Slashdot Mirror
DoJ Alleges Cisco Reseller Made $37 Million Selling Counterfeit Equipment
netbuzz writes "The latest scam involving stolen and/or fake Cisco equipment may also be one of the largest, as the Department of Justice says a 43-year-old San Jose-based reseller accumulated $37 million in ill-gotten gains over a period of years that he then poured into real estate and luxury cars. The feds say the guy also used part of the loot to set up college funds for his four children. At least four other such scams have been perpetrated against Cisco in recent years."
How is this a scam against Cisco?
They won't let you put smartnet on a used device, so not like they have to support it. This is a scam on Cisco customers, not Cisco.
Tough choice. Go with cisco and get spied on by the NSA or go with huawei and get spied on by the Chinese. Hmm at least the Chinese only want your money!
Do you need to earn "Crime pays" kind of money to fund college funds for 4 children in America?
I don't know whether he wants his kids to have a good education or whether he thinks they'll make better master criminals with a degree & a job in Wall Street :)
But at the very least he thinks a child's education is important, which is more than most.
Quidquid latine dictum sit, altum videtur
Cisco engineer here. We don't modify our equipment for anybody beyond basic CALEA-type compliance requirements. We don't even market ourselves for interception/monitoring type roles in most cases. There is a ton of money in other, less politically contentious areas.
Hope this sets some of the record straight.
Most of the "fake" Cisco hardware I've seen is the real stuff that failed a quality check and was rejected by Cisco. The manufacturers overseas tend to just sell these rejects out the backdoor rather then destroy them.
"Have you ever thought about just turning off the TV, sitting down with your kids, and hitting them?"
the counterfeits had no back doors for the NSA to snoop on through.
by TheSpoom (715771) Uncaring Linux user here. I have nothing to add to this but please continue. *munches popcorn*
Cisco engineer here. We don't modify our equipment for anybody beyond basic CALEA-type compliance requirements.
That *you* know of.
If you want news from today, you have to come back tomorrow.
So one single piece of fake gear breaks and you call cisco about it with the serial #. They say it's made up and they or you report the vendor to the FBI. They're in jail within days. How the hell would a fake cisco gear racket possibly work given that situation?
Cisco engineer here. ...We don't even market ourselves ... in most cases
In otherwords, we don't except when we do.
Out of modpoints but really liked a post? 1BDkF6TtmmeZ3yqXbz9yhdYVqRYnwFoXDj
I've never had a problem with Broadcom (mostly Asus then), Realtek, or Trendnet. Why does everyone assume big names = best choice as businesses? That's how business end up with Dell and HP PCs and we all know that's a huge mistake.
Intel engineer here. We get the same shit. Everyone thinks we fill the chips with back doors when we don't.
As a low level engineer, why do you assume that you would know about the back doors?
Why do you assume it's easy to engineer "back doors" into ICs?
I'm not saying any of this counterfeiting of gear is legally or morally "ok" -- but Cisco has LONG been inflating the prices of their equipment FAR beyond what it's reasonably worth, given the components inside.
I remember at least 10 years ago opening up one of the Cisco PIIX firewalls our company had recently upgraded to, and discovering it was essentially a Pentium class PC motherboard and CPU inside. They were charging all that money for standard (outdated at that point) PC hardware, crammed into a Cisco labeled rack mount case.
More recently, one of our branch offices had their Cisco router/VPN die on me. The office moved to a new location and all I did was unplug the power to it, move it to the new office down the road, and plug it back in. It refused to power on at all .... totally dead. At first we assumed it might just be a bad AC power adapter, but nope. The whole unit was defective. (Finally found a CIsco tech document online mentioning the issue. Supposedly early revisions of this unit had a problem where they could get caught in an endless loop after a power cycle and never come back up. Nice!)
The worst part? All of the office's complex configuration settings were in the old, dead router. Luckily, they were saved on a CF memory card in the unit, so I took it apart and pulled the card out. When my boss went through the big song and dance to get Cisco to send us a replacement router and open an RMA for the dead one, I swapped the flash cards. It worked, but only sort of.... Turns out every connection made beyond the first 10 were getting nowhere, because all the licensing we had didn't transfer over. Cisco ties that part of each unit's serial number. So the office was down for hours while we fought again to get tech. support to do a license transfer to the replacement router.
I fail to see what point there was at all to forking out the money for real Cisco gear, when it failed us like that AND was made so artificially difficult to get back up and running again? If we had used some cheaper, off the shelf product (like D-Link or what not?), we could have easily gotten another new unit going with far less downtime and had the ability to keep a spare around for the price of the 1 Cisco.
The counterfeiters wouldn't be targeting Cisco so heavily if they weren't aware of the huge price markup on the stuff in the first place.
"Tough choice. Go with cisco and get spied on by the NSA or go with huawei and get spied on by the Chinese. Hmm at least the Chinese only want your money!"
Not much of a choice. Don't you keep up with the news? Go with Cisco and get spied on by both the NSA and the Chinese (cheap chips with potential back doors) and Cisco!
Best to just stay away from them altogether.
Shouldn't it be obvious from the moment you try to get it TO WORK that the hardware is counterfeit and doesn't work?
How does such a "business" last long enough to make tens of millions of dollars?
Corporatism != Free Market
It doesn't have to run a TCP/IP stack and phone home, it could be as simple as an undocumented instruction that would branch to an arbitrary memory location, allowing anyone who knows about it to write exploits against the system.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Intel engineer here. We get the same shit. Everyone thinks we fill the chips with back doors when we don't.
Aircraft instrument software designer here.
I once took some time to consider what it would take to hack the software I was writing. IOW, if I wanted to put a backdoor or vulnerability that could knock a plane out of the sky, how would I do it?
I did some research into underhanded C and such like, and tried to come up with a way that I could do it. (And came up empty - unlikely with so many eyes looking in-depth at the final product.)
Question for you: Have you ever done that? Have you looked at your dev process and thought in detail how you might do it?
Couldn't a FISA warrant presumably be used to require cisco to install a backdoor on a costumers equipment? If so wouldn't anyone with knowledge of such actives be under a gag order by the court?
I'm not a Cisco fan, but you're not factoring in the cost of Cisco R&D, testing, documentation, software development, which all adds up to billions of dollars for them. Most of it is probably not very efficient any more due to their size, which is why younger companies like Juniper or Polycom or Cyan can offer more for less, depending on the type of equipment you're after. Still, it's not like Cisco could sell their products for 10% over the component cost and not immediately start hemorrhaging money.
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
Well... with four kids to put through college at these day's rediculous prices... can you blame him?!?!
Cisco is what my friends who want to be network admins buy shortly before their home networks (including their self-hosted mail servers) go offline because it takes them forever to figure out how to configure the #$@# things!
HO scale engineer here. I'm sure the words posted AC on Slashdot has assuaged our ignorant misguided concerns and fears. I know I feel better already.
Cisco engineer here. We don't modify our equipment for anybody beyond basic CALEA-type compliance requirements. We don't even market ourselves for interception/monitoring type roles in most cases. There is a ton of money in other, less politically contentious areas.
Hope this sets some of the record straight.
For hire.
And why do you assume he/she is "low level"?
Because she/he doesn't know about the back doors.
So you're saying I:
#1. Should NOT be upset that a costly piece of critical networking infrastructure gear just went DoA by simply powering it down and back up again, despite only being a couple years old?
#2. Should have done some sort of backup which would easily let me restore all the settings into the replacement device AND allowed the licensing from the original unit to come over to the new one without Cisco's assistance?
#3. Yes, upset that the license was tied to a dead device and nobody on Cisco's phone support hotline seemed to understand the idea that it caused an entire office to be DOWN/NON-functional! We kept having to argue with people who claimed "You're not really down, because you have replacement equipment from us.", and acted like we should just submit some web-based request for the license xfer and wait days for them to process it.
You make a valid point, in our situation, most likely. To be clear, we're just talking about one of Cisco's lower end VPN routers though, which Cisco itself claims is suitable for the purpose and scope of what we're doing with it. But my point is, even this device sells for north of $1,200 PLUS fees for maintenance contracts on it and more for the upgraded license allowing more than 10 simultaneous connections to be routed. The offices relying on these things have no more than 10-15 people in them, tops, and they simply need the ability for 4 or 5 people (or less) to connect in via VPN from home.
This is well within the scope of what FAR, FAR cheaper hardware can do effectively ... but I'm sure when the company originally opted for Cisco, it was due to a promise that it was a higher grade of hardware that would be rock solid reliable for years and years, etc. That's where my complaint really comes in. It's pretty evident that these VPN routers are really no more reliable or better than the competition.
But ultimately, Cisco probably makes much more sense at the high end of the spectrum, where you have many thousands of nodes and your options are more limited.
And we believe you why exactly? The problem is not that cooperation with the NSA would be profitable for you. The problem is that _not_ collaborating would be hugely unprofitable. And once you are in, they own you. If they leak that there are NSA back-doors in your products, you are done.
Sorry, but not credible. In addition, CALEA is bad enough. You have absolutely no business doing that. If there are such requests, it is the job of the owner of the equipment to copy a port or the like, but not yours.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
"Priced inflated beyond worth" but they keep selling them. Does not compute. You don't seem to understand that Cisco is a software company and not just selling you a box filled with ASICs.
Great story of bad network administration by the way. You don't take config backups (using a free tool like rancid) and don't know that your hardware has a software license key that needs to be transferred, but somehow your ignorance is Cisco's fault.
I really do not understand how people like you stay employed in IT.