Country that put backdoors in Cisco routers to spy on world bans foreign routers
Comments
hunter2_
hedora
Unlike most IoT stuff, most routers don't have embedded cameras or ad telemetry, or serve ads.
If they did, they'd be untouchable (since the federal government could buy the data from brokers).
drivingmenuts
If I was more paranoid, I'd start thinking the ban is to make it easier to spy on us by limiting our choices to a few domestic vendors who can be coerced by regulatory capture and "for the kids" political rhetoric.
john_strinlai
that makes sense, but i suspect it is more likely to be a bribery scheme. ("why not both!" someone yells)
drivingmenuts
Sooner or later, some idiot lawmaker/opportunist is going to insist on 1) age checks to connect to a router and 2) content filters for routers, both of which can be used to score cheap political points.
bar000n
3) ability to censor(content filter) the opposition also nice to have
pseudohadamard
I'd say it's the old "never attribute to malice that which is adequately explained by stupidity". Admittedly the current administration has a more than ample supply of both, but I think they do have more stupidity than malice.
Having said that, once someone explains to them in words of one syllable that they've just banned the sale of all of the devices that make the Internet go for the entire electoral base, they'll TACO so fast it'll make your head spin.
nizbit
Cisco been hiding this in plain sight since 2004: https://www.educause.edu/ir/library/pdf/CSD4291.pdf
Love seeing pop up like it’s new or something.
ranger_danger
This is just CALEA which has been mandated for decades now.
nrki
Huh? LI is standard on like every internet router there is.
nizbit
Backdoor no? “Lawful” sure ;)
jdlyga
This is just geopolitics. You should've seen what the US and Europe did during the Cold War.
soumyaskartha
The audacity of banning others for doing exactly what you got caught doing. At least be subtle about
ahartmetz
There is no contradiction if you see it as a power struggle rather than an ethical matter.
satisfice
In a competitive game, it is perfectly moral to want to win even if it means denying a win to your opponent.
The act of attacking does not make defending a sin.
kevincloudsec
the ban covers all foreign-made consumer routers but practically every router is manufactured abroad, even the ones sold by American companies. the only domestic exception is Starlink, iirc
orwin
My company new installation now use Siemens routers. It seems a few will keep Cisco though, so we have yet another provider. More work for me I guess.
juliusceasar
Israel did the same in Netherlands with the biggest telecom KPN.
dddw
And huawei too?
mikkupikku
> country which once exploited an attack vector is now trying to protect itself on that vector
I have no doubt that American efforts at security on this front are inadaquate, incompetent, etc. But hypocritical? Nah.
tptacek
Um, this is not an example of hypocrisy? If I punch you in the nose, I am not a hypocrite if I block your attempt to punch me back.
GorbachevyChase
There is no rule based order, and when it comes to state security establishments, the US or any other, there are no good guys.
tptacek
I agree with that too, but that doesn't make the "hypocrisy" line make any more sense.
andor
This makes sense if you assume that
1) Foreigners are all trying to punch you
2) Your government is not
3) The FCC is acting in the citizens' best interest and this is actually the best way to increase security for router consumers.
Are 2 and 3 valid assumptions at the moment? In the extremely polarized US, that probably depends on your political affiliation. From the outside, I can't tell if this is a power grab, protectionism or just a decision I cannot get behind. Vulnerabilities and backdoors in US network equipment prove that "Made in USA" does not necessarily improve security. What the ban does improve is the administration's control over what's sold.
satisfice
None of these assumptions are required to avoid hypocrisy.
danparsonson
On the other hand, if you punch someone in the nose and then loudly declare that your treehouse is the only safe place and everyone else is forbidden from entering because people have been punching people in the nose lately, then that does have a ring of hypocrisy about it doesn't it? The US is not banning its own routers.
fooqux
I'm pretty sure they don't care about hypocrisy. They have the power to do this and get away with it, so they do.
tptacek
Oh, I agree, but the article says:
There is an element of hypocrisy in all this because American intelligence agencies were previously caught intercepting Cisco-made routers on their way to customers
No there isn't! That's not hypocritical! Words mean things!
machomaster
Country X1 is claiming that country X2 is allegedly doing bad thing Z. If it turns out that it is the country X2 that is actually doing Z, you would call it hypocritical, wouldn't you?
Like Russia talking about the importance of international law and sovereignty of Iran. Like Israel speaking how much against Holocaust/genocide they are.
Snd words do mean things and they don't discriminate. So all the "it's only bad when others do it, for us there is an exception" defence is invalid. It is indeed hypocritical.
orwin
I agree it's not hypocrisy, but I can see the element of hypocrisy, if I understand their meaning correctly.
linksnapzz
"L'hypocrisie est un hommage que le vice rend à la vertu."
Rochfoucauld didn't miss.
tptacek
Can you help me understand it then? I assume it's some kind of "turnabout is fair play" thing?
convolvatron
apparently the kind of people that whine the most loudly about being punched turn out to be real avid punchers themselves.
tptacek
People who are good at punching tend also to be good at avoiding punches.
machomaster
People who see any problem as being fixable by punching, have a way higher change of getting into the fight, get their noses/hands broked as well as to cause the overall distraction, for themselves, alleged enemies (victims) and their own family.
CoastalCoder
Good point.
If people are calling this hypocrisy, then I suspect there's a larger moral argument that hasn't been articulated.
keybored
US domestic propaganda is built on hypocrisy (we need to stop X from doing Y... which we or our allies are doing already). It might not be explicitly stated right here, on this matter (contrary to The Register), but that’s the backdrop.
Calling it hypocrisy is at the very least good propaganda to try to wake Americans up from their stupor.
Admittedly though with Trump there’s no hypocritical propaganda any more. He just says he “wants the oil” or whatever.
tptacek
It is not my argument that the US isn't generally hypocritical.
esafak
No-one will be sad if you do get punched in the nose.
adventured
The US hasn't really needed that kind of sympathy since the 1860s Civil War.
Other nations being sad when you get punched in the nose is only useful if you have no effective way to respond.
Half the world disliked the US during the Cold War. People act like any of what is going on is new.
nclin_
Power revels in hypocrisy: Rules protect the in-group but do not bind them, and bind the out-group but do not protect them.
It's not just logical, it's affective: There is a real pleasure in domination, and a real fear in any loss of control. It feels good to be strong, to be in control, to be protected but not bound. Domination is hegemony, hegemony is safety.
These billionaires genuinely feel themselves to be oppressed if their power is threatened in any way. [1]
---
tptacek
Life is a mystery. Everyone must stand alone!
tialaramex
The version of CryptoPals we wished for but didn't deserve?
I listen to "Ice Ice Matrix" more often than I'd like to admit and every time I hear "Did you stop?" "No, I just drove by" I remember years ago solving these toy examples.
hulitu
Like a virgin, hacked for the very first time, like a virgin, put your router next to mine.
tosapple
[dead]
themafia
A USA company bought an Indian OS to turn into it's SOHO router/firewall product. The results are exactly what you would have expected:
palmotea
> A USA company bought an Indian OS to turn into it's SOHO router/firewall product. The results are exactly what you would have expected:
> https://www.youtube.com/watch?v=z4COrX9YHcU
You're linking to a 36 minute video titled "Black Hat USA 2025 | China's 5+ Year Campaign to Penetrate Perimeter Network Defenses." There's nothing in the description about "USA company bought an Indian OS to turn into it's SOHO router/firewall product."
Either you linked the wrong thing or you need a better source.
themafia
> Either you linked the wrong thing
I did not. The speaker clearly says in the video, twice, that they bought their OS from an Indian company. Anyways, here's the direct link to the quote:
https://youtu.be/z4COrX9YHcU?si=hzsYtprPeYkEC9DF&t=303
Perhaps your assumption should be that your efforts were inadequate rather than others.
You also could have opened the transcription panel and literally just searched for "india."
palmotea
> Perhaps your assumption should be that your efforts were inadequate rather than others.
I think it's pretty clear your efforts were inadequate. Don't make others jump through hoops to find the information you're citing.
You should have initially posted that link with the timecode or provided a more complete summary.
MisterTea
> Country that put backdoors into Cisco routers to spy on world bans foreign routers
Says the tech rag hailing from the 5-eyes nation known as the UK...
If we set aside geopolitics and purely consider whether tightening the security of private networks is sensible whatsoever: are routers a substantially bigger threat than client devices such as the various IoT knickknacks (smart TVs, smart switches/outlets, smart appliances, etc.)? Controlling the NAT/firewall features is handy for opening ports and working around VLAN segmentation, but that isn't required for many scenarios; a compromised client device can often snoop on the rest of the network and exfiltrate what it discovers just fine even with an uncompromised router.