U.S. official says pre-infected computer tech entering country

Source: MSNBC

Confirming years of warnings from government and private security experts, a top Homeland Security official has acknowledged that computer hardware and software is already being imported to the United States preloaded with spyware and security-sabotaging components.

The remarks by Greg Schaffer, the Department of Homeland Security's acting deputy undersecretary for national protection and programs, came Thursday during a tense exchange at a hearing of the House Oversight and Government Reform Committee. The panel is considering an Obama administration proposal to tighten monitoring and controls on computer equipment imported for critical government and communications infrastructure.

Schaffer didn't say whether the equipment he was talking about included end-user consumer tech like retail laptops, DVDs and media players. If so, his comments, first reported Friday morning by Fast Company, would be the first time the United States has publicly confirmed that foreign consumer technology is arriving in the country already loaded with nasty bugs like key-logging software, botnet components and even software designed to defeat security programs installed on the same machine.

Msnbc.com has asked DHS to clarify Schaffer's remarks and will update this post when we hear back.



Read more: http://technolog.msnbc.msn.com/_news/2011/07/08/7043349-us-official-says-pre-infected-computer-tech-entering-country

Especially all the Wild Tangent games and all the idiot toolbars.

that cracked me up!

:rofl:

I can't believe government offices do not spec out their own hardware and assemble the pieces. Yes they would have to hire staff to maintain/repair but hey, we need the work.

Just curious.

My question is why are we not designing and making our own computer parts? We used to.

along with our jobs, we outsourced all our caustic mfring to china.

I doubt that anything on that drive survives.
Plus once you install the OS, you can check out the processes running.
Problem is most people don't know or even want to know how to do this.

you erased all possible hidden files and programming?

Also, you can only check the processes running that are running at the time you check them. Most of the more sophisticated trojans don't run in the background until activated, either by an internal clock, a prompt (such as opening some other program), or a back-door log-in.

It's a free download, there are tons of distros, some of which can even be used on very old PC's.

If it runs automatically in Windows, it can't do jack when Linux is running.

Problem solved. :)

The first thing I do when I get a new computer is to repartition the hard drive. I used to break them down into a partition for system software and applications, a partition for fonts (which on this machine is a partition for fonts, clip art and logos) and three partitions for user data. Now it's only one partition for user data.

If someone invents a Mac trojan that copies all the files off "your hard drive" (most guys run one partition, so the trojan would be set up that way), and it runs on this machine, said person is going to get a LOT of cat pictures and not much else.

though what can you do to check?

You don't know until it's already too late. It really would not surprise me in the least to discover that this is showing up on big-brand devices and nobody's talking about it.

Hardware viruses and image viruses have been around for some time now. It's a little worrying to me that this is only being taken seriously now. That the viruses are out there means it's already too late. Exactly how long has this been going on? I don't know; two, perhaps three years. Who knows how many systems have already been infected by their devices?

and the feds probably should be, you can clean it before installing the OS.

Between motherboard, video card, nic or wireless you may be correct.

But I still feel better selecting my own parts. I have no crap ware on the internal hard drives. Most of the external drives shove their software in your face though.

I'm pretty sure the cleaning process you described is not unique to a custom built computer. If so, your argument is not valid.

All hardware is "store bought" at some point.

I am not arguing. Just stating fact.

Sorry, you can take the boy out of the country but...

Counterfeits are hard to spot without destroying a chip to inspect it on a microscopic level, though.

This is an old story, we've known about this problem for a while:
http://www.businessweek.com/magazine/content/08_41/b4103034193886.htm

I'd buy a lot of that...keeping in mind that I would need a decent-paying job so that I could afford to buy those products. Even Henry Ford understood that.

No, I'm not talking about Apple and their overpriced, overdesigned, overhyped bloatware systems

There are a number of laptops and desktops made in the USA - some even by HP and Dell

They may have their bits and pieces screwed together
in some U.S. factory, but it's a certainty that 95
to 99% of the "value add" happened offshore.

Tesha

Same thing for cars

Why wouldn't it be? The company makes a huge pile of, say, computer towers. When the US Government, Walmart and Staples order computers, they all come out of the same pile.

Since the hard drive in those computers is set up by sticking it in a computer and copying a disk image to it, if that image is corrupt in some way (maybe it has some spyware on it?) every hard drive set up off that image will be corrupt. There's no way around it. No one is sitting there with a stack of distribution DVDs and CDs setting up each computer individually.

...etcetera.

And it's worse than having a "nasty" hidden in a default system image.

As was done quite recently, a mouse (with bonus extras) was used by penetration testers to successfully breach a client's computer network. "Modified" POS terminals (Why are these things not factory certified, solid blocks of epoxy?) have been around for a while now, and it is perfectly feasible to add effectively indetectable "extra functions" to any number of peripheral devices, particularly those which use a shared interface like USB. Like a keylogger built into mouse, USB printer or even the keyboard itself. Give the same device a hidden keyboard "emulator" and you're fooked when said device, in the middle of the night, "wakes up" and uses IRC to check in with home base.

sends a command to a bot on the IRC server to activate the direct-file function while the hidden program on the infected hardware begins creating .torrent files of specific locations from your hard drive. It also looks at the start menu and obtains file and data locations for your installed programs.

The hidden program on your computer happily creates and sends .torrent files, while at the same time running a barebones bittorrent client. It sends the .torrents to the IRC server bot, which then distributes them to wherever the software directs it to be sent. Those computers then begin downloading data from your computer.

Over time, your entire hard drive gets copied all over the world. All you do is plug in the receiver for that new wireless keyboard you bought. You never do anything else.

Isn't this fun!

:evilfrown:

Any surprise that Lenovo laptops are banned in any secure rooms?

money through the US Chamber of Commerce, it will never happen. Some Banker in the UAE can send in 50 grand, then later he can tell the Chamber that he sent in 50 grand and he wants them to donate from their general fund that money to the RNCC and the Tea Party Express. The Chamber can then casually tell those groups that such and such banker has been very generous and will be in contact in the future.

No, only their bosses will need computers. Why allow the lumpen access to information?

No matter what you do to the data on the hard drive, you can't do much if one of the chips on the hard-drive controller board has an extra bit of circuitry on the chip that either destroys or leaks unencrypted data after receiving a special command.

If the keylogger is inside the chip on your motherboard that appears to be a standard keyboard controller, what are the odds of you finding it? Or if the CPU in the cable modem the cable company gave you records and forwards data to a third party when activated?

It's easy to hide things that won't be found unless and until someone either

A. physically dismantles and disassembles the chip
or
B. has equipment actually fails on them

if the chip has to see 4K of special data to be activated, the odds of one going off by accident are close enough to zero to not worry about. By choosing the right chip and input, the special data is detected when it passes through the device in a normal manner.

Software isn't irrelevant, or immune, but so far easier to deal with. You CAN wipe all the software from a computer and replace it, even BIOS. But you can't replace all the chips.

Of course we have little evidence of any widespread infiltration, but it doesn't take much imagination to realize that they could easily insert something that would make stuxnet look like an unwelcome popup box.

Would you trust US companies to do any better? I mean, even at the production level, how many people there really understand each section of what they are making does? At a guess all you have to have is one designer paid to do it the companies way and you still have spyware built in.

All I can say is thank gawd our votes aren't counted via computers.

Oh... wait....