May 15, 2014

Surveillance Competition, Take Two...

Two days ago, I blogged on the recent revelation that U.S. intelligence agencies have been intercepting American-made routers and servers and inserting backdoors so that they can penetrate networks in markets in which the gear is deployed (link to my May 13 post).

Since then, the story has continued, including with ars technica running photos yesterday of busy beaver agents “upgrading" Cisco routers at a “secret location” (link).  No shit.

In the post I made a couple of days ago, borrowing from Glenn Greenwald’s Monday unveiling of the NSA’s export interception hijinks (link), I tied the new revelation to the politico-protectionist market access barriers that my employer Huawei Technologies has experienced in the U.S.

Following, is my nutshell synopsis of what’s been going on and why the U.S. Government has been blockading Huawei at home, and attempting to blackball the company abroad (Australia, South Korea, etc.):

Over the last few years, Huawei has grown to become either the leading or number two telecommunications infrastructure provider globally, with Huawei routers and servers and other gear becoming commonplace across the planet.

This turn of events has made the NSA’s eavesdropping practices ever-so-slightly more challenging.  It is far easier to re-route U.S. exports through “secret locations” for beacon-implants than to similarly compromise Huawei gear shipping from elsewhere to elsewhere.

Nevertheless, the NSA has attempted to maintain its overwhelming surveillance footprint through its Shotgiant program which, among other things, stole Huawei proprietary product info with the intent to compromise Huawei gear where deployed (link to my March 25 post on the topic), but it would seem this is a far less efficient model than surreptitious interception and “upgrade” of outbound U.S. exports.

What do to, what to do?

Impede Huawei’s global business. Stymie and attempt to roll back Huawei’s worldwide share so that the NSA's eavesdropping activities could be most easily and broadly managed.


Demonize the company, starting with the U.S. market blockade, then extending to arm-twisting in foreign markets.  The blockade was key.  If Huawei had been allowed an even marginally-significant footprint in the U.S., it would have both furthered the company’s global success and market share, and undermined U.S. Government smear and blackball campaigns in other markets.

I’m not sure this policy is working.

The U.S. strong-arm tactics had some success in Australia, in terms of Huawei not being considered for the government-sponsored national broadband network (NBN) project, but they haven't prevented Huawei from successfully serving Australian commercial network operators.  And, more recent U.S. Government attempts to undermine competition and choice in South Korea seem to have fallen flat altogether.

Worse yet, this week’s revelations from Greenwald may well have yet further adverse impact on the overseas prospects for networking gear from U.S. suppliers, yet further hampering the NSA’s ability to conduct surveillance (not to mention wreaking some potentially not-insignificant commercial havoc for the victimized companies).

Look, I’m not saying that the U.S. government should not be engaged in espionage and intelligence-gathering that is critical to maintaining our national security (although I would observe that the domestic overreach that the Snowden Revelations have detailed over the last 11 months is truly reprehensible).

But the policy and practices have failed, both in terms of the exposure of the NSA’s compromise of U.S. Internet and telecommunications service providers and, as recently learned, ICT gear-makers as well, but also in terms of demonizing a world-respected ICT leader like Huawei (and in so doing also depriving American service providers and consumers of innovative and competitive broadband equipment alternatives).

It’s time for a reset.  Across the board.

While we’ve not likely heard the last from Snowden, et al, the crisis of confidence in the ICT industry is reaching a fever pitch. At stake is a global and interdependent economy that increasingly relies on digital and virtual tools and processes.

It’s time for industry and governments to come together to restore confidence in network and data integrity and security – in the Internet itself – and to do so in a rational, pragmatic, and non-political fashion.   See any number of my posts over the last year for thoughts on how this might happen.

May 13, 2014

Surveillance Competition (Greenwald Coins a Phrase)

Yesterday, coinciding with the release of his new book No Place to Hide, one-time The Guardian columnist Glenn Greenwald ran a swan song piece in his former employer’s publication titled “how the NSA tampers with US-made internet routers,” heralding the far broader content featured in his book.

In keeping with the trend of recent Snowden Revelations (e.g. drifting away from highlighting ongoing U.S. intelligence agency abuses against American citizens), Greenwald’s piece focused on exposing the NSA’s practice of covertly implanting interception tools in U.S. information and communications technology (ICT) equipment heading overseas.



The initial Snowden Revelations focused on U.S. intelligence agency compromise of unwilling but sadly witting American internet service and telecommunications providers.  It was really only a matter of time until we were to learn that they went after gear-makers and hardware as well. 

We got a sneak peek at this type of activity in March when Der Spiegel and The New York Times reported on the NSA’s Shotgiant program.  Shotgiant not only penetrated the corporate networks of global ICT industry leader Huawei in order to monitor its confidential communications, but also to steal proprietary product information with the intent to use such information to compromise networks into which the Huawei gear would be deployed.  Link to my blog post on Shotgiant.

(Aside: Lest anyone forget, I work for Huawei)

What Greenwald unveiled yesterday was that not only had American service providers been compromised, but, so too had the ICT hardware and related product of American-based companies. 

Per Greenwald, as per NSA documentation leaked by Snowden: “The NSA routinely receives – or intercepts – routers, servers and other computer network devices being exported from the US before they are delivered to the international customers.  The agency then implants backdoor surveillance tools, repackages the devices with a factory seal and sends them on. The NSA thus gains access to entire networks and all their users.”

Interestingly, Greenwald reports on the NSA’s shenanigans in the context of highlighting that what the NSA has been doing is exactly what U.S. Government entities have consistently yet groundlessly scare-mongered might be done through Huawei equipment.

In the wake of Greenwald’s article, media reports, social media and other conversations feature some surmising that U.S. intelligence agencies were looking in the mirror, observing their own actions, and presuming that the Chinese Government was doing the same thing with China-based companies.  Hence the blockade of Huawei, always accused of but never proven to be potentially complicit. 

But wait.  That assumption doesn’t make sense. 

Greenwald’s account, and subsequent reporting (e.g. see Wall Street Journal article), seem to indicate that the U.S. vendors whose product was violated were not in fact involved with or aware of the violation, rather, that the NSA was covertly snagging outbound exports and then infecting them with whatnot to enable whatever before sending them off on their merry way.

Who knows, we may one day come to learn that the U.S. vendors were indeed complicit, but I very highly doubt it.  It is extremely difficult to imagine the vast conspiracy that such complicity would entail. 

Consider: It was one thing for the NSA to compromise unwilling (for the most part, I believe) service providers - via tidy, manageable conspiracies of the C-suite and legal office - to enable the massive siphoning of data.  It's another thing altogether to compromise tens or hundreds of thousands of routers and servers.  That conspiracy, which would require the complicity of countless employees across a vendor’s organization, would be neither manageable nor sustainable.

The surreptitious interception and infection of outbound product “at the border” which Greenwald and subsequent reporters describe would seem a much better way to get backdoors installed, and would certainly be a lot less prone to information leaks and opposition that would arise in terms of working with complicit vendors.

Which brings us back to the U.S. Government’s opposition to allowing Huawei to compete in the U.S. 

If I am correct that the U.S. vendors were not knowingly compromised, and for the reasons I’ve laid out, then I think it’s pretty fair to assume that the U.S. Government knew full well that Huawei being wittingly compromised by the Chinese Government was also highly unlikely and certainly unsustainable.  Just as was the case with the unwittingly compromised American ICT exporters, it would require a conspiracy far too vast across a very global and very diverse employee population.

So why the Huawei blockade? 

Well, as some have already mused in the wake of Greenwald’s piece yesterday, perhaps because compromising Huawei gear being shipped to far-flung markets would have been a much more challenging endeavor than intercepting and infecting American-made gear.

Greenwald said it better:

 “Warning the world about Chinese surveillance could have been one of the motives behind the US government's claims that Chinese devices cannot be trusted. But an equally important motive seems to have been preventing Chinese devices from supplanting American-made ones, which would have limited the NSA's own reach. In other words, Chinese routers and servers represent not only economic competition but also surveillance competition.”