As someone that would probably be within that subset of people singling out Blue Coat, I would perhaps go as far as saying that the company is targeted because it is relatively easy. Citizen Lab, Telecomix and others were able to locate the devices because they had the sorts of signatures, tagging and predictable configuration ports that clearly malicious devices would not have. However, despite that they are not single-use surreptitious listening devices, the company had so clearly failed in any due diligence in manner that creates a broader debate that also applies to the Ciscos, Fortinets, et al of the world. If one were to tell me how to detect ZTE or Huawei kit on a network, you would essentially be dictating my time and attention for the next month. By all means, please. Until then, at least Blue Coat provides the opportunity to educate policy-makers on what should be done, case in point the civil society comment to State asking this very question: http://newamerica.net/publications/resources/2013/comments_regarding_sensiti... Comments to the comment are very welcome, had I realized it was publicly posted, I would have shared it with Libtech earlier. On Sat, Apr 6, 2013 at 2:03 PM, Bernard Tyers - ei8fdb <ei8fdb@ei8fdb.org>wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
I left the other wonderful people out: ZTE and their monitoring centre (shown in pictures from Libya), and of course Huawei.
Just to give a good global representation.
On 6 Apr 2013, at 15:41, Jillian C. York wrote:
Honestly? Because there is ample evidence to support it at the moment. I would also suggest that it's only "singled out" in the US - in Europe, the focus right now is on Gamma (FinFisher) and Amesys, largely.
Activists have been accused in the past of "singling out" Cisco as well. Attention has now turned to Bluecoat. When there is evidence of another company's misdeeds, attention will surely turn there.
Is that sufficient logic for you?
On Sat, Apr 6, 2013 at 11:50 AM, Bernard Tyers - ei8fdb < ei8fdb@ei8fdb.org> wrote: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi,
I've been thinking about this for a while, and can't find a logical reason. Possibly I'm not thinking about it hard enough.
I'm curious as to why Bluecoat seem to be singled out for all this attention regarding use in countries where the governments are "not nice"? Is it because they are a public, well known company? A lot the same stories repeat the same stories of Bluecoat equipment being used in the same oppressive regimes.
As someone who worked in ISP level infrastructure for a while (thankfully no longer), I've seen the equipment used "for neutral uses" - network management, etc.
However, there are a lot more sinister and disgusting companies who's products *sole-purpose* is surveillance and censorship, and sole market is those oppressive countries we talk about on this list.
My point of view is not to defend Bluecoat, quite the opposite, but there are nastier and uglier fish out there.
Can anyone set me right, or give an opinion? On or off list is fine.
thanks, Bernard
- -------------------------------------- Bernard / bluboxthief / ei8fdb
IO91XM / www.ei8fdb.org
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQEcBAEBAgAGBQJRX+/0AAoJENsz1IO7MIrrMQcH/1vOMQvty80EZkCGcqbXiT9t SI0o9OOU+wn3Am5ERwDfXlcXy+V/28vbXxPvbhRtjIukF1X94fgJ95+ODn2dOY6g B4wnOmLzvDT8HovPhf1zH4Dkot3N50Rkt4V4k29163EYVPgLkkuRrPgU6HGwB9IH dVW54KNXnZX3sXFsYle0j8rayI1tgPWpesPpWCe/J5pI+ljLTFbLEJ+Ytz6rPbqu y4c/Irjknh8NCVr1LLaGnTkeZQstv5oWZErRrv0bl9Qkm737PAkUCmhTjvBoJw7+ kJ9b7lFjJ2h9TRdw54RwTomRrhe4yYmPYlWnSyy4k6d6PK1B7bjKdUT89xjn4jY= =PYRZ -----END PGP SIGNATURE----- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
-- US: +1-857-891-4244 | NL: +31-657086088 site: jilliancyork.com | twitter: @jilliancyork
"We must not be afraid of dreaming the seemingly impossible if we want the seemingly impossible to become a reality" - Vaclav Havel -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
- -------------------------------------- Bernard / bluboxthief / ei8fdb
IO91XM / www.ei8fdb.org
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQEcBAEBAgAGBQJRYGNVAAoJENsz1IO7MIrrsT8H/2ZcRr+vWXVYpbFjGVBxiGh1 Ywpmpd9h0Fnhp0lXqIRav8Op3EGFNkz8iT6Iaf0R/gjIYZnw+SWfw2E9BMbljyN3 1At+X6PllrUkbkomwJvJnaIri+xC3F7C2IZfeQlbefAm3h5LUwClpCzI6UFuJkLV wZKPvb74VOkrddhxsUsPkqFq7B1J0x43FYpPlF3OaRJ6beWHlDuBrc+350zFMw28 EajxjtTE1GApETOkzsQePT1R9nsAlpeM/4MEjErcQcct289U7owdf+WDHKO0koj0 1wqtq6M64jX8k1aw1Buw1i4ukhz9DrTtc9IK44xdcLsrkPFSym7H3CCjrmiIwng= =jhqN -----END PGP SIGNATURE----- -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
-- *Collin David Anderson* averysmallbird.com | @cda | Washington, D.C. -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
participants (1)
-
Collin Anderson