Slashdot Mirror

← Back to Stories (view on slashdot.org)

FBI Concerned About Implications of Counterfeit Cisco Gear

Posted by timothy on from the now-watch-these-chickens-well dept.

SpicyBrownMustard writes "An FBI PowerPoint presentation provides details about a criminal investigation into counterfeit CISCO hardware originating from China, and sold by Gold/Silver partners to numerous US government, military, and intelligence agencies. The concern of the article's author and the FBI is that the counterfeit equipment may be state-sponsored to aid in accessing otherwise secure systems (slides 46+47). Says the article author: 'The threat is real. Compromised hardware of potentially hostile foreign origin sits within secure networks of the US government, military, and intelligence services. And as you now see, the FBI has been concerned about it.'" We've mentioned the seizure of some of this equipment before, but this presentation adds quite a bit of detail, and highlights the FBI's concern of Chinese government involvement.

9 of 273 comments (clear)

  1. Re:Concern? by Trigun · · Score: 3, Informative

    IIRC, the gear was not counterfeit, but merely not licensed by Cisco. The same factories made X units, Cisco bought X units, everything else made it to the black market, and was considered counterfeit, due to the fake Cisco packaging, etc.

  2. Re:They should have known it all along. by evanbd · · Score: 5, Informative

    If you're a government customer with national security concerns, you can audit the source to commercial products as well. It's frequently a requirement, and the government is too large a customer. Of course, the code stays closed to the general public.

  3. Re:Time for state-sponsored fablabs by Pascoea · · Score: 2, Informative
    Sorry, not going to happen. I've personally built and troubleshot their competitors (Juniper) equipment and we didn't even have access to the VHDL, Boot Prom, OS, or any other software documentation. There is now way in hell that they are going to hand this information over to the government.

    Besides, the issue is not within the design itself. (I know, this point is arguable... but that is a different thread) the issue is non-trustworthy people building unauthorized reproductions of Cisco equipment.

    As far as I know, high end products like Cisco are still manufactured in the United States. So if you want to ensure that you are getting domestically produced product you need to take over the delivery chain, not the production chain.

    Leave the production to the experts, thats what they do. it is time to begin building robotic factories What do you think builds them? The only thing hand built is the high level assembly and inspection.

  4. Re:Concern? by kcelery · · Score: 2, Informative
    Please keep any eye on the Xerox repairman as well as the router guy.


    http://www.interesting-people.org/archives/interesting-people/199909/msg00020.html

  5. Re:The FBI Followed Up With by zappepcs · · Score: 2, Informative

    Your joke is exactly why I'm starting to play with Vyatta http://www.vyatta.com/ and http://en.wikipedia.org/wiki/Vyatta to get away from the alphabet soup of groups that want to know what happens inside my home without my knowledge. Performance is pretty good for small office/home networks and leaves you quite a few options if playing with computers is your hobby.

    --
    Support NYCountryLawyer RIAA vs People
  6. Not true. The new FIPS regulations change that. by CFD339 · · Score: 2, Informative

    Under FIPS, not only must the vendor use specific encryption standards -- those standards must be implemented using specific approved code libraries which have gone through an audited security certification process.

    In at least one major application that I'm aware of, if you set the system to be "FIPS" compliant, users who have the newest client can't send encrypted data to users who have older versions because even though they can read it just fine because they do support the standard of encryption -- the libraries used on the older client versions wasn't FIPS compliant. Its a nightmare in terms of implementation and transition from version to version.

    --
    The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
  7. Re:That's not good enough. by evanbd · · Score: 2, Informative

    I'm not trying to argue that open source isn't a good thing; I think this stuff should be open source. All I'm saying is that "proprietary software can't be audited" is a specious argument when talking about government agencies with national security concerns.

  8. Re:Nightmare by sjames · · Score: 2, Informative

    I'll bet if one of the biggest buyers of secure networking equipment hints that it will only be interested in units made entirely in the U.S., they'll find a way to get it ramped up here. After all, China found a way to ramp it up there.

  9. I retired a few routers... by Karl+Cocknozzle · · Score: 2, Informative

    ...right around the time these stories really started getting mass-publicity...

    And was shocked to find that, for example, my 3745 had, among other things, 4 VWIC-2MFT-T1 interfaces... Three of the four were counterfeit--but all were bought through Cisco Gold partners.

    Until I saw this with my own eyes, I had no idea how wide this issue reached.

    --
    Who did what now?