Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Panopticon of global surveillance
#80

Sorry for letting them snoop? Dell apologizes for inconvenience' caused by NSA backdoor

Published time: December 31, 2013 18:14 Get short URL

AFP Photo / Getty Images / Justin Sullivan




Trends
NSA leaks Tags
China, Germany, Hacking, Information Technology, Intelligence, Internet, SciTech, Security, Snowden, USA

Security researcher Jacob Appelbaum dropped a bombshell of sorts earlier this week when he accused American tech companies of placing government-friendly backdoors in their devices. Now Texas-based Dell Computers is offering an apology.
Or to put it more accurately, Dell told an irate customer on Monday that they "regret the inconvenience" caused by selling to the public for years a number of products that the intelligence community has been able to fully compromise in complete silence up until this week.
Dell, Apple, Western Digital and an array of other Silicon Valley-firms were all name-checked during Appelbaum's hour-long presentation Monday at the thirtieth annual Chaos Communication Congress in Hamburg, Germany. As RT reported then, the 30-year-old hacker-cum-activist unveiled before the audience at the annual expo a collection of never-before published National Security Agency documents detailing how the NSA goes to great lengths to compromise the computers and systems of groups on its long list of adversaries.

Spreading viruses and malware to infect targets and eavesdrop on their communications is just one of the ways the United States' spy firm conducts surveillance, Appelbaum said. Along with those exploits, he added, the NSA has been manually inserting microscopic computer chips into commercially available products and using custom-made devices like hacked USB cables to silently collect intelligence.
One of the most alarming methods of attack discussed during his address, however, comes as a result of all but certain collusion on the part of major United States tech companies. The NSA has information about vulnerabilities in products sold by the biggest names in the US computer industry, Appelbaum said, and at the drop off a hat the agency has the ability of launching any which type of attack to exploit the flaws in publically available products.
The NSA has knowledge pertaining to vulnerabilities in computer servers made by Dell and even Apple's highly popular iPhone, among other devices, Appelbaum told his audience.
"Hey Dell, why is that?" Appelbaum asked. "Love to hear your statement about that."
Equally as curious were Dave Waterson and Martijn Wismeijer two IT experts who took to Twitter to express their outrage before Appelbaum's lecture was even presented and preliminary information about the NSA leaks were published in an article he co-authored for Germany's Der Spiegel magazine.
"NSA planet backdoors to access devices from Cisco, Dell, Western Digital, Seagate, Maxtor and Samsung," Waterson wrote in a tweet that linked to a CNET article from Sunday that quoted from Der Spiegel's top-secret documents.
"Thanks," Wismeijer wrote on Monday. "I just found out my Dell server has NSA bug in Rand BIOS," he said of one critical component that's easily exploited, according to Appelbaum.
@DavidLWaterson Thanks I just found out my #Dell server has #NSA bug in RAID Bios. @DellCares You obviously don't care about your customers!
Martijn Wismeijer (@twiet) December 30, 2013
TechDirt reporter Mike Masnick noticed early Tuesday that Dell's official customer service Twitter account opted to issue a cookie-cutter response that drips of insincerity.
"Thanks you for reaching out and regret the inconvenience," the Dell account tweeted to Wismeijer. "Our colleagues at @DellCaresPro will be able to help you out."
"Inconvenience? You got to be F*ckin kidding me!" Wismeijer responded. "You place an NSA bug in our servers and call it an inconvenience?"
@DellCares @dellcarespro Inconvenience? You got to be F*ckin kidding me! You place an NSA bug in our servers and call it an inconvenience?
Martijn Wismeijer (@twiet) December 31, 2013
"There are times when big brands with social media people' might want to teach those junior level employees to recognize that using one of the standard scripted' answers might be inappropriate," opined Masnick.
Appelbaum didn't leave Dell off the hook after revealing just that one exploit known to the NSA, however. Before concluding his presentation, he displayed a top-secret document in which the agency makes reference to a hardware implant that could be manually installed onto Dell PowerEdge servers to exploit the JTAG debugging interface on its processor a critical circuitry component that apparently contains a vulnerability known to the US government.
"Why did Dell leave a JTAG debugging interface on these servers?" asked Appelbaum. "Because it's like leaving a vulnerability in. Is that a bugdoor, or a backdoor or just a mistake? Well hopefully they will change these things or at least make it so that if you were to see this, you would know that you have some problems. Hopefully Dell will release some information about how to mitigate this advance persistent threat."
Appelbaum also provoked Apple by acknowledging that the NSA boasts of being able to hack into any of their mobile devices running the iOS operating system.
"Either they have a huge collection of exploits that work against Apple products meaning they are hoarding information about critical systems American companies product and sabotaging them or Apple sabotages it themselves," he said.
"Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone," the company responded through an official statement on Tuesday. "Whenever we hear about attempts to undermine Apple's industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who's behind them."
Meanwhile, other top-tier computer companies have already addressed Der Spiegel and Appelbaum's allegations that they either colluded with the NSA or complied with the spy firm as they exploited vulnerabilities, known or unknown, in their own products. A representative for Microsoft told the Huffington Post on Monday that their companies "does not provide any government with direct or unfettered access to our customer's data" and said the tech giant "would have significant concerns if the allegations about government actions are true," but a Washington, DC representative for Chinese company Huawei was more upfront when reached for comment by Wired about any cooperation with the US government or other entities.
"We read the media reports, and we've noted the references to Huawei and our peers," Huawei vice president William Plummer told Wired from the US capital. "As we have said, over and over again and as now seems to be validated threats to networks and data integrity can come from any and many sources."
"Everything that the United States government accused the Chinese of doing which they are also doing, I believe we are learning that the United States government has been doing to American companies," Appelbaum said towards the end of Monday's presentation. "That to me is really concerning and we've had no public debate about these issues."
http://rt.com/usa/dell-appelbaum-30c3-apology-027/
"The philosophers have only interpreted the world, in various ways. The point, however, is to change it." Karl Marx

"He would, wouldn't he?" Mandy Rice-Davies. When asked in court whether she knew that Lord Astor had denied having sex with her.

“I think it would be a good idea” Ghandi, when asked about Western Civilisation.
Reply


Messages In This Thread
Panopticon of global surveillance - by Magda Hassan - 01-01-2014, 07:45 AM
Panopticon of global surveillance - by R.K. Locke - 14-02-2015, 07:26 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Dumbo : how the CIA blind surveillance cameras Magda Hassan 0 34,223 14-08-2017, 12:16 AM
Last Post: Magda Hassan
  HR 658 Authorizes 30.000 surveillance drones over the USA - to be increased! Peter Lemkin 8 17,983 31-01-2017, 02:50 AM
Last Post: Magda Hassan
  AP Sues US Gov’t over Fake FBI News Article Booby Trapped with Surveillance Virus Magda Hassan 0 5,986 06-12-2015, 02:39 PM
Last Post: Magda Hassan
  The Limits of The Panopticon Magda Hassan 0 5,641 22-11-2015, 07:41 AM
Last Post: Magda Hassan
  US spy chief Clapper defends Prism and phone surveillance David Guyatt 485 122,381 13-12-2014, 10:08 AM
Last Post: David Guyatt
  'Five Eyes' surveillance pact should be published, Strasbourg court told Magda Hassan 1 4,146 09-09-2014, 09:34 AM
Last Post: David Guyatt
  Defensive Shift - Turning the Tables on Surveillance Magda Hassan 0 3,740 26-08-2014, 03:14 PM
Last Post: Magda Hassan
  Surveillance Capitalism Magda Hassan 0 3,282 05-07-2014, 02:44 AM
Last Post: Magda Hassan
  Biggest anti-mass surveillance event in the U.K. Magda Hassan 2 6,417 12-06-2014, 10:05 AM
Last Post: Magda Hassan
  Secret EU surveillance drone project revealed David Guyatt 0 4,491 12-02-2014, 09:43 AM
Last Post: David Guyatt

Forum Jump:


Users browsing this thread: 1 Guest(s)