In 2008, a security researcher named James Glenn warned Cisco that its video surveillance software had a defect that made it vulnerable to a trivial-to-exploit attack; for four years afterward, the company continued to sell this software to schools, airports, hospitals, state/local governments, the US military, FEMA, the Secret Service and police departments without mitigating the defect or warning their customers that internet-connected randos could undetectably peer through their security cameras, unlock their doors, disable their alarms, and delete footage.
Read the rest
Thangrycat is a newly disclosed vulnerability in Cisco routers that allows attackers to subvert the router's trusted computing module, which allows malicious software to run undetectably and makes it virtually impossible to eliminate malware once it has been installed.
Read the rest
Vpnfilter is the malicious software that targets home routers, thought to be the work of Russian state-affiliated hacker group Fancy Bear, that raised alarm last month on the revelation that it had infected half a million home routers around the world.
Read the rest
IBM, Cisco, Intel, and Sandvine make huge bank selling ISPs the networking gear needed to discriminate against online services that haven't paid bribes for access to the "fast lane" -- but it's totally a coincidence that they've told the US government to make sure that the FCC doesn't ban the corrupt practice. Read the rest
The cable box can make channel serfs of us all. It's big, it's bulky, it has an interface an Excel spreadsheet might salute, and it sucks down too much electricity. It's one reason why cable TV bottom-feeds in customer-satisfaction surveys--only airlines and newspapers score lower in the University of Michigan's research.
But for a still-sizable majority of American viewers, the cable box is How They Get TV, and nobody can fix it except for their cable operators.
The industry's just-finished Cable Show in Boston featured exhibits by dozens of networks hoping to see new channels added to cable lineups, plus a few starry-eyed demos of technology we may not get for years. (Disclosure: A freelance client, Discovery Communications, owns quite a few channels.) But it also revealed modest hope for "clunky set-top boxes"--to quote an acknowledgment of subscriber gripes in National Cable & Telecommunications Association president Michael Powell's opening speech. Read the rest
Members of Falun Gong have sued Cisco for its role in building China's "Golden Shield" (called "PoliceNet" in Cisco marketing literature). Falun Gong members claim that Golden Shield was used to identify members to China's police, who arrested, detained, and tortured and executed them.
For me, the case hinges on the extent to which Cisco knew -- or should have known -- how its products were used. China's record with respect to Falun Gong and other dissident groups is well-known. Cisco's vigorous denial of any knowledge of the oppressive use of its technology just don't pass the giggle test. It will be interesting to see what the court case reveals about the ongoing relationship between Cisco and the Chinese security apparat -- if Cisco had on-site techs helping to create and maintain Golden Shield, it will be hard for them to argue that they didn't know what was going on.
Here's a old post on Policenet and China from Rebecca McKinnon, the best authority on technology and censorship in China.
Read the rest
The lawsuit, which seeks class-action status, alleges that Golden Shield--described in Cisco marketing materials as Policenet--resulted in the arrest of as many as 5,000 Falun Gong members. Cisco "competed aggressively" for the contracts to design the Golden Shield system "with full knowledge that it was to be used for the suppression of the Falun Gong religion," according to the lawsuit.
The lawsuit was brought on behalf of 11 plaintiffs who are described as suffering torture and sometimes death at the hands of the Chinese government.