local system and never sent back to the certificate server unless a key recovery HSM Hardware Storage Module is used, and even then multiple layers of crypto black magic protect the transactions.

You folks keep referring to custome crypto type protections which would be on secret networks(Dark Sites), which should not be accessable to the outside world.

They are isolated into their own seperately wired world, no cross talk allowed. Secret and above networks are that way expressely because of potential attacks.

Those same protections are never used on unclassified systems.

However if the counterfeit was designed with a very special transmitter it would be a serious threat to classified networks. That is why classified systems are housed in tempest hardened buildings. The transmitter would have to be capable of penetrating a farady cage to be useful. Perhaps back propigating through the power grid in a way which is not being filtered.

Originally posted by elendal

Originally posted by fievel3782

Originally posted by jankopernik
Counterfeit products from China is not new, and is not the point in this thread. The point is the 'backdoor' which isn't there... From my 19+ years in the IT field I would be much more concerned with a fire risk in my data center from one of these knock-off devices than the security breach potential.

This guy is correct. I'm in the IT industry as well...

The only thing being compromised here would be Cisco's profit, and the ripping off of innocent and unsuspecting customers thinking they're getting a real Cisco router, instead they're data center catches on fire.. lol

Well, if we're gonna be throwing our credentials and expertise around the place, I've been in the IT "industry" (not that we have any serious enough around here) for 3 years, plus my 5+ years of university education (both software and hardware design) which gave me a well all-round knowledge of microprocessor design, data encryption, database programming, computer network design and communication, etc...

On top of all that, I'm also very interested in psychology and warfare. Does that make me a better expert than other people around here? Not really. These concepts (spying and disruption of communication lines) are so universal that anyone can grasp them, regardless of educational level.

What people (I certainly do) usually think of when they hear of "fixed" hardware, is network sniffing and password collecting (encryptions are implemented on several different levels, but some information cannot be completely protected - like network topology if router is "fixed"). While these are important parts of network spying (a good example would be those optical underwater cables that were cut recently, and most probably "equipped" with U.S. sponsored "enhancements"), what is more important is the communication line itself.

Ask any site owner how they felt when they were hit with DoS attack... Or, heaven forbid, with DDoS one (Distributed Denial of Service - absolutely no chance of stopping that one... short of cutting all connections to the outisde world, which is kind of the point of attack, isn't it?).

As far as I know, all military communication lines are backed up by at least 2 or 3 spare lines, but... has anyone tested them recently? What would happen if some of them went dead, and others started transmitting "echo" data? My guess would be that there would be total chaos in the system. There is no software smart enough to deal with that kind of disruption. False data would be taken as genuine, and genuine would be taken as false. All kinds of interesting mis-communications would take place...

Simply put, the whole system is so big that it would be virtually impossible to test it against such a scenario.

On a side note, there's an interesting tendency I've noticed recently. People are more ready to place their trust in computer systems. Actually, they go as far as to demand that software does every possible job people now do, and even track all human activities in the process. What I've seen personally is that this tendency leads to software systems so big and cumbersome that they end up beating their own purpose. The work that has to be put in maintaining such system, and feeding it with information, far surpasses its value as a tool.

Examples? How about U.S. robotic warriors? Haven't I read somewhere that those U.S. warrior robots recently tested in Iraq turned against U.S. troops? Ah... Maybe I just dreamt about it.

I worked for the DoD as a software developer for secure discovery of web services.

The DoD issues it's own public keys and uses two-way SSL authentication with MD5 Hash and PGP encryption. Network data using web services is transferred via SOAP over HTTP using the WS-Security protocols.

Access on assets is moving to a policy based access model or RBAC. Role based access control using policies within a SOA framwork.

The problem is each military division has its own version and no one is on the same page. They are trying to interpolate all divisions into one framework called the GIG (Global Information Grid).

Single Sign-On is using Open SSO and systems are devided into classifications based on security level. A top secret security assurance level system cannot pass information back down the chain to a lower security level. A lower security level system can pass information up, but not receive any information back.

Because of the requirements above, it has caused each division to peform work-arounds for getting data back down to lower level systems, causing a convoluted mess.

Also, data is transmitted as long integers.

Last night I went with a friend to buy her a new laptop, then suddenly something struck me after she asked: "Why there is no computer without Windows?"

All I saw were PCs and Notebooks with Windows Vista or here and there a Windows XP, even my neat PDA phone is operated with Windows Mobile 6.0, she is having the latest imported Iphone.

So we went to look up the software markets, even there I saw every shop selling Windows Vista or XP, and on the street you have those annoying smugs trying to sell that 99% lower priced illegal CD-R/DVD-R Windows software.

Oh, did I mention that I am living in China? And that I am talking that Windows is THE mainstream OS in the Chinese homes and offices? Chinese versions of Windows?

What I want to express is that if Americans are worried that Chinese are that sinister to put backdoors at every single sold hardware of whatever kind, then Chinese could equally be as paranoiid that all the Software of Chinese devices at home and offices are ran by mainly American softwares with the potential of similar "backdoors and trojan horses.".

Maybe for once people of different countries should be less paranoiid, the last thing we want to see is that all of us lock our own doors and isolate ourselves from the rest of the world. Let's put some more faith and trust in each other and work on a realistic, sustainable and durable SOLUTION to a major international problem.

Someone raised that even qualified appointed OEM/ODM manufacturers are spitting out counterfeits products. I heard the same stories from some friends. Well, I am not so sure if the top-management of those factories are even aware of it that a few thieves are corrupted and taking things out of the product lines. It's hard to control factories of 100 people, let alone sometimes in the tens of thousands. And people wonder (criticize) why in China we need severe and strict punishments for any law-breakers when we need to manage and develop over 1,350,000,000 people.....

Good post InChiSan. The Chinese government did catch a backdoor placed in Windows software on government computers relaying the info back to a database at Microsoft.

I'm assuming now all Chinese government military systems are using UNIX/Linux. I'm sure both conuntries have numerous "back doors" into all kinds of hardware and software.

No doubt, basically like SkyNet. Computers have authority to issue commands based on imperical data and gathered intelligence using AI.

Business rules and Expert Systems are already touching on AI based decision making. Rules are exhausted based on known attributes. The rule left is the one that is used. Inferance based rule engines.

The military is using Policy Decision Points (or PDPs) to make decisions and permit access to requested resources. Policy Access Points (PAPs) take responses from a PIP (Policy Information Point) which is typically and LDAP store.

All this data is in transit at the network layer using XML Encryption over SOAP. It's interesting stuff and someday we may see rogue web services.