×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

UPS Denies Helping the NSA 'Interdict' Packages

Soulskill posted about 6 months ago | from the what-can-brown-do-for-you dept.

Networking 207

An anonymous reader writes "When Glenn Greenwald's book came out recently, one of the most startling revelations was that the NSA has been intercepting shipments of networking gear to add spyware. Cisco was one of the vendors whose gear was altered, and now their shipping provider has spoken up about it: 'UPS, which Cisco has used since 1997 to ship hardware to customers around the world, said on Thursday that it did not voluntarily allow government officials to inspect its packages unless it is required to do so by law. "UPS' long-standing policy is to require a legal court-ordered process, such as a subpoena, before responding to any third-party requests," UPS spokeswoman Kara Ross wrote in an e-mail to TheBlot Magazine. "UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments." In a follow-up e-mail, Ross said UPS had no knowledge of similar orders from the FBI, CIA or any other federal agency.' That sounds like carefully parsed language to me. 'Did not voluntarily,' 'unless it is required to do so by law.' Perhaps they're bound by a National Security Letter?"

Sorry! There are no comments related to the filter you selected.

wow (-1)

Anonymous Coward | about 6 months ago | (#47128169)

such secrets

Re:wow (5, Insightful)

larry bagina (561269) | about 6 months ago | (#47128211)

Too many secrets.

I watched sneakers a couple days ago (it's on netflix) and nearly shit my pants at the end when Robert Redford reveals the magic decryptor box isn't for spying on the russians, it's "for spying on us". (Of course, they meant the NSA was spying on the FBI/CIA but still... future predicted).

Guilty (5, Insightful)

Noah Haders (3621429) | about 6 months ago | (#47128181)

Not voluntarily unless required by law? Why do companies release statements like this? It just makes them seem more guilty. Better not to say anything.

Re:Guilty (4, Informative)

jythie (914043) | about 6 months ago | (#47128249)

Because 'we will never allow XYZ', while it makes for a good speech, would not be truthful or accurate, in fact it would be downright deceitful. I would consider such a statement to be a far greater indicator of guilt then even staying quiet since it is legally not an option.

There is a huge difference between 'yeah, we will voluntarily do XYZ when asked' and 'we will comply with the law when required'.

Re:Guilty (2, Informative)

Anonymous Coward | about 6 months ago | (#47129445)

There is a huge difference between 'yeah, we will voluntarily do XYZ when asked' and 'we will comply with the law when required'.

As it has become more and more clear that the Executive Branch believes that we are not under a rule of law but a rule of men, then it becomes more and more clear that "comply with the law" and the Executive Branch's "I am the law" basically makes all those "we will comply with the law' equivalent to "voluntarily do XYZ". I mean, sure, I have no doubt that the telecoms are run by a bunch of sell-outs who would gladly sell their user's information to the government and effectively circumvent search and seizure laws*, but much like the Red Scare, most CEOs are also equally scared of being labelled a terrorist sympathizer or being charged for violating a NSL or being guilty of espionage for revealing the things that Snowden showed us. That doesn't make them guiltless as the foundation of how things have gone so bad so quickly is that good men** have sat by and let bad things happen.

So, honestly, as much as we might not have seen a Snowden type leak from a CEO before the NSA's doings were revealed, now that they're know the people who did stand up to the FBI and the NSA in private should be actively speaking out about exactly what they did or did not do and make it very clear that their actions weren't to comply with the rule of men that has becomes the pretense for the rule of law for over a decade.

*For as much as the courts have ruled that third party holders of information don't need to be served a warrant, that's a patently false idea given the notion of companies having similar rights to people being made of people. That is, if a law says the government can't take a person's property without due process, it does not follow that once they give it to someone else for whatever reason that the government can*** force that someone to hand it up under a lower burden since it's still taking property from the someone and the basis for search and seizure still has every reason to be effective. Hence the qualifier of "subpoena" which have a significantly lower threshold than a warrant is really heavily a handwave given the NSA's actions that may have had a "warrant"**** for all export bound UPS packages.

**It's hard to argue still they're good men, but now that the pressure is off more, perhaps they could try to redeem themselves.

***Obviously in this context meaning what the law actually says, not what has been followed. The courts, after all, don't like having their hands tied any more than anyone else and have conveniently created subpoenas and lower threshold warrants**** that clearly violate the intent of the Constitution.

****Secret courts with close hearings where even if a warrant is denied there's basically no way to verify it, so the NSA kept on going even though at a technical level it was in contempt of court. The idea that the legislature needs to step in or really could do anything if the FISA court decided to jail most of the NSA's top staff through the US Marshals for contempt of court for an indefinite period*****...well, you get the idea. Fuck, people who are a lot less contemptuous of the courts have rotted in a jail sell much longer for less.

*****Which is actually illegal also as that's a Fifth Amendment violation, but it's conveniently forgotten just as the Executive at the Federal and State level regularly ignores it to jail protesters or all those people in Guantanamo Bay. Regardless, it'd be rather hard to argue against the practice they themselves engage in regularly, but then it'd require the sort of self-reflection from a Judiciary who took the step also to relinquish the long-held unconstitutional power.

Re:Guilty (4, Informative)

Anonymous Coward | about 6 months ago | (#47128289)

Yup. "required by law" is called an NSL.

And you aren't allowed to talk about it either.

Re:Guilty (1)

aNonnyMouseCowered (2693969) | about 6 months ago | (#47128305)

"Not voluntarily unless required by law"

The phrase isn't a direct statement from the company PR but from an indirect quote ("said that"):

"UPS, which Cisco has used since 1997 to ship hardware to customers around the world, said on Thursday that it did not voluntarily allow government officials to inspect its packages unless it is required to do so by law."

Sloppy writing not doublespeak

Re:Guilty (1)

budgenator (254554) | about 6 months ago | (#47128373)

Makes you wonder if the new UPS employment applications will ask if you are an agent of a foreign or domestic government. Also it's interesting that with the brouhaha over the NSA's tapping Merkle's cell phone that the Deutsche Post that they couldn't just flat out say "No."

Re:Guilty (1)

Noah Haders (3621429) | about 6 months ago | (#47128391)

who is "they" that would want to say "no"?

Re:Guilty (1)

mpe (36238) | about 6 months ago | (#47128533)

Not voluntarily unless required by law? Why do companies release statements like this? It just makes them seem more guilty. Better not to say anything.

What if the required by law, either in general or on a case by case basis, includes "claim it never happened"?

Re:Guilty (0)

gnasher719 (869701) | about 6 months ago | (#47128871)

Not voluntarily unless required by law? Why do companies release statements like this? It just makes them seem more guilty. Better not to say anything.

Only to someone whose mind is full with conspiracy theories. What they said is exactly what I would have expected them to do if they are a decent and law abiding company that values their customers, and therefore exactly what I expected them to say.

If you add that UPS as a company is not aware of receiving any court orders or subpoenas from the NSA, this means that either the NSA didn't get access to any packages, or they did so by bribing people or talking naive employees giving them illegal access to such packages.

Re:Guilty (1)

Anonymous Coward | about 6 months ago | (#47128973)

Holy shit, we have UPS fanboys now too?

Re:Guilty (3, Funny)

TWX (665546) | about 6 months ago | (#47129121)

Some people like a man in uniform...

Re:Guilty... NSL (1)

mspohr (589790) | about 6 months ago | (#47129327)

Or... they could have received a National Security Letter.
By law, they have to deny the existence of the letter and its contents.
By law, if they have received a NSL, they have to say that they are "not aware of receiving any court orders or subpoenas from the NSA".
See, perfectly clear denial.

Re:Guilty (3, Informative)

geekmux (1040042) | about 6 months ago | (#47128917)

Not voluntarily unless required by law? Why do companies release statements like this? It just makes them seem more guilty. Better not to say anything.

Uh, no. I'd rather know about it so then we can at least attempt to do something about it. Not knowing would do nothing to resolve the issue.

And it's quite the serious issue. Where we used to have only the government legally allowed to sit behind the bullshit excuse of "cannot confirm or deny", they have now expanded that standard legal waiver (via NSLs) to every American corporation they touch.

And the secret monitoring will be legally allowed to continue without your knowledge. Sorry, but until they dismantle secret courts, Snowdens revelations haven't done a damn thing to change policy or weaken the NSAs capability at all.

Re:Guilty (5, Insightful)

NotDrWho (3543773) | about 6 months ago | (#47128969)

Here is the quote from the article:

“UPS’ long-standing policy is to require a legal court-ordered process, such as a subpoena, before responding to any third-party requests,” UPS spokeswoman Kara Ross wrote in an e-mail to TheBlot Magazine. “UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments.”

When you parse the language and translate it from PR-speak/legalese, you realize that this is basically a meaningless statement. The first sentence is boilerplate BS, and has nothing to do with the allegation at hand at all. "We have a long-standing policy not to do X" *IS NOT* the same as saying "We didn't do X" (though that's what they want you to believe they're saying, of course). The second part of the statement only tells us that the NSA didn't get a court order to do this, *NOT* that UPS didn't let them do it anyway without a court order.

And what the whole statement is absolutely NOT is an actual denial. In short, if UPS *REALLY* didn't let the NSA intercept their packages, they could have released a very simple statement saying "UPS did not and does not let the NSA intercept our packages." What they released was some vague boilerplate BS that basically says fuck all.

Re:Guilty (1)

TechyImmigrant (175943) | about 6 months ago | (#47129063)

Because lawyers were involved. That's how big corps work.

Re:Guilty (3, Insightful)

Charliemopps (1157495) | about 6 months ago | (#47129071)

Not voluntarily unless required by law? Why do companies release statements like this? It just makes them seem more guilty. Better not to say anything.

Maybe that's the entire point. They're not allowed to complain out loud because of an NSL but they can make it clear what's going on and that it's hurting them with a statement like this.

It's long past time for us to decide our government should not be keeping secrets. They clearly cause far more harm than they help. At worst, some criminals get away. How does that saying go? It's better to free 100 guilty men than imprison 1 innocent?

No need for UPS to help (5, Interesting)

headhot (137860) | about 6 months ago | (#47128187)

If the device is made (or packaged in the US) and is being shipped overseas, the NSA can grab it at customs, there is nothing the shipper can do about it.

Re:No need for UPS to help (3, Interesting)

Cassini2 (956052) | about 6 months ago | (#47128351)

Many (all?) custom's warehouses are operated by third-party companies. This will be a little bit more complicated than inspecting luggage. However, the companies (subsidiaries) that operate those warehouses get their entire revenue from allowing people to transport goods across borders. I suspect the NSA can get away with almost anything in that environment.

Re:No need for UPS to help (4, Informative)

Anonymous Coward | about 6 months ago | (#47128675)

When you say Custom's warehouse, I think you actually mean the two types of regulated facilities which are bonded and foreign-trade zone warehouses.

Bonded warehouses are only allowed to store imported goods. The importer files customs entry forms for the goods prior to storing them within the warehouse and must paid the owed duties prior to removing the goods from the warehouse. This is the most common type. Basically it is where you put things while you pay your entry fees.

Foriegn-trade zone (FTZ) warehouses allow both domestic and foreign cargo to be stored. Small manufacturing can be performed within the FTZ too. You would use this if you plan to re-export the goods or the product you manufacture have a mixture of domestic and foreign parts and it would be cheaper to import the finished product than each individual part. The goods are not considered imported until they leave the warehouse for a domestic address. A lot of global manufacturers have FTZ facilities and despite what the parent comment implied, this facility is operated by the manufacturer or a contracted agent for the manufacturer. It is not a place where customs or the NSA can freely enter and have access to any of the goods.

Yes I used to make a living in this field.

Re:No need for UPS to help (0)

Anonymous Coward | about 6 months ago | (#47128527)

Of course they can, but without some help, they would have a very difficult time identifying what gear is suitable for " intercepting " out of the many, MANY packages that are outbound for overseas customers on a daily basis.

They aren't just randomly picking these out. Someone is helping to identify them.

Re:No need for UPS to help (0)

Anonymous Coward | about 6 months ago | (#47128731)

It is a simple matter of looking at the bill of lading or export declaration and intercepting the packages within the container yard or airline staging area.

Re:No need for UPS to help (2)

krashnburn200 (1031132) | about 6 months ago | (#47128741)

It's called an address label, they go on the boxes.
The boxes going international go through customs on site at the UPS hubs.

The NSA could achieve this by accessing the packages at customs without alerting UPS directly.
The would only have to break out an NSL because we can. to make it less of a hassle, or just to flex muscle.
Really an NSL would be detrimental to secrecy, the NSA is clearly aware that secrets keep better when you
*don't tell anyone*
Rather than when you ask them to keep it on the down low.

Trust! (1)

Anonymous Coward | about 6 months ago | (#47128189)

I was once a fool to think I could believe anything the Government, or Corporations told the public. No more.

This is how resentment is nourished, and enemies are made! How can they not know this is bad in the long run?

Re:Trust! (5, Insightful)

Opportunist (166417) | about 6 months ago | (#47128321)

You know that the US resembles more and more the USSR of old? The way to get to the result is a different one, the end result is the same: You have a population that is mostly apathetic towards its government. And whoever isn't apathetic outright hates it. You have a secret service that seems to be more concerned with domestic spying than foreign intelligence, simply because the state and the powers that are fear their "internal" enemies more than they fears anyone coming from abroad. You have a small "elite" that mostly stays within its own circle who share the power in the country while everyone else is mostly powerless. And you have a mainstream press that toes the party line.

It's actually pretty amazing. You needn't have a totalitarian dictatorship to create a situation where you can bullshit and oppress most of the population. But what you DO need is an absence of a better system. That's what fell the communist systems and what keeps the current one we have alive: We lack the "west" they had.

Re:Trust! (-1)

Anonymous Coward | about 6 months ago | (#47128605)

And you know what? You can hop on a plane today and just leave. Do you even realize how fucked up the really fucked up countries are? In fact denounce your citizenship and get on a plane now and go to some of them. Then come back crying when we don't let your stupid ass back in.

Re:Trust! (4, Insightful)

Opportunist (166417) | about 6 months ago | (#47128651)

As I said, we lack the "west". Sadly, there is nowhere to run.

Why do you think you can still travel? Having a right is pointless if there's no way to make use of it.

Re:Trust! (0)

Anonymous Coward | about 6 months ago | (#47128899)

Oh, so because there's some "fucked up countries" out there, I guess it totally makes it acceptable for the government to disobey the law and treat every citizen, domestic or foreign, like a criminal. That totally makes sense! How could I not see it that way before?

Shill.

Re:Trust! (0)

Anonymous Coward | about 6 months ago | (#47128991)

Ok because there are some worse than us we shouldn't take action we are falling far from the ideals we claim to champion?
We are supposed to be the shinning city - not the slightly less shit stained sewer.

Re:Trust! (0)

Anonymous Coward | about 6 months ago | (#47129017)

Really? Name 15 countries worse than the US. Most of the ones you might think of have actually improved quite a bit since the US moved its gaze off them and onto the ME.

Re:Trust! (1)

TWX (665546) | about 6 months ago | (#47129281)

You know, I can read Wikipedia too, and it looks like you simply counted their fourteen examples [wikipedia.org] and have asked for one more, to attempt to make it harder to cite that list.

And be honest with yourself, the united states doesn't have its gaze on you. It simply vacuums up everything that it can and stores it, so that if it feels that it needs to put its gaze on you, it could. Mind you, I still think that it's wrong, but there's no Orwellian pyramid structure that's actively committing personnel to looking at what you're doing or staging clandestine interventions or acting as an agent provocateur. It's not right that they collect so much "metadata", but they're not sitting there waiting for you to do something wrong so they can drop the hammer on you either. There's no sword of Damocles hanging over your head in your daily life, at least not from them.

The only time, other than filing my taxes, that I really interact with agents of the federal government is when I fly. Yes, it's annoying, and it used to be very invasive. Last couple of times I've flown though, they've actually made it easier to go through security. No shoes off. No belt off unless the buckle is huge. No jacket off unless the metal clasps are too big. No pulling the laptop out of the carry-on. No pulling the liquids in the quart bag out of the carry-on. It's like someone finally decided that the open-everything-up security that they'd been doing wasn't really accomplishing anything other than making a lot of people pissed off, so they rolled it back to close to pre-9/11 levels.

Re:Trust! (0, Flamebait)

DNS-and-BIND (461968) | about 6 months ago | (#47128609)

I guess we should overthrow the government - but oh, wait, opposing Obama is racist. Plus, the entire university system of the USA is vehemently opposed to Americans owning weapons that might be used to achieve this aim. Ah well, it was a good run while it lasted.

Re:Trust! (0)

Anonymous Coward | about 6 months ago | (#47128625)

You know that the US resembles more and more the USSR of old? The way to get to the result is a different one, the end result is the same: You have a population that is mostly apathetic towards its government. And whoever isn't apathetic outright hates it. You have a secret service that seems to be more concerned with domestic spying than foreign intelligence, simply because the state and the powers that are fear their "internal" enemies more than they fears anyone coming from abroad. You have a small "elite" that mostly stays within its own circle who share the power in the country while everyone else is mostly powerless. And you have a mainstream press that toes the party line.

It's actually pretty amazing. You needn't have a totalitarian dictatorship to create a situation where you can bullshit and oppress most of the population. But what you DO need is an absence of a better system. That's what fell the communist systems and what keeps the current one we have alive: We lack the "west" they had.

Actually it resembles the old East German Peoples Republic a bit more and now that the 51st state has built a security wall that puts the one in Berlin to shame the comarison is even more poignant.

Re:Trust! (4, Insightful)

Anonymous Coward | about 6 months ago | (#47128775)

I would argue this is because the average American has been sold a lie - that a society's economic system is equivalent to its system of government. So long as America remains a free market, there is no way that we could ever slip into bureaucratic decline.

The problem is, that the "free market" essentially amounts to a privatization of bureaucracy, not its elimination. We've granted trust to a small class of individuals on the promise they will free us, and unsuprisingly, they are betraying that trust. This is where we now resemble the USSR - the blind allegiance of the multitude to the promises of the few elite in the political class.

Re:Trust! (0)

Anonymous Coward | about 6 months ago | (#47128919)

You know that the US resembles more and more the USSR of old?

Are you questioning the Boss, tovarisch? OFF TO ALASKBERIA WITH YOU.

Also, I'm going to need to see your papers. And take off your shoes. And I'm gonna grope your dangly bits for good measure.

We're our own better system. (0)

Anonymous Coward | about 6 months ago | (#47128977)

But people can't be inconvenienced. Treat political parties like sports teams. Fuck yes, Elephant Asses! GO TEAM GO.

Can't be arsed to actually pay attention to what's going on. Can't be arsed to take time out of busy schedules of masturbating to the American Dream to actually track down your politicians and confront them, in person, where they can't ignore you. (Words, people, I'm talking about words, just to be clear.)

Can't be arsed to learn anything about a subject before attaching to a pop-soundbyte about it and defending it to the death.

Fuck us. We have better government than we deserve. Because we yet have the power to mold it as we see fit.

But we won't. Because fuck it all, Game of Thrones is on, man. LOL TITTIES.

Re:Trust! (1)

larry bagina (561269) | about 6 months ago | (#47128983)

Heh, reminds me of the Thomas Jefferson quote (paraphrased) "When people fear the government, you have tyranny. When the government fears the people, you have tyranny."

Re:Trust! (1)

gstoddart (321705) | about 6 months ago | (#47129301)

You needn't have a totalitarian dictatorship to create a situation where you can bullshit and oppress most of the population.

And it astounds me that within my lifetime America has gone from "give me liberty or give me death" to tacitly accepting the equivalent of "papers please, comrade".

And they seem to accept is as a good idea, and completely miss why all of this secret security with absolute power is a really bad idea.

Weasel words (0)

Anonymous Coward | about 6 months ago | (#47128191)

The UPS statement is full of disclaimers like 'unless required by law' and 'not aware of' type statements. Its pretty clear that they're spinning it hard to avoid scrutiny.

Re:Weasel words (4, Insightful)

NoNonAlphaCharsHere (2201864) | about 6 months ago | (#47128223)

"UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments."

Because we know the NSA never does anything without a valid court order.

Re:Weasel words (1)

mspohr (589790) | about 6 months ago | (#47129337)

Or, they could have received a National Security Letter which requires them to deny the existence of the letter and its contents.

Re:Weasel words (1)

NotDrWho (3543773) | about 6 months ago | (#47129009)

Don't forget "It's our standard policy not to" which is NOT the same as "We didn't" of course.

What kind of spyware (0, Interesting)

Anonymous Coward | about 6 months ago | (#47128195)

So, what kind of spyware could be installed on an IOS router? Does the NSA write their own bootloader?

Re:What kind of spyware (0)

Anonymous Coward | about 6 months ago | (#47129427)

:: sigh ::

God almighty this place has gone down hill.

Can NSA serve National Security Letters? (4, Interesting)

Gibgezr (2025238) | about 6 months ago | (#47128199)

Excuse my ignorance, I am not from the U.S., but I thought only the F.B.I. could serve National Security Letters. Can the NSA also serve them?

Re:Can NSA serve National Security Letters? (0)

Anonymous Coward | about 6 months ago | (#47128333)

There are a plethora of weird "letters" that can be issued without court oversight, and others where the court is kept confidential. Look up the weirdness of the USa "Patriot Act", which was one of the least patriotic Congressional violations of the constitution in my lifetime.

Re:Can NSA serve National Security Letters? (1, Troll)

Opportunist (166417) | about 6 months ago | (#47128339)

That information is classified.

Re:Can NSA serve National Security Letters? (0)

Anonymous Coward | about 6 months ago | (#47128971)

That information is classified.

The fact that this data is classifed is also classifed and now that you have become a traitor to the nation for revealing that fact to the /. reading public expect drone strike in 10, 9, 8 ... Oh wait ... Dang! I did it too didn't I? ... *sigh* expecting drone strike on self in 10, 9, 8 ...

Re:Can NSA serve National Security Letters? (1)

pslytely psycho (1699190) | about 6 months ago | (#47129367)

Damn you, spoofing my IP address like that.
Fortunately I was at the grocery store when the drone struck, so no loss of life. But damn, did it leave a smoking hole in the ground where my house was.
I'm really going to miss my cat.....

Re:Can NSA serve National Security Letters? (0)

Anonymous Coward | about 6 months ago | (#47128549)

It is all one big happy "Department of Homeland Security".

so one section can easily ask the other.

And nothing prevents them from misrepresenting themselves... After all, they are with the government, and "are there to help you".

Re:Can NSA serve National Security Letters? (3, Informative)

NotDrWho (3543773) | about 6 months ago | (#47129043)

I thought only the F.B.I. could serve National Security Letters. Can the NSA also serve them?

Even if they couldn't (and they won't say whether this is the case or nor), they could easily get the FBI to do it for them.

We the public are never going to know either say (without another heroic whistleblower), since even the process is a secret. Maybe we can find out the truth in about 75 years when they declassify it.

Secret court, secret law, NSL, ... (0)

Anonymous Coward | about 6 months ago | (#47128203)

> unless it is required to do so by law

And there is your problem.

UPS had no knowledge (0)

Anonymous Coward | about 6 months ago | (#47128205)

Of course - only the mailroom dude got the letter.

Re: UPS had no knowledge (1)

Motard (1553251) | about 6 months ago | (#47128275)

Isn't UPS pretty much made up entirely of mailroom dudes?

Re: UPS had no knowledge (-1)

Anonymous Coward | about 6 months ago | (#47129363)

Well, they have a few mailroom chicks also.

Weaponized products don't sell (5, Insightful)

Anonymous Coward | about 6 months ago | (#47128213)

When you weaponize U.S. technology products to the extent that the NSA has, don't be surprised when no one wants to buy those products in the future.

What foreign CEO or government official wants U.S. technology in control of their banking industry? Their communications infrastructure? Their manufacuring base? Their electrical power and distribution network?

Can you imagine the U.S. response if the critical infrastructure items such as those listed above were found out to be backdoor and controllable at will by the Russians? Chinese? Indians?

The U.S. has a serious reputation problem right now. We need to stop this nonsense immediately if we expect our tech industry to survive.

It takes a second to destroy a reputation - it takes years, sometimes decades to build it back.

Re:Weaponized products don't sell (4, Insightful)

jythie (914043) | about 6 months ago | (#47128259)

And of course they are blaming the economic damage on getting caught as opposed to, well, what they were doing.

Also Snowden's Fault (1)

Etherwalk (681268) | about 6 months ago | (#47129181)

And of course they are blaming the economic damage on getting caught as opposed to, well, what they were doing.

Of *course* they are. They're responsible for the consequences--but they also are right, Snowden's whistleblowing was also a cause. He has (with them) done probably billions of dollars of harm to the US tech industry.

Without him, it wouldn't have happened. Without them, it wouldn't have happened. They both did it for motives that they believed justified the cost.

Re:Weaponized products don't sell (-1)

Anonymous Coward | about 6 months ago | (#47128555)

Buy stuff from China instead, see how that works out for you.

Re:Weaponized products don't sell (0)

Anonymous Coward | about 6 months ago | (#47128927)

Can you imagine the U.S. response if the critical infrastructure items such as those listed above were found out to be backdoor and controllable at will by the Russians? Chinese? Indians?

You mean the announcement the US made in the 90's about telecomm stuff made in china?

Possibly... (3, Insightful)

the_skywise (189793) | about 6 months ago | (#47128221)

"Perhaps they're bound by a National Security Letter?"

Maybe. It could also be exactly what they say - When presented by an actual warrant to intercept items (EG for goods purchased with stolen credit cards or contraband) they follow it. That WOULD include national security incidents too but, as they say "UPS is not aware of any court orders from the NSA seeking to inspect technology-related shipments" and I'd think a gag order would prevent them from affirming or denying the issue.

Re:Possibly... (0)

Anonymous Coward | about 6 months ago | (#47128277)

That's a good point. Gag orders forbid someone from talking about it -- at all. Not even confirming or denying the existence of any part of it.

Re:Possibly... (1)

grahamm (8844) | about 6 months ago | (#47128623)

In which case talking about it should never be allowed as refusing to either confirm or deny when previously having denied would strongly indicate that a gagging order had been issued.

Re:Possibly... (1)

Therefore I am (1284262) | about 6 months ago | (#47128281)

But the clumsy method of shipping it to Virginia and then on to final destination seems to indicate this was only an occasional occurrence. If there were lots of them they would have been altered/enhanced on Cisco premises before final packaging.

Re:Possibly... (0)

Anonymous Coward | about 6 months ago | (#47128401)

there is a motive for Cisco to not alter them on Cisco premises as it incriminates them a lot more than if they were complying with the gag order part of a NSL.

Re:Possibly... (1)

Hotawa Hawk-eye (976755) | about 6 months ago | (#47129403)

That wouldn't matter. If Cisco had modified the devices on premises, Congress would just give them a "get out of jail free" [wikipedia.org] (or really a "STAY out of jail free") card like they did the telecoms.

2 intrepretations (1)

jago25_98 (566531) | about 6 months ago | (#47128367)

The only thing in the statement of possible value is that UPS don't break security for just anyone. Well, isn't that expected... law and part of conditions of posting? If not, then there is possibility of interpreting this statement at face value.

However, if secure postage in terms of the law is guarenteed anyway then this statement says _nothing_. And if a statement says nothing then the purpose is clear - they are desperately trying to sub communicate under a gag order. Trying hard to highlight the problem to those who can read between the lines to bring attention to the economic damage gag orders are having to the economy.

I don't know if UPS ensure any security of packages so I don't know which it is - maybe you do.

Re:Possibly... (0)

Anonymous Coward | about 6 months ago | (#47128383)

Could there be a distinguishable difference between being aware of a court order and of being aware of receipt of a NSL at least in the sense of providing a response that leads one to believe they are denying the claim.

yeah, whatever (5, Interesting)

phillk6751 (654352) | about 6 months ago | (#47128229)

Just like Google, Microsoft, Apple, etc, etc. Nobody wants to fess up, but some appear to be "trying" to step up to the NSA now.

I wonder if they (private companies) secretly allowed it(NSA infiltration) to happen under fear of the NSA using whatever power they have to get the companies shut down if they didn't follow suit. Now that the public has been informed, the companies are using all the plausible deniability they can to prevent lawsuits. In the case of the UPS, I don't think there's any plausible deniability to use...It's not a software system that the NSA could exploit per-se.

Or is it the case these companies really are just as corrupt as the NSA?

I really don't see any other alternative, unless you want to argue that Snowdens docs were fake (Highly unlikely).

Cisco as a Victim (0)

Anonymous Coward | about 6 months ago | (#47128241)

Don't buy the PR. The ONLY thing identifiable in those pictures was the Cisco logo on a shipping box. What does GG get for product placement as victim?

Are you kidding me? (0)

Anonymous Coward | about 6 months ago | (#47128337)

If an IT something-or-other tell me they are shipping me a configured router or switch or whatever, do I check to see how many layers of tape are sealing the box? No. No one does. We accept because anything else is inconvenient. A UPS driver isn't going to notice if sone of his or her packages has more sealing tape than normal. And, since most of these packages go through some sort of distributionn centers that are cavernously huge, who knows what happens inside that structure. Am I paranoid? Maybe. Is it still true? Maybe...

Re:Are you kidding me? (-1)

Anonymous Coward | about 6 months ago | (#47128361)

Sorry about the typos. Meds...

Physical interdiction of trucks? (1)

swb (14022) | about 6 months ago | (#47128403)

Would the NSA be bold enough to physically interdict trucks? Guys with badges and guns tell you they need something in your truck, tell you you never saw them and by the way, driver Fred, you did a nice job on that new downstairs bathroom, tile job looks real professional, I'll bet your wife and daughter really like how nice it is there.

Or is it even remotely practical to identify specific package/truck combinations?

Re:Physical interdiction of trucks? (1)

oodaloop (1229816) | about 6 months ago | (#47128587)

Or is it even remotely practical to identify specific package/truck combinations?

Maybe. But also know who is driving ahead of time and know their address, relatives, etc? Less likely.

Re:Physical interdiction of trucks? (3, Interesting)

Lemmeoutada Collecti (588075) | about 6 months ago | (#47128697)

UPS drivers have assigned routes that they drive, so barring vacation and sick time any given address is serviced by the same driver every day. Knowing which truck is similarly easy, since all that would be needed is to track the first few stops to get the truck number - and if required, the driver of the day's name. Knowing the day is a function of UPS' own tracking systems, it will tell you when a package is out for delivery.

So here is a theoretical setup:

1) Identify the route of the target - the company who ordered the part
2) Order a delivery scheduled for the same day to a company earlier in the route
3) Watch the second company, identify the truck number and driver
4) Run a background on the driver to find out family, friends, brand of toilet paper
5) Meet driver en route and perform the stop as above

Re:Physical interdiction of trucks? (0)

Anonymous Coward | about 6 months ago | (#47128593)

They probably COULD identify a specific package/truck combination - UPS and Fedex both have tracking numbers on all the packages and know which trucks are carrying which packages, as they're scanned any time they enter or leave a facility. Intercepting them would be a different beast entirely, though. The NSA would need to know where the package is going, which would require a FISA court rubberstamp and an issued NSL to keep people quiet. By the time they get both of those things, it would be too late.

There'd be no reason to do it anyway - they could simply send people to the UPS node closest to the end destination of the package, intercept it there, and ship it off to their facilities for "modification".

Interdicts, the lot of them. (0)

Anonymous Coward | about 6 months ago | (#47128411)

I'll still not be trusting anything or anyone. Not because I have something to hide, but because of principle of all this sneakiness being bullshit.
Being sneaky is not good security. The fact that your possible "methods" of finding da terrorists being hidden hasn't worked already, outside of maybe finding some retard from 4chan that is going to try mess with football again, says much.

But as a bigger problem, so many people are going to be turned off by this.
I'm sure one group already outright said they are never buying Cisco hardware again because of this. Thanks NSA, you damaged Cisco and your own economy. (forgot who that was again though)
And it is likely only going to get worse.

Funny how there was all this crap going around about spyware in Chinese hardware. I wonder if they were trying to make everyone hate them so they'd eventually get "permission" for global spying (aka the project that already existed long before)
Was there ever even any proof of that? I know it is much harder to both hide and find hardware spying devices than software counterparts.

Looks like some new packaging is needed. (1)

jcochran (309950) | about 6 months ago | (#47128505)

Seems to me that unless the law prohibits it, tech companies will need to start using tamper evident packaging. Then it won't matter if the NSA, CIA, FBI or other 3 letter agencies intercept the product during shipping. Perhaps glitter embedded in varnish painted over critical screws/fasteners, then photographed from various angles and posted to a web page, or emailed to the customer prior to shipping. Then if the item is intercepted the 3 letter agency will have a rather ... difficult ... time bypassing those seals such that careful examination upon receipt against the photographs received earlier won't reveal any tampering.

Re:Looks like some new packaging is needed. (0)

Anonymous Coward | about 6 months ago | (#47128765)

In (nearly?) every country, customs authorities reserve the right to open any package they deem suspicious.

Is that broken tamperproof tape the result of a 3 letter agency or just the work of a customs agent because the drug sniffing dog sneezed at it?

Re:Looks like some new packaging is needed. (1)

jcochran (309950) | about 6 months ago | (#47129231)

Ah, but the tamper evident seals are on the actual item. Not the package. And if customs wants to look at the item, they can easily retrieve the photographs hosted on the manufacture's site. And if they match the tamper evident, randomized seal, then drug hiding is ... not very likely ... unless of course, you wish to believe that the drugs were stashed at the time of manufacture. The reason for sending the photograph to the customer prior to shipping is to prevent a TLA from breaking the seal, tampering, replacing the seal, then forcing the manufacturer to change their web site with a new set of photographs of the new seals.

Re:Looks like some new packaging is needed. (0)

Anonymous Coward | about 6 months ago | (#47129251)

Physical modification of the device may not be necessary. Perhaps all one has to do is power up and connect to its console. Assume multiple backdoors are "built in" to all large routers and the NSA interception process is used to associate the specific device with the customer. During the process, perhaps optional spy "features" could be activated by setting "unused" bits in flash intended to keep information about the local device, such as its serial number, on-time, fan speed, etc. The backdoors and associations could remain intact even if the device is factory reset, reloaded with signed firmware and inspected for physical modification.

Like UPS managment knows what their employees do? (0)

Anonymous Coward | about 6 months ago | (#47128525)

NSA hires on people to work at UPS, NSA gets access. Two easy steps. That's exactly what Snowden did in his jobs.

"Does not voluntarily" (0)

nurb432 (527695) | about 6 months ago | (#47128665)

Odd, and careful choice of words there guys.

National Security Letter (3, Insightful)

plazman30 (531348) | about 6 months ago | (#47128711)

Of course they're gagged by a National Security Letter. This whole process is disgusting.

Re:National Security Letter (0)

Anonymous Coward | about 6 months ago | (#47129057)

This whole process is disgusting.

Yes, it is. Let's see if it has any effect on the elections. Since it won't, let's just move on to something else...

Hey! How 'bout them Cubs, eh?

Next time try this: (5, Funny)

mvw (2916) | about 6 months ago | (#47128719)

"Stories on rearranged routing yielded great overstatement today. For UPS customers keep invaluable. No government necessitated said law!"

Ship Cisco gear from trustworthy overseas locns (2)

decaffeinated (70626) | about 6 months ago | (#47128721)

Cisco could make life miserable for the NSA by warehousing its gear in countries that won't cooperate with the US. Non-US orders could be filled from the closest such warehouse.

Non-cooperating countries that spring to mind include Russia (for European orders), China (for Asia), Venezuela (for S. America) and maybe Palestine (for the Middle East and Africa). I don't believe there are any N. American countries that the US can't coerce, so maybe the affected countries should use other network vendors.

The downside is that delivery times for overseas orders might become quite long :-) and/or spendy.

Re:Ship Cisco gear from trustworthy overseas locns (1)

dj245 (732906) | about 6 months ago | (#47129359)

Cisco could make life miserable for the NSA by warehousing its gear in countries that won't cooperate with the US. Non-US orders could be filled from the closest such warehouse.

Non-cooperating countries that spring to mind include Russia (for European orders), China (for Asia), Venezuela (for S. America) and maybe Palestine (for the Middle East and Africa). I don't believe there are any N. American countries that the US can't coerce, so maybe the affected countries should use other network vendors.

The downside is that delivery times for overseas orders might become quite long :-) and/or spendy.

Most stable countries which don't cooperate with the US are also countries in which relatively small bribes will get you into any warehouse. This would actually be worse. In the US strange people in warehouses would eventually get noticed by somebody- maybe a dockworker, inventory manager, or a forklift operator would start asking questions. In Russia, China, Venezuela, you just pay off everybody who needs paying off.

UPS (-1)

Anonymous Coward | about 6 months ago | (#47128729)

Universal Parcel Search
Underhanded Parcel Search
Untrusted Parcel Service
Uninhibited Parcel Seizure

Geezus, UPS is flat out lying (4, Informative)

Anonymous Coward | about 6 months ago | (#47128787)

In a follow-up e-mail, Ross said UPS had no knowledge of similar orders from the FBI, CIA or any other federal agency.

This just beggars belief. It's well known that all US couriers have security divisions that work with federal and state government agencies. They routinely help with investigations of suspicious packages containing drugs, counterfeit products, explosive materials, firearms, etc.

Here's what one UPS executive, customs and brokerage manager Norman T. Schenk, had to say in a Congressional hearing in 2000 on how to stop illegal drugs from being delivered by mail:

Our partnership with the Customs Service has dramatically
curtailed the flow of contraband. Today, Mr. Chairman, we urge
you to ensure that the Customs Service has the 21st century
tools it needs to maintain the extraordinary growth of commerce
in this new millennium. Last year, the United States received
21 million commercial shipments. By 2004, that number is
projected to climb to 50 million. Customs simply cannot inspect
each shipment by hand.
        Mr. Chairman, full funding of the new automation system
known as ACE, the Automated Commercial Environment, is
essential for Customs to keep pace with the growth of commerce.
        No technology can enable the Customs Service to inspect 50
million shipments, but ACE can help Customs leverage the power
of information to target its inspections efficiently and
precisely.
        Our own experience at UPS shows the difference such a
system will make. Our advanced electronic manifesting procedure
provides Customs with extensive information from the
destination of a parcel to a description of its contents on
every package we transport to the United States before it
arrives at a UPS facility. ...
In addition to our work with Customs, UPS conducts an
aggressive and thorough drug interdiction program of our own.
We train delivery drivers to spot packages that may contain
illegal drugs. We screen for suspicious parcels. We routinely
work with the other law enforcement agencies like the FBI, DEA,
and State and local authorities, including providing them
information about any offender we identify
.

So they not work with 3 letter federal agencies routinely, but they do it without the prompting of a subpoena, or NLS.

Class Action Lawsuit (-1)

Anonymous Coward | about 6 months ago | (#47128797)

If anyone has proof, we need to sue UPS.

Who says they were third parties? (3, Interesting)

Guppy06 (410832) | about 6 months ago | (#47128947)

This all presupposes that Cisco wasn't sending these routers to Fort Meade to begin with, with the NSA re-shipping the routers to their final destination after modification.

What ever happened to not tampering with the mail? (0)

Anonymous Coward | about 6 months ago | (#47128979)

What ever happened to not tampering with the mail and that includes packages as well? I find the lack of respect for privacy disturbing and this sort of thing will come back to bite the government in the ass someday. The government can't expect privacy and secrets to be kept secrets when they themselves have created tools that can be used by anyone to violate government privacy and secrecy. Karma is a bitch.

UPS != USPS (1)

mmell (832646) | about 6 months ago | (#47129387)

On the upside, UPS doesn't routinely x-ray packages or have dogs sniffing packages. On the downside, they can't stand against the US Government if they insist on doing so.

My takeaway is that UPS doesn't care what I ship, as long as it doesn't damage their business model. Unfortunately despite their size, they're not big enough to tell the gubberment to go get stuffed. Well, they could - once.

Vetting National Security Letters (5, Interesting)

phorm (591458) | about 6 months ago | (#47129011)

OK, so the NSL is basically a secret letter, that nobody wants to talk about. How do they (recipients) even know if/when they're legit. It's not like there's a 1-800-DIAL-NSA number to check it out.

What's to stop "shady group X" from getting some serious looking guys with suits, sunglasses, and some fake ID's+forms to drop by the local datacentre and say "OK, we're NSA and we need records/access from this group of servers here. Oh, and you can't talk about this to anyone. Delay us and very bad things will happen to your and/or your business"

Please fix headline (0)

Anonymous Coward | about 6 months ago | (#47129093)

If you're going to use a fancy word like 'interdict', scare quotes and all, you might want to check that it means what you think it means first...

The NSA is an Anti-American Organization (2)

BrendaEM (871664) | about 6 months ago | (#47129323)

In almost every way The National Security Organization is a lawless, limitless, overreaching mistake, with no applied checks and balanves. The NSA exemplifies the start of what can go wrong.

Of course they're aren't going to admit it..... (1)

i_want_you_to_throw_ (559379) | about 6 months ago | (#47129407)

since the NSA also happens to slap gag orders on everyone too. Pointless.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?