[liberationtech] Why Bluecoat?

Collin Anderson collin at averysmallbird.com
Sun Apr 7 09:28:35 PDT 2013 

As someone that would probably be within that subset of people singling out
Blue Coat, I would perhaps go as far as saying that the company is targeted
because it is relatively easy. Citizen Lab, Telecomix and others were able
to locate the devices because they had the sorts of signatures, tagging
and predictable configuration ports that clearly malicious devices would
not have. However, despite that they are not
single-use surreptitious listening devices, the company had so clearly
failed in any due diligence in manner that creates a broader debate that
also applies to the Ciscos, Fortinets, et al of the world.

If one were to tell me how to detect ZTE or Huawei kit on a network, you
would essentially be dictating my time and attention for the next month. By
all means, please.

Until then, at least Blue Coat provides the opportunity to educate
policy-makers on what should be done, case in point the civil society
comment to State asking this very question:

http://newamerica.net/publications/resources/2013/comments_regarding_sensitive_technologies_guidance

Comments to the comment are very welcome, had I realized it was publicly
posted, I would have shared it with Libtech earlier.


On Sat, Apr 6, 2013 at 2:03 PM, Bernard Tyers - ei8fdb <ei8fdb at ei8fdb.org>wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> I left the other wonderful people out:  ZTE and their monitoring centre
> (shown in pictures from Libya), and of course Huawei.
>
> Just to give a good global representation.
>
>
> On 6 Apr 2013, at 15:41, Jillian C. York wrote:
>
> > Honestly?  Because there is ample evidence to support it at the moment.
>  I would also suggest that it's only "singled out" in the US - in Europe,
> the focus right now is on Gamma (FinFisher) and Amesys, largely.
> >
> > Activists have been accused in the past of "singling out" Cisco as well.
>  Attention has now turned to Bluecoat.  When there is evidence of another
> company's misdeeds, attention will surely turn there.
> >
> > Is that sufficient logic for you?
> >
> > On Sat, Apr 6, 2013 at 11:50 AM, Bernard Tyers - ei8fdb <
> ei8fdb at ei8fdb.org> wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> >
> > Hi,
> >
> > I've been thinking about this for a while, and can't find a logical
> reason. Possibly I'm not thinking about it hard enough.
> >
> > I'm curious as to why Bluecoat seem to be singled out for all this
> attention regarding use in countries where the governments are "not nice"?
> Is it because they are a public, well known company? A lot the same stories
> repeat the same stories of Bluecoat equipment being used in the same
> oppressive regimes.
> >
> > As someone who worked in ISP level infrastructure for a while
> (thankfully no longer), I've seen the equipment used "for neutral uses" -
> network management, etc.
> >
> > However, there are a lot more sinister and disgusting companies who's
> products *sole-purpose* is surveillance and censorship, and sole market is
> those oppressive countries we talk about on this list.
> >
> > My point of view is not to defend Bluecoat, quite the opposite, but
> there are nastier and uglier fish out there.
> >
> > Can anyone set me right, or give an opinion? On or off list is fine.
> >
> > thanks,
> > Bernard
> >
> > - --------------------------------------
> > Bernard / bluboxthief / ei8fdb
> >
> > IO91XM / www.ei8fdb.org
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> > Comment: GPGTools - http://gpgtools.org
> >
> > iQEcBAEBAgAGBQJRX+/0AAoJENsz1IO7MIrrMQcH/1vOMQvty80EZkCGcqbXiT9t
> > SI0o9OOU+wn3Am5ERwDfXlcXy+V/28vbXxPvbhRtjIukF1X94fgJ95+ODn2dOY6g
> > B4wnOmLzvDT8HovPhf1zH4Dkot3N50Rkt4V4k29163EYVPgLkkuRrPgU6HGwB9IH
> > dVW54KNXnZX3sXFsYle0j8rayI1tgPWpesPpWCe/J5pI+ljLTFbLEJ+Ytz6rPbqu
> > y4c/Irjknh8NCVr1LLaGnTkeZQstv5oWZErRrv0bl9Qkm737PAkUCmhTjvBoJw7+
> > kJ9b7lFjJ2h9TRdw54RwTomRrhe4yYmPYlWnSyy4k6d6PK1B7bjKdUT89xjn4jY=
> > =PYRZ
> > -----END PGP SIGNATURE-----
> > --
> > Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
> >
> >
> >
> > --
> > US: +1-857-891-4244 | NL: +31-657086088
> > site:  jilliancyork.com | twitter: @jilliancyork
> >
> > "We must not be afraid of dreaming the seemingly impossible if we want
> the seemingly impossible to become a reality" - Vaclav Havel
> > --
> > Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> - --------------------------------------
> Bernard / bluboxthief / ei8fdb
>
> IO91XM / www.ei8fdb.org
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
> Comment: GPGTools - http://gpgtools.org
>
> iQEcBAEBAgAGBQJRYGNVAAoJENsz1IO7MIrrsT8H/2ZcRr+vWXVYpbFjGVBxiGh1
> Ywpmpd9h0Fnhp0lXqIRav8Op3EGFNkz8iT6Iaf0R/gjIYZnw+SWfw2E9BMbljyN3
> 1At+X6PllrUkbkomwJvJnaIri+xC3F7C2IZfeQlbefAm3h5LUwClpCzI6UFuJkLV
> wZKPvb74VOkrddhxsUsPkqFq7B1J0x43FYpPlF3OaRJ6beWHlDuBrc+350zFMw28
> EajxjtTE1GApETOkzsQePT1R9nsAlpeM/4MEjErcQcct289U7owdf+WDHKO0koj0
> 1wqtq6M64jX8k1aw1Buw1i4ukhz9DrTtc9IK44xdcLsrkPFSym7H3CCjrmiIwng=
> =jhqN
> -----END PGP SIGNATURE-----
> --
> Too many emails? Unsubscribe, change to digest, or change password by
> emailing moderator at companys at stanford.edu or changing your settings at
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>



-- 
*Collin David Anderson*
averysmallbird.com | @cda | Washington, D.C.

--
Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at companys at stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list