On Dec 31, 2013, at 7:05 AM, Ray Soucy wrote:
I think there needs to be some clarification on how these tools get used, how often they're used, and if they're ever cleaned up when no longer part of an active operation. Of course we'll never get that.
But that's exactly what we need. Look at CALEA. It has its warts and issues, but the rules are published so everyone knows how the game is played. Even with NSLs, there's apparently some oversight, and you can challenge certain aspects (though it's a long and expensive process). But backdooring gear, servers, BIOS, etc. has no rules. It's just chaos. You don't know if a customer has been targeted, so you can't take appropriate steps. You have no way of knowing if your gear is backdoored or who is using the backdoor. And simply knowing that there is a backdoor will increase the chances that it will be found and used by others. The known threat landscape has been increased by orders of magnitude. --Chris