FBI cyber cop: Salt Typhoon pwned 'nearly every American'

The security community warned that making Lawful Access easy and automated would guarantee that bad people would penetrate the network.

And now we have China using CALEA-crippled systems to slurp up the entire USA network. Exactly as predicted.

And this - "outside of the norms of what we see in the espionage space" - LOL. ROTFL even. The NSA tapped Google's backbone! Have we forgotten Room 641A? MAINWAY? Poindexter and TIA? Palantir?

The NSA used to play defence and offence, and has gone full-offence for a generation. Did anyone really believe that only the USA could play offence?

Morons.

So what was the actual point of compromise? Was it a CALEA supporting software vendor? My guess is a common MD (Mediator device) vendor was targeted that was used by many carriers but that's speculation on my part.

Context for others, there's a small number of software vendors that make these MD devices that handle initiating a capture of a flow (a wiretapping request) and managing the chain of custody for a pcap. MDs usually sends an SNMP poll to a router/switch to start a (r)span port and the MD device slurps up all data and saves it.

Anyway, what I'm curious about is if it's the MDs that were taken over and if it was one manufacturer but I'm not seeing much technical info on all these reports.

Here's some context for "LI" for those interested: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9...

Maybe this idiocy could be explained by the idea that the powers that be are more afraid of their own citizens than of any foreign threat.

... morons with moral superiority complex.

They havent forgotten their offensive operations, they never knew about it or never cared.

Most protocols that I use day-to-day are secure against simple passive interception. Either SSH or TLS encrypts just about every packet that leaves my network. This got much better with DNS over HTTPS (or TLS before that). Of course these protocols are sometimes susceptible to downgrade attacks, man in the middle compromises, etc, but none of that would be available to someone who was running a pcap without modifying the traffic streams.

So how would a simple MD attack affect me? Any sort of CALEA attack on a higher protocol layer (e.g. compromising Gmail at Google instead of capturing their traffic) would make sense, but not a pcap.

IMHO, the real "morons" (your word) are those deploying Chinese-fabricated SoCs (like the latest ESP32, LinkStar, etc) and mainboards with Chinese-written BIOS/EFI/UEFI (like Zima) on what an increasing number of "influencers" deem "Raspberry Pi alternatives". Even when you cite the websites about things like "Moonbounce", there is a generation of workers in the Business now that become outwardly enraged and irrational about the risk and otherwise stick their head firmly in the sand while quietly knowing what they have done and will therefore likely continue to do is costing us the Country. Even if this effort wasn't part of VOLT, it certainly is consistent with the LAW in China that all companies must have CCP management and implement all requests required of them by that management. The worst part is that when you publicly confront these companies with this fact, for example, in Discord, they don't even deny it, they simply respond solemnly that "the other side does it too." (True, but our guys don't currently sell prisoner kidneys.)

Hey, I'll bet you never look at that WiFi-"enabled" power bank or HEPA/AC unit again the same way (or my favorite AI response du jour "Some Chinese scooters come with a microphone integrated into a GPS tracker or helmet, while others can be customized with aftermarket solutions. There is no single model called "Chinese scooter with microphone," but rather multiple products and approaches that fit this description.") Errbody worried about the talking LLM parrot AI and your vehicle dashboard always listening (or even watching), but that's not the most serious threat we face now.

Definitely, I would hope these kinds of systems become less useful with more encryption. I imagine, these kinds of collections I mentioned above are just one of many angles used in an investigation with this particular angle being for correlation and supporting evidence against a request to bookface, cloudflare, etc.

edit these network devices probably also carry voip/voice trunks from enterprise and possibly carriers such as VZW. No telling if those are encrypted or not. If China is able to tap that using these CALEA systems, I could see how that would be a big deal for stealing IP/secrets.

Take it one step further. Foreign threats are often manufactured or overplayed for their value in convincing American citizens to hand over even more power to their government.

Hardly, for your own citizens you need lawful interception systems because... of the law.

While for foreign citizens you can pretty much capture anything at will, without any need for FISA or warrants

Unfortunately the problem is that your government is the one that has natural powers to inflict violence on you, but Chinese can't. (And vice versa for Chinese citizens)

PS: I've been downvoted on HN for years and years for mentioning this topic. Once, someone even summoned dang. One would think that by now, with this being out in the open (why did "China H2Oh" fail again? lol) but no..threat actors gone act.. Those smart enough to listen to words of someone with nearly five decades in the Business might not lose as much money as those who don't.

Celebrated programming genius and de facto leader of the GNU project Richard Stallman very publicly used a Loongson for many years. Case closed.

Discord is banned in China and uses GCP. What is the point you are making against it exactly?

Can a Chinese cop arrest you or kill you in America?

Not the person you are asking but there are indeed Chinese cops in the USA that harass and threaten Chinese expats and even threaten to hurt or arrest their family members back in the mainland. It is a violation of our nation's sovereignty but some cities are very slow to arrest them if they even try.

Here [1] is one example of a couple Chinese police in NYC but I can not find the links to the groups in Los Angeles.

[1] - https://www.pbs.org/newshour/politics/2-men-arrested-on-char...

Companies have official discords to respond to requests or questions. They attempted to call out a company (presumably US based) for this concern and got the specified response

The simple answer is that CALEA requires all traffic to be effectively in plain text. Once you impose that constraint, any decent router exploit gives you everything.

That’s what makes CALEA so toxic. Any covered comms must be effectively-plain-text, or it doesn’t work. Once you impose a plain-text architecture, a mass-breach is inevitable.

>The NSA used to play defence and offence, and has gone full-offence for a generation.

And IIRC most of those people who used to work for the NSA now work at private firms like the NSO group, which is pretty scary when you think about it. It's hard to blame them though, if I was being offered the amount of money they were given, I would probably take it as well.

I recommend the book 'This Is How They Tell Me the World Ends' by Nicole Perlroth, it gives some good insights into what is going on behind the scenes (though with some of the major events which have happened since it was published some things may be outdated. Either way it's a good read.)

Yeah. Turning exploit production into a “respectable” business didn’t help.

I wish. They are mostly dumb racists who believe you can invent magic encryption that only white Americans can crack.

No. That’s what makes CALEA so damaging. It is ILLEGAL to encrypt covered traffic in a way that isn’t intercept-able by any random sheriff’s office in any county of the USA.

A door with a lock can only be opened by those with a key...

as well as anyone that can pick the lock, jimmy the lock, remove the door from its hinges, remove the lock, break the door down, go under the door, go over the door, get somebody with a key to open the door, and many other methods which can be found with just a little imagination.

That take is only deemed acceptable in the abstract, but if you mentioned any current examples people would loose their shit and crucify you for even suggesting it. "We oppose every war except the current war and support all civil rights movements except the one that's going on right now"

Discord developers have also been funded by Tencent even before they had the idea for it, and Tencent might still be a majority owner.

Not sure if you're aware, but the organ harvesting allegations are complicated because the Falun Gong believe their adherents enjoy magical organ healing; the blind will see, kidneys become good again, etc., and that they are targeted specifically for their organs is an endorsement of their religion. So there's incentive for false claims, which I rarely see brought up.

Hanlon's razor: never attribute to malice what can easily be attributed to stupidity.

Does anyone here think even a decent portion of government officials are tech literate? (I'm not even convinced half of hacker new or half of programmers are tech literate! Instead only have basic literacy and high confidence) There's a few, but I'm not convinced it's that many. The vast majority of Congressmen don't even have an aid who specializes in tech. So do you think it takes any more than someone at the NSA saying "it's encrypted and only we can access it" for them to believe in this magic key? (And this is something we've seen NSA officials say)

Remember, in the senate only 12 members are under 50, 33 are 60-69, and 33 are over 70! In the house 20% are over 70, 43% over 60, and 70% over 50. Only 8% are under 40. Almost none of these people have ever programmed. Just think about how tech illiterate the average 20 year old is (even worse on a technology subreddit!) and we're talking about.

Come on guys. It's a choice between stupid old people and hyper intelligent deep state actors that are acting idiotically. I'd put money on aliens before I'd put money on the later

Oh I understand some countries do these kinds of operations, but as a general rule your government has far more power over you than a foreign government. Obviously relevant if you are an expat etc

I thought this campaign targeted telephony networks (SMS, voice), not IP networks?

You can get aides so I’m not worried about their ages. Problem is how do you convince a competent tech aide to work for them at crap salary vs a tech company? Maybe get part time aides? Or just pay for some consulting hours?

  > You can get aides so I’m not worried about their ages.

  >> The vast majority of Congressmen don't even have an aid who specializes in tech.

The problem is aids cost money. I happen to have a senator with one, and actually had a long conversation with them. The main difference with my senator? They have way more aids than most other senators. I'll admit, I'm mostly going off of his word, but it doesn't seem all that trivial to check who the aids are or even how many. All I can seem to find is that the average number of staff members is around 30 and that's definitely not all domain expert aids.

What they also told me is that most of the expert advice tends to come through lobbying. Or "industry relationships" as he put it while using air quotes. It's a budgeting problem, not just that it is hard to get a competent tech aid at such a low salary but even just a handful of domain expert aids in the first place.

As far as I know, all telecommunications companies in the USA do not encrypt phone calls in the core of their networks; they may have TLS to/from the customers to the SBC (session border controller, a firewall/terminating point for customers), but once it’s past that point, it’s all sent in the clear.

No, ISPs, many (most) of which are traditional telcos.

SMS TOTP

Header decryption data (protocol, source, target)

Any phone calls

Etc.

I see, that's interesting that there is not a budget allocated for, say, X aides per senator, that they can hire and dismiss based on their current needs. I also see how "industry" takes advantage, because their expert advice costs $$$ but is fully subsidized by the lobbying budget. Govt can't compete, but some rules and a sustainable budget can solve this problem.