Читать книгу Security Engineering - Ross Anderson - Страница 66

1 1 Sigint (Signals Intelligence) Activity Designator

2 2 If the NSA needs to use high-tech collection against you as they can't get a software implant into your computer, that may be a compliment!

3 3 In the 1990s, when I bid to run a research program in coding theory, cryptography and computer security at the Isaac Newton Institute at Cambridge University, a senior official from GCHQ offered the institute a £50,000 donation not to go ahead, saying “There's nothing interesting happening in cryptography, and Her Majesty's Government would like this state of affairs to continue”. He was shown the door and my program went ahead.

4 4 There's also a search engine for the collection at https://www.edwardsnowden.com.

5 5 It is now called Proximus.

6 6 See for example Hill and Mattu who wiretapped a modern smart home to measure this [902].

7 7 These devices are known in the USA as a Stingray and in Europe as an IMSI-catcher; they conduct a man-in-the-middle attack of the kind we'll discuss in detail in section 22.3.1.

8 8 The Chinese have kept their promise; according to US firms doing business in China, IP is now sixth on the list of concerns, down from second in 2014 [704]. In any case, the phrase ‘IP theft’ was always a simplification, used to conflate the theft of classified information from defence contractors with the larger issue of compelled technology transfer by other firms who wanted access to Chinese markets and the side-issue of counterfeiting.

9 9 This became public in 2019 with the claim that they had hacked Wipro and used this to compromise their customers [1095]; but it later emerged that Wipro had been hacked by a crime gang operating for profit.

10 10 The only router vendor to have actually been caught with a malicious backdoor in its code is the US company Juniper, which not only used the NSA's Dual-EC backdoor to make VPN traffic exploitable, but did it in such a clumsy way that others could exploit it too – and at least one other party did so [415].

11 11 This was done as a favour to President Xi, according to former National Security Adviser John Bolton, who declared himself ‘appalled’ that the president would interfere in a criminal prosecution [157].

12 12 The USA, the UK, Australia, Belgium and France

13 13 Full disclosure: both our hardware lab and our NGO activities have on occasion received funding from such actors.

14 14 Google staff ended up going on strike in 2018 about the handling of sexual harassment scandals.