DHS: Imported Tech Tainted with Backdoor Attack Tools
DHS: Imported Tech Tainted with Backdoor Attack Tools
This article bothers me because we received a new computer years ago and though we had Norton Antivirus, we were attacked by a virus and I didn't feel we were at fault. I'm suspicious now because of the article.
http://www.networkworld.com/community/node/76262
How are you going to know? How are you going to know if that new computer you buy comes with embedded malware?
DHS admitted that backdoor malware comes embedded in brand-new imported electronics. Yet that security threat has been real for years; a Defense Science Board warned about a tainted supply chain for tech devices and components back in 2005.
This article bothers me because we received a new computer years ago and though we had Norton Antivirus, we were attacked by a virus and I didn't feel we were at fault. I'm suspicious now because of the article.
http://www.networkworld.com/community/node/76262
How are you going to know? How are you going to know if that new computer you buy comes with embedded malware?
Comments
Mind you, they've got beer, eh, so it wouldn't be a complete waste.
The big question is who is behind these;
1. Individuals (rogue developers in companies)
2. Poor controls (external hackers updating souce code, extremely poorly designed architecture (allowing non-authorized individuals to update the device), or poorly written code full of vulnerabilities)
3. Organized crime (either working with folks in the company (extortion/bribary/plants etc) to have it developed/added.
4. State Sponsored (one or more countries having a policy of placing back doors into infrastructure so that they can access it as needed (aka. cyber war, intelligence gathering, intellectual property theft, political system manipulation (by targetting individuals / relationships), financial system disruption (loss of faith in electronic banking/online trading/online transactions), etc)
Personally it's probably a combination of all of these. In the past it would have been 1, 2 and 3 only. Though in the last 5 year or so I think we are seeing more 2,3&4. As I've heard, there are a lot of very smart poor programmers in the former soviet union, who unfortunately get hired by organized crime, and it's a lot easier for them to do cyber crime/extortion than robbing a bank, kidnapping, trading in illegal goods.
Since Linux offers a wide array of utilities (These migrated over from Unix) and some very sophisticated security options for free, I have gone there to get DIY sanity. It helps greatly to [1] not be a MS system as that is what is the target of choice and [2] to have a Unix-like file system which allows partitions to lock out unwanted hackers.
Even then, Java seems to still be blamed for a lot of snoopy activity and any Browser is a rather weak line in your internet use.
Perhaps I miss spoke .
What I was saying was I have to hate how Our Gov is being like russia was 40 Years ago .
not this article but ones it linked too.
like confiscating Laptops at the border Ect .
this news however is the ONLY good news that I have seen on the DHS doing there job .
not" good news" per say but not the strip me at the LAX news . but a a good thing they did by descovering this .
andf Loopy Iam happy to say I have decided to NOT buy a new mac . not cause of OSX but I need a rugged lappy and the toughbook I got is just that .
Us BSD UNIX LINUX dudes and dudetts are the ones who are in the know about how to mitigate these issues .
With my new computer Ill bne useing AES 256 .... and Debian ... ( ubuntu is to short lived per release
And good beer at that.
Ok, now I get it. Since it's been known for some time that a lot of the counterfit and/or pre-infected stuff comes out of Asia, I thought maybe you were saying that Canada had some way to bypass this with Canandian manufactured goods.