A long-held conspiracy theory of mine: While 99%+ of those watching broadcast or cable television never have the opportunity to buy Cisco equipment for their business, and much better suited advertising channels exist (IT magazines, even TechCrunch), Cisco spends a LOT of time & money advertising on TV. (Until recently, Cisco used other brands for consumer products, e.g. Linksys!) But if it’s not to reach the consumers, why do it? Simply to “purchase” journalists and networks. If they start criticizing Cisco for its role in oppressive regimes’ censorship and e-terror campaigns, they lose a significant percent of their ad revenue.
The genius of it is, the financial ramifications are so obvious to these networks & publishers that not a single explicit word needs said; it’s not a bribe, it’s just making it lucrative to keep one’s figurative mouth shut.
Oh come on. My completely non-technical boss looked at me a while ago and said "We should get a barracuda spam filter."
Why? Why does he even know what this is? Why does he even know that spam filters exist?
Because barracuda has their ads all over every airport I've ever been in.
The same goes for cisco. If I put in a request for funding for some network gear, my boss wants to feel like he knows a bit about what I'm spending money on. Cisco helps him feel that way. When he signs off on it, he gets a warm fuzzy because the television told him that cisco gear is the best gear and cisco gear is what he needs.
He might even object if I told him that we're going to get juniper stuff instead of cisco because juniper doesn't have ads on the TV and he's never heard of them. What are they, some generic brand? No! WE need cisco!
That's the most crazy-ass, tinfoil hat thing I've heard in ages.
And I completely, 100% believe it. Damn. What possible alternative explanation could exist for that absurd consumer ad spend in the service of network infrastructure products? I hope someone can provide one, otherwise this will keep me awake tonight, pondering.
but then any company making networking equipment sold to oppressive regimes should be equally responsible, why did you single out Cisco?
obviously Cisco is the market leader and probably more of their equipment ends up everywhere (I'm not so sure though, for example Alcatel-Lucent equipment might be more welcome by anti-US regimes, than same equipment from US companies. A-L is also known UN sanctions violator).
or do you have any evidence that Cisco is specifically marketing for oppressive regimes?
This post should be required reading for anyone in West working on this technology. It's one thing to spend your life working on something of dubious benefit to humanity, it's entirely another to be directly, actively working against freedom and democracy globally.
I know of one company that used to (maybe still do?) recruit aggressively at my university, who shall remain nameless for the sake of civility, and cannot understand the students that chose to go work there despite knowing full well the business they're in.
Sadly, money motivates, and I can understand that. I still think that way about people who go to work on guided missiles and so forth. Perhaps it's a stretched simile, but I think it's like selling crack to kids to feed your family.
I don't think it's that civil to omit the company's name, it's more like letting them win. I find it interesting and useful to learn which companies are behind shady activities, as done in the article:
> The equipment, produced by Alcatel, Siemens, Cisco and others is then sold to Iran, Myanmar, Belarus and other repressive regimes, as part of normal network operator procurements.
To be frank I listed those just as examples: no idea which of those have their equipment installed at Beltelecom, but they are commonly used in similar setups. There is little point in being accusatory: the surveillance features were developed as a part of legal compliance to their respective jurisdictions, then spread worldwide.
IMHO it is best to treat corporations as a force of nature, which however can be loosely directed by legislation. People staffing them might be all fine as individuals, but the requirements of market and governments can produce socially unwelcome outcomes.
I agree that not naming names is a bad idea. Strangely, this isn't the first time I've seen people avoid it on HN though. It doesn't sound like fear of reprisal in this instance, so what is the motivation?
I think one of the most well known and egregious example of large scale surveillance outfit is the Stasi. It's reported that there was one informer per every 6 and a half people. Possibly the highest ratio of all known examples.
Stasiland http://en.wikipedia.org/wiki/Stasiland is a fascinating read. And of course "The Lives of Others" is a must watch. If for no other reason than to experience an eloquent demonstration of powerful yet understated acting.
Oh, it's not limited to the GDR. Switzerland in the eighties had the "Fichenaffäre" when it came out that the Swiss federal police did surveillance, and kept records on, about 10% of the population.
The Stasi is a fascinating example because the fall of the GDR was quick enough that they couldn't destroy most of the existing files and evidence and we have a relatively clear picture of what happened there. For the Swiss files from the 80s, an official archive exists but access to actual data is relatively difficult. If other democratically elected governments practice Stasi-style surveillance, it would be extremely hard to find out (and would, arguably be the bottom of an iceberg ranging from regular law enforcement to espionage and counter-espionage, to proactive intelligence gathering to find likely terrorists, to proactive intelligence gathering on random citizens who are not terrorists but may have rented a car from a suspected terrorist's relative).
There's definitely a large spectrum, between countries where the government uses violent means to suppress political oppostion (including but not limited to Belarus), over governments that deport people who met with a "person of interest" to third-party countries where they get tortured (see http://en.wikipedia.org/wiki/Maher_Arar) to countries where people just feel that preemptive intelligence gathering without concrete indications is more a cover-your-ass thing than a useful technique to fight crime.
Note that Lawful Interception (i.e. interfaces for government agencies to siphon off data from internet providers), as it was established by US and Europe, was never a focused effort to provide data for criminal investigations but started out with different groups of users in mind (i.e., espionnage and possibly other uses that the average citizen would find spooky).
And, as the article explains, the same technology that is used to guarantee Lawful Interception in Germany/US/other countries is used for political suppression in countries that would perhaps lack the technical sophistication but have a budget and corresponding sources for these. (Although I'm reasonably certain that companies in China and Russia will be happy to provide similar technology to potential buyers).
The technology and storage capacity of organisations like the Stasi in the 1980s is utterly trivial compared to what's possible now. Technology also greatly reduces the costs of spying, such that mass surveillance and "automatic policing" becomes economically viable without needing to employ an army of informants, investigators and people steaming open snail mail correspondence.
The best we can hope for in future is a transparent or sousveillance society where an informational balance of power is maintained. Currently the main bottleneck is ISPs, and these are points of weakness where top-down control can be introduced to a greater or lesser extent.
The end of privacy was a foregone conclusion: with such rapidly falling cost for video and audio hardware, the only way to keep privacy would be totalitarianism.
It should be mentioned that Rop admitted at last year's congress that they were too pessimistic and that things are actually better than they looked back than. The German constitutional court has been surprisingly effective in stopping many of the government's surveillance initiatives, which no one really expected back then.
Of course, none of this really contradicts your main point, but I thought the change of opinion of the speakers might be interesting.
"While the liberty movements in the West are busy enough doing good job fighting off the surveillance wave at home, the totalitarian customer segment remains steadily serviced, by the virtue of civil opinion there being discarded and silenced."
That's a bold statement. I agree that liberty movements are fighting. But I don't think they are winning. We've definitely taken a few steps back in recent years. There are more cameras on every street corner and more companies are using facial recognition software to spot people as they go about their day to day business. I don't think that's progress.
Exactly. That said, any setback of surveillance in the West trickles down to less options available to dictators everywhere. The technology is developed first and foremost to the "home front" of developed nations, as they are the biggest market by far. Thus even local efforts of activists have potentially global impact.
It's a matter of fact that every vendor of telco equipment has to provide a lawful-interception interface when doing business at a serious scale (say, enabling services for >10k end-users). That holds true in countries with questionable political systems, but even more so in Central/Western Europe and especially in the US. It's really just how the technology is handled and used.
Regarding conspiracy theories: there's a popular saying in the telco/network industry, going like "Nobody has ever been fired for buying Cisco equipment". It's just a matter of taking personal risks for your CTO.
We at Sipwise implement VoIP switches at major ISPs in Europe, and the most uncomfortable question, which is ALWAYS asked (mostly just as a side-question, like "Btw, I suppose you support it anyways, so how does your solution work in that regards?") is the one of lawful interception.
There's a specification defined by the PacketCable consortium (http://www.cablelabs.com/packetcable/downloads/specs/PKT-SP-...), and I'd say that almost every major vendor has implemented it in one way or the other in order to be deployed at cable ISPs.
"some services allow to downgrade from SSL gracefully" - Is this true? Does this ability not defeat the point of SSL? Why would this technology be built in?
"Traditional wiretapping of phone networks was combined with GSM location services: thousands of people are now getting subpoenas and are dragged to police stations for being on streets in the vicinity of protests." - Phone towers keep location logs?
Most notably Gmail allowed downgrading to insecure connection until the China affair. There are other mail, messaging and social services people use there, some of them regional (e.g. Russian), where perception of security threats is low.
Cell towers per se do not maintain any logs, it is just transceiver equipment connected to communication line. However telecom datacenters provide location services based on signal strength from the handset to cell towers in the area. Many operators make these services available commercially to customers, and the data is nearly always accessible to law enforcement upon request.
Criminals are smart enough to remove the battery, or not carry a cell phone during a major crime. So this mostly just enables the government and telecom companies to track law-abiding citizens.
Really? All criminals? I'm not a big fan of developments in surveillance, but it's crazy to think that some criminals won't be caught. The fact that they're petty criminals or benefits cheats makes the exercise of debatable value, but not for the reason you state.
It is a good point. I am aware of Huawei, although to my knowledge it is not used in Belarus to a noticeable extent. No doubt of course it could change if this hypothetic embargo is introduced.
There are however subtleties. The government and network operators use services of big system integrators in the region: Baltic states, Russia and Ukraine. The proximity of many vendors creates competitive situation, but if only Chinese vector is available, the only viable option would be Moscow-based Huawei suppliers. This is bound to create many problems with maintaining the existing infrastructure, and the vendor will be able to dictate the price, driving up the costs of enforcement and reducing its scope. If Ruissian dealerships are used, it also creates a dependency on Putin, relations with whom for Lukashenko have not been friendly at all lately.
The genius of it is, the financial ramifications are so obvious to these networks & publishers that not a single explicit word needs said; it’s not a bribe, it’s just making it lucrative to keep one’s figurative mouth shut.