{"id":38095,"date":"2014-01-06T12:00:47","date_gmt":"2014-01-06T12:00:47","guid":{"rendered":"http:\/\/www.transcend.org\/tms\/?p=38095"},"modified":"2015-05-05T22:20:08","modified_gmt":"2015-05-05T21:20:08","slug":"sorry-for-letting-them-snoop-dell-apologizes-for-inconvenience-caused-by-nsa-backdoor","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2014\/01\/sorry-for-letting-them-snoop-dell-apologizes-for-inconvenience-caused-by-nsa-backdoor\/","title":{"rendered":"Sorry for Letting Them Snoop? Dell Apologizes for \u2018Inconvenience\u2019 Caused by NSA Backdoor"},"content":{"rendered":"
\"AFP<\/a>

AFP Photo \/ Getty Images \/ Justin Sullivan<\/p><\/div>\n

31 Dec 2013 – <\/i>Security researcher Jacob Appelbaum dropped a bombshell of sorts earlier this week when he accused American tech companies of placing government-friendly backdoors in their devices. Now Texas-based Dell Computers is offering an apology.<\/p>\n

Or to put it more accurately, Dell told an irate customer on Monday [30 Dec 2013] that they \u201cregret the inconvenience<\/i>\u201d caused by selling to the public for years a number of products that the intelligence community has been able to fully compromise in complete silence up until this week.<\/p>\n

Dell, Apple, Western Digital and an array of other Silicon Valley-firms were all name-checked during Appelbaum\u2019s hour-long presentation Monday at the thirtieth annual Chaos Communication Congress in Hamburg, Germany. As RT reported<\/a> then, the 30-year-old hacker-cum-activist unveiled before the audience at the annual expo a collection of never-before published National Security Agency documents detailing how the NSA goes to great lengths to compromise the computers and systems of groups on its long list of adversaries.<\/p>\n

Spreading viruses and malware to infect targets and eavesdrop on their communications is just one of the ways the United States\u2019 spy firm conducts surveillance, Appelbaum said. Along with those exploits, he added, the NSA has been manually inserting microscopic computer chips into commercially available products and using custom-made devices like hacked USB cables to silently collect intelligence.<\/p>\n

One of the most alarming methods of attack discussed during his address, however, comes as a result of all but certain collusion on the part of major United States tech companies. The NSA has information about vulnerabilities in products sold by the biggest names in the US computer industry, Appelbaum said, and at the drop off a hat the agency has the ability of launching any which type of attack to exploit the flaws in publically available products.<\/p>\n

The NSA has knowledge pertaining to vulnerabilities in computer servers made by Dell and even Apple\u2019s highly popular iPhone, among other devices, Appelbaum told his audience.<\/p>\n

\u201cHey Dell, why is that?\u201d<\/i> Appelbaum asked. \u201cLove to hear your statement about that.\u201d<\/i><\/p>\n

Equally as curious were Dave Waterson and Martijn Wismeijer \u2014 two IT experts who took to Twitter to express their outrage before Appelbaum\u2019s lecture was even presented and preliminary information<\/a> about the NSA leaks were published in an article he co-authored for Germany\u2019s Der Spiegel magazine.<\/p>\n

\u201cNSA planet backdoors to access devices from Cisco, Dell, Western Digital, Seagate, Maxtor and Samsung,\u201d<\/i> Waterson wrote in a tweet that linked to a CNET article from Sunday that quoted from Der Spiegel\u2019s top-secret documents.<\/p>\n

\u201cThanks,\u201d<\/i> Wismeijer wrote on Monday. \u201cI just found out my Dell server has NSA bug in Rand BIOS,\u201d<\/i> he said of one critical component that\u2019s easily exploited, according to Appelbaum.<\/p>\n

TechDirt<\/a> reporter Mike Masnick noticed early Tuesday that Dell\u2019s official customer service Twitter account opted to issue a cookie-cutter response that drips of insincerity.<\/p>\n

\u201cThanks you for reaching out and regret the inconvenience,\u201d<\/i> the Dell account tweeted to Wismeijer. \u201cOur colleagues at @DellCaresPro will be able to help you out.\u201d<\/i><\/p>\n

\u201cInconvenience? You got to be F*ckin kidding me!<\/i>\u201d Wismeijer responded. \u201cYou place an NSA bug in our servers and call it an inconvenience?\u201d<\/i><\/p>\n

\u201cThere are times when big brands with \u2018social media people\u2019 might want to teach those junior level employees to recognize that using one of the standard \u2018scripted\u2019 answers might be inappropriate,\u201d<\/i> opined Masnick.<\/p>\n

Appelbaum didn\u2019t leave Dell off the hook after revealing just that one exploit known to the NSA, however. Before concluding his presentation, he displayed a top-secret document in which the agency makes reference to a hardware implant that could be manually installed onto Dell PowerEdge servers to exploit the JTAG debugging interface on its processor \u2014 a critical circuitry component that apparently contains a vulnerability known to the US government.<\/p>\n

\u201cWhy did Dell leave a JTAG debugging interface on these servers?\u201d<\/i> asked Appelbaum. \u201cBecause it\u2019s like leaving a vulnerability in. Is that a bugdoor, or a backdoor or just a mistake? Well hopefully they will change these things or at least make it so that if you were to see this, you would know that you have some problems. Hopefully Dell will release some information about how to mitigate this advance persistent threat.\u201d<\/i><\/p>\n

Appelbaum also provoked Apple by acknowledging that the NSA boasts of being able to hack into any of their mobile devices running the iOS operating system.<\/p>\n

\u201cEither they have a huge collection of exploits that work against Apple products \u2014 meaning they are hoarding information about critical systems American companies product and sabotaging them \u2014 or Apple sabotages it themselves,\u201d<\/i> he said.<\/p>\n

\u201cApple has never worked with the NSA to create a backdoor in any of our products, including iPhone,\u201d<\/i> the company responded through an official statement on Tuesday. \u201cWhenever we hear about attempts to undermine Apple\u2019s industry-leading security, we thoroughly investigate and take appropriate steps to protect our customers. We will continue to use our resources to stay ahead of malicious hackers and defend our customers from security attacks, regardless of who\u2019s behind them.\u201d<\/i><\/p>\n

Meanwhile, other top-tier computer companies have already addressed Der Spiegel and Appelbaum\u2019s allegations that they either colluded with the NSA or complied with the spy firm as they exploited vulnerabilities, known or unknown, in their own products. A representative for Microsoft told the Huffington Post<\/a> on Monday that their companies \u201cdoes not provide any government with direct or unfettered access to our customer’s data\u201d<\/i> and said the tech giant \u201cwould have significant concerns if the allegations about government actions are true,”<\/i> but a Washington, DC representative for Chinese company Huawei was more upfront when reached for comment by Wired<\/a> about any cooperation with the US government or other entities.<\/p>\n

\u201cWe read the media reports, and we\u2019ve noted the references to Huawei and our peers,\u201d<\/i> Huawei vice president William Plummer told Wired from the US capital. \u201cAs we have said, over and over again \u2014 and as now seems to be validated \u2014 threats to networks and data integrity can come from any and many sources.\u201d<\/i><\/p>\n

\u201cEverything that the United States government accused the Chinese of doing \u2014 which they are also doing, I believe \u2014 we are learning that the United States government has been doing to American companies,<\/i>\u201d Appelbaum said towards the end of Monday\u2019s presentation. \u201cThat to me is really concerning and we\u2019ve had no public debate about these issues.\u201d<\/i><\/p>\n

Go to Original \u2013 rt.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Dell told an irate customer on Monday [30 Dec 2013] that they “regret the inconvenience” caused by selling to the public for years a number of products that the intelligence community has been able to fully compromise in complete silence up until this week.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[],"class_list":["post-38095","post","type-post","status-publish","format-standard","hentry","category-whistleblowing-surveillance"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/38095","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=38095"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/38095\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=38095"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=38095"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=38095"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}