Looking more closely at this, the backdoor is almost certainly based on the back-doored random number generator, Dual_EC_DRBG, which is implemented as NIST SP 800-90A.<p>From Wiki:
>>> NIST SP 800-90A ("SP" stands for "special publication") is a publication by the National Institute of Standards and Technology with the title Recommendation for Random Number Generation Using Deterministic Random Bit Generators. The publication contains the specification for three allegedly cryptographically secure pseudorandom number generators for use in cryptography: Hash DRBG (based on hash functions), HMAC DRBG (based on HMAC), and CTR DRBG (based on block ciphers in counter mode). Earlier versions included a fourth generator, Dual_EC_DRBG (based on elliptic curve cryptography). Dual_EC_DRBG was later reported to probably contain a kleptographic backdoor inserted by the United States National Security Agency (NSA).<p>From Cavium's NIST FIPS-140-2, Section 3.3 [1]
Approved and Allowed Algorithms:<p>The cryptographic module supports the following FIPS Approved algorithms.<p>*SP800-90 CTR DRBG Deterministic random number generation 32<p>1: <a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1369.pdf" rel="nofollow noreferrer">https://csrc.nist.gov/csrc/media/projects/cryptographic-modu...</a>
More interestingly, Cavium (now Marvell) also designed and manufactured the HSMs which are used by the top cloud providers (such as AWS, GCP, possibly Azure too), to hold the most critical private keys:<p><a href="https://www.prnewswire.com/news-releases/caviums-liquidsecurity-hsm-enables-hybrid-cloud-users-to-synchronize-keys-between-aws-cloudhsm-and-private-clouds-300631079.html" rel="nofollow noreferrer">https://www.prnewswire.com/news-releases/caviums-liquidsecur...</a>
For anyone wondering "what's the big deal" it's worth remembering the NSA has a bad track record of keeping their own hacking tools secure. <a href="https://en.wikipedia.org/wiki/The_Shadow_Brokers" rel="nofollow noreferrer">https://en.wikipedia.org/wiki/The_Shadow_Brokers</a><p>It infuriates me the NSA actively works to undermine American security. Their brief is to protect us, not plant backdoors and then lose the keys.
The tweet seems to imply that the entire Ubiquiti Networks line of network hardware could be compromised.
That's a shame; I was thinking of installing some in my house.
I'm sure that Ubiquiti's customers will not be happy if they find out that the US Govt can access their private data.
They are now part of Marvell Technology <a href="https://en.wikipedia.org/wiki/Cavium" rel="nofollow noreferrer">https://en.wikipedia.org/wiki/Cavium</a><p>Wonder if agreeing to enable NSA backdoors they agreed to be compensated when eventually that fact is leaked. "If nobody starts buying your chips, don't worry, we will! ... and then promptly throw them into the recycling bin"<p>Also interesting is if Marvell knew their acquired tech had this "cool feature".
Another tragic blow to the environment and economy.<p>We treat these stories as if they were simple matters of politics and
tech. But the blast radius is huge. When this happened to Cisco, and
their value dropped to about 7% of the market they created, I passed
massive dumpsters of Cisco gear in the car park, prematurely torn out
of racks and consigned to crushing as e-waste.<p>Has anyone done a serious cost analysis of just how hard this hits?
If a foreign entity sabotaged our industry this way we'd take the
battle right to them.
How the NSA successfully manage to prevent the <i>Washington Post</i> and friends from discovering and reporting on this malicious backdoor? They've been sitting on these documents for a decade. Are the journalists just that *uncurious* about the deep contents of the documents they hold exclusive access to? Was this some kind of organizational failing?
Mastodon link for those so inclined: <a href="https://ioc.exchange/@matthew_d_green/111091979256440306" rel="nofollow noreferrer">https://ioc.exchange/@matthew_d_green/111091979256440306</a>
Original source from march 2022 : <a href="https://pure.tue.nl/ws/portalfiles/portal/197416841/20220325_Appelbaum_hf.pdf" rel="nofollow noreferrer">https://pure.tue.nl/ws/portalfiles/portal/197416841/20220325...</a> page 71, thanks to wikipedia
Help me out here:<p>if my network hardware is compromised, but all of my communication is encrypted, that leaves… traffic analysis? hoovering up the data and storing it to decrypt in the future when it becomes feasible? using the router as a foothold to attack the rest of my network?<p>The first two are already happening for data that leaves my LAN. Unencrypted data on my LAN is vulnerable, and there is plenty of unencrypted traffic on my LAN in practice. Is that the risk?
Is this not just related to the Dual_EC_DRBG and other tainted RNG issues we've known about, and mitigated, for years?<p>You can see discussion on this going on as far back as 2015, explicitly in regards to what "SIGINT enabled" means and Cavium: <a href="https://www.metzdowd.com/pipermail/cryptography/2015-December/027657.html" rel="nofollow noreferrer">https://www.metzdowd.com/pipermail/cryptography/2015-Decembe...</a><p>Am I missing something here? People are talking as if there is some new backdoor that's somehow avoided detection. Did everyone just miss this discussion in 2015?<p>Discussion of the "Sigint Enabling Project" goes as far back as 2013 on HN itself.
Genuinely, at this point you should just assume 100% of your electronics are compromised by someone. If it’s not a government (yours or otherwise) then a corporation will fill the gaps (while in most cases also giving it to those governments)<p>You should assume you have no privacy anywhere in your life.
The linked tweet screenshots a blog post[1] that is an analysis of a pHd thesis[2]<p>[1] - <a href="https://www.electrospaces.net/2023/09/some-new-snippets-from-snowden-documents.html" rel="nofollow noreferrer">https://www.electrospaces.net/2023/09/some-new-snippets-from...</a><p>[2] - <a href="https://pure.tue.nl/ws/portalfiles/portal/197416841/20220325_Appelbaum_hf.pdf" rel="nofollow noreferrer">https://pure.tue.nl/ws/portalfiles/portal/197416841/20220325...</a>
I don’t know much about security, especially at the hardware level. However, I have a question for those of you that do.<p>Suppose you were given a healthy budget, a team, and a few years. Would you be able to build network hardware that did not contain back doors? How healthy would the budget need to be? How skilled would the team need to be? I assume you’d have to assume most external vendors are compromised and rebuild whatever you needed from them. What would that take?
I'm looking forward to someone explaining to me why Chinese telecom equipment should continue to be off limits. Is the problem that we are afraid of possible Chinese backdoors, or that Chinese telecom equipment isn't backdoored by the NSA?<p>An interesting question I'd like answered: Are the TPM 2.0 modules that Microsoft is requiring for Windows 11 installs similarly backdoored?<p><a href="https://www.theverge.com/2013/6/6/4403868/nsa-fbi-mine-data-apple-google-facebook-microsoft-others-prism" rel="nofollow noreferrer">https://www.theverge.com/2013/6/6/4403868/nsa-fbi-mine-data-...</a><p>I think it's a safe assumption that all American microprocessors have backdoors.<p>What does this mean for OpSec? If I am a dissident (or garden-variety cyber criminal), how do I evade my online activities being tracked by a sufficiently determined team at the NSA? We've known (or have assumed to know) for years that CPUs produced by AMD, Intel, and Apple have backdoors. If my machine lacks any personally identifying information, only interacts through the internet through a network device that uses a VPN and encrypted tunneling, then I should be fine in spite of CPU/OS backdoors. However, using a VPN with encrypted tunneling doesn't seem to be enough if my router also has a backdoor, and the data or encryption keys can be intercepted and tied to the personal information I've given my ISP.<p>Where do we go from here? Do I need a Loongson-based PC and a Chinese router on top of an encrypted VPN? Obviously we have to assume that these are all backdoored as well, but that shouldn't matter as my activities don't likely won't make me a target of the PRC.
So in real life terms, what does this mean for people that own USG3s? If you're so inclined, replace it? Or not use the VPN feature in the Unifi admin console?<p>Personally, I just forward all WireGuard traffic to another computer on my network and use <a href="https://github.com/burghardt/easy-wg-quick">https://github.com/burghardt/easy-wg-quick</a> to setup a simple VPN.
On a technical level how would this work? Could it be observed by the router occasionally sending packets unsolicited to nsa.gov? [joke, obviously it wouldn't send them to a well-known address, but to some "unexpected" place] Or maybe when the router has to generate a private key [does it?] it would generate one with a flaw?
Maybe there's something sinister here, or maybe Cavium and other similar network chips can be used for sigint, as well as many other things. Basically these are chips designed to look at every packet and can be programmed to take action on them. One could program a chip like this to find all the packages from user X and send an extra copy over to user Y (NSA). It's possible all this tweet means is that these NP chips are powerful and flexible enough to perform sigint. I wonder if this is like saying Intel CPUs can be used to evil things. Or C.
Of course it's possible there is a back door, but that seems like the less likely scenario.
On a technical level this wouldn't be too surprising. Cavium hardware has things like configurable/programmable in hardware hashing of packets which can then be used by the (much slower, but in the Cavium case numerous) CPUs to decide how to handle it. Their SoCs contain enough that hiding something on there would not be impossible, and using the hashing/routing etc. that enabled performance requires trusting blobs from Cavium.
Earlier this year, a man was sentenced to prison for six years for stealing Ubiquiti data that the NSA also apparently can steal.<p><a href="https://www.justice.gov/usao-sdny/pr/former-employee-technology-company-sentenced-six-years-prison-stealing-confidential" rel="nofollow noreferrer">https://www.justice.gov/usao-sdny/pr/former-employee-technol...</a>
If your threat model is Nation states, then you probably have a lot more to worry about than this chip, including compromising employees which is way easier, cheaper, and more effective.
At the end of the day. We need cryptography that is understandable. There is absolutely zero need for the complexity in this field that exists today.<p>And we need something better than just private keys.
If it's sold in a Western nation, the NSA has a backdoor in it, and probably everyone in the Five Eyes. If it's sold anywhere else, China has a backdoor in it.
Is this only limited to “USG” products? Or safe to assume UDM also impacted?<p>edit: FUCK<p>“ Quad-core ARM® Cortex®-A57 at 1.7 GHz”<p><a href="https://store.ui.com/us/en/pro/category/all-unifi-gateway-consoles/products/udm-pro" rel="nofollow noreferrer">https://store.ui.com/us/en/pro/category/all-unifi-gateway-co...</a><p>People paying premium $$$ for this. UI better redesign and compensate users.
Not even surprised, how would it be a surprise? Anyone in security field knows that hardware backdoors or even server OS memory injected backdoors are a thing and been for as long as electronics existed, but some neo-security folks get upset when you say most of the “secure” software they use isn’t really secure, chats like signal, emails like protonmail, or even VPNs, assume it’s compromised, but will it be worth it to expose that cover for what you did?
When I buy something electronic, my approach is "everything that is closed and goes online will be used to spy on people". It may seem a stretch, but governments can't exercise power over something they cannot control, and truly private communications would take away some of that control. To me there are no conspiracy theories or other strange reasons for being able to decrypt any seemingly private information except the will to preserve the status quo at any cost, which implies knowing in advance what a potential adversary may think or do.
I would expect every device to be bugged for that reason, including all cellphones and computers and associated hardware, from CPUs with closed subsystems down to network chipsets with closed firmware. There will be no way to ensure private communications until someone will find a way to make a device which is 100% open and auditable from the operating system to the CPU, from all chipsets down to the last screw.
The intelligence agency enjoyed a supremely underserved SURGE in popularity during the Trump era because they were seen as an enemy of Trump.<p>Let's all get back to reality now. They LIE and influence US politics to preserve their operations (not political, it's self-preservation).<p>If you see something like "100 former intelligence agents sign letter saying ..." then run, RUN!
Why now? Looks like Snowden is being weaponized, wich might indicate that he is still part of the group he is denouncing, is he a psyop? What's the goal?
Didn't read all the leaks but it seems a bit wild to conclude a vendor implemented a backdoor purposefully. There's some been found ofcourse, but simply being SIGINT capable, why does that imply 'backdoor'.? If they have a nice exploit for the device it would also make it SIGINT capable no? without the vendor's cooperation (apart perhaps from a buggy implementation.)<p>If you have the chip, you can find the backdoor... if you cannot find it, you can't conclude its actually there. There's ways to analyse chips to see if they are backdoored. Decapping, fuzzing and whatnot. Simply basing such of a conclusion from a few lines in a document seems a bit off to me...<p>Did anyone actually find the thing??
Very impressive work by the NSA, if true. Both from a political and technical perspective. It's good to know that our intelligence services are doing what they're supposed to, and doing it well.<p>However, as interesting as this revelation is, it's unfortunate that Snowden decided to defect to the Russians and share his stolen cache of top secret documents with them and China, using Western journalists as ideological cover. I look forward to the day when he is brought to justice for treason.