An anonymous article "The Internet Dark Age" published on Cryptome (here) alleges that BT and others have secretly installed back doors in modems in customer premises.
Unfortunately these paranoid ravings are causing a bit of a stir, with lots of our customers asking about this. We have had to post replies to this, and there is now an article in ISP review as well.
You really don't have to read much of the article to realise how crazy it is. It seems based on the fact that BT FTTC modems have a separate management VLAN, and that BT have chosen to put the management on a block of IPv4 addresses under 30.x.x.x. This is a non routed private network block that belongs to the US DoD which makes it ideal for a private network management LAN for BT. It does not mean it is connected to the US DoD either as a network or in any other way. It is just the block BT happened to pick for management.
The article links this to US DoD and to Snowden leaks suggesting that these modems are an integral part of the snooping being done by UK and US intelligence.
There is no actual evidence of any such links or indeed anything to suggest that this is any more than a management LAN which allows BT to do remote testing for fault diagnosis and upgrade firmware when needed. It is nothing special.
So what the hell is the point of such paranoid ravings? Who knows? They do serve to annoy people and also to undermine any real research or findings that happen later, I suppose.
At the end of the day no equipment that you do not control yourself (and even some that you do) can be 100% trusted. You cannot trust BT not to upgrade their modems to do snooping and filtering and man-in-the-middle attacks, but then you cannot trust them not to do that at the DSLAM or BRAS or anywhere else in their network. You cannot trust ISPs or transit providers not to do the same. You cannot trust your o/s provider not to do the same, or your TV manufacturer or indeed anyone that can upgrade firmware in anything on your network.
This is why we use encryption to access banks and many other sites, and can use end to end encryption for email and other applications. This is why we have firewalls. It is healthy not to trust anyone or anything when designing network security.
But there is no evidence of any such snooping. There is clear evidence against any sort of interception (e.g. man-in-the-middle attacks) because we, and our customers, can easily see what goes in and out of both ends of the back-haul. We have seen cases of bugs, for example, which caused packets to be dropped or changed, and these were picked up. Any attempt to change https traffic would be picked up very quickly and proved, so there really is no point in a major telco risking that happening.
Page 47 is a good read - the idea that the modem is a "white box" to throw you off (not being a "black box"), and the idea that it has a special hard-to-unplug RJ11 connector. Unbelievable.
I would have said the whole article is a joke, but I can't find the punch line. Are there really people quite that paranoid?
I wanted to improve our doorbell... Yes, that is dull. But the main change is not the bell (a nice, old style bell in the kitchen, which is ...
Broadband services are a wonderful innovation of our time, using multiple frequency bands (hence the name) to carry signals over wires (us...
For many years I used a small stand-alone air-conditioning unit in my study (the box room in the house) and I even had a hole in the wall fo...
It seems there is something of a standard test string for anti virus ( wikipedia has more on this). The idea is that systems that look fo...