Buying computers without interception/bugging

Rered1958

New Member
Any advice for how to buy computer equipment online, with reduced risk that a friendly NSA agent will intercept the shipment and implant a hardware bug in it?

I have not bought any computers since before the Snowden leaks disclosed this as a real threat. My remaining computers are slow, and literally falling apart. I need lots of new stuff.

I don't do anything illegal, much less of national security interest. However, I have a loud mouth with my opinions... I'm probably on some interesting lists; and I use lots of crypto/anonymity networks to keep my private stuff PRIVATE. I must have clean hardware.

Most hacker/geek sites either ignore this threat, or say "cross your fingers, good luck". Thought I should ask here. People here are more practical.
 

void

Trusted Member
Business Angel
Let's assume you are right and they are capable and interested enough to monitor your purchases and bug your hardware. Then there is no need to physically go to hardware store - just use an intermediary who will buy it for you (easy to find random guy not connected with you at all).
Sounds creepy but I like your thinking btw...
 

Martin Everson

HNWI Offshore Consultant
Business Angel
Mentor Group
Yeah going into a good independent store and paying in cash is best. Don't fill out any warranty nonsense that reveals your identity and then walk out.

However if I owned a computer store and you came in with @happyjohn disguise I would call the police straight away smi(&%.
 

lavel

Offshore Agent
Business Angel
Mentor Group
It's total paranoia to think that anyone will prepare your computer parts with chip's and stuff. I actually never thought about it.
 

bancosantander

Mentor Group
Mentor Group
It's total paranoia to think that anyone will prepare your computer parts with chip's and stuff. I actually never thought about it.
It actually is possible and they do it. It just depends on who you are.
Wearing a false beard or anything like this is not necessary. Just go to a store where nobody knows you and pay by cash. Do not leave any personal information.
If you are a person of interest they can prepare your computer at the airport too during the security check.
 

Admin

Forum Moderator
Staff member
So the same apply if you buy a new BMW and you are a person of interest, hey will prepare the car with microphones and stuff like that ;) I think that's something you see in the movies but not really believe they are doing it unless you are really important and dangerous for the rest of the world.

But Hey, I'm only human and don't know better.
 

bancosantander

Mentor Group
Mentor Group
So the same apply if you buy a new BMW and you are a person of interest, hey will prepare the car with microphones and stuff like that ;) I think that's something you see in the movies but not really believe they are doing it unless you are really important and dangerous for the rest of the world.

But Hey, I'm only human and don't know better.
The wrong person just needs to say your name and they will place microphones in your car. For simple tax avoidance this will not happen. There has to be something more going on. Then it usually will not happen at the store where you buy your car. They will just open your car at night and place all the stuff.

About the Computer story:
happens even you are not a terrorist or somebody really dangerous.
 

Rered1958

New Member
My apologies for the delayed response. Cloudflare locked me out of posting last month, and it was awhile before I had time to mess around and figure out what/why/how.

I had written a long, substantive response to some of the practical ideas presented by @void, @happyjohn, @neweraoffshore, and others. But for now, I just want to see if I can post one measly link...

@lavel, @Admin, et al., I do not even watch movies! Here is but one example of many articles written on the subject about six years ago, the source for the Verge story linked by @bancosantander (thanks!):


Der Spiegel said:
[December 29, 2013]

Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO [NSA's Tailored Access Operations] can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called "load stations," agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

These minor disruptions in the parcel shipping business rank among the "most productive operations" conducted by the NSA hackers, one top secret document relates in enthusiastic terms. This method, the presentation continues, allows TAO to obtain access to networks "around the world."

[...]

REPORTED BY JACOB APPELBAUM, LAURA POITRAS, MARCEL ROSENBACH, CHRISTIAN STÖCKER, JÖRG SCHINDLER AND HOLGER STARK
An aside for those who are fond of spooky speculation: I suspect that it was such reporting as this that got Appelbaum forced out of the Tor Project based on facially incredible smear accusations, which also resulted in a sudden mass replacement of the Tor Project's whole board of directors. Hmmm. Appelbaum had access to a lot of leaked documents, and he spent about three years doing reports like this. He would not shut up until they torched his career, and so thoroughly destroyed his reputation that he essentially could never again show his face in public.

Appelbaum also had an axe to grind against the mass-surveillance company known as Cloudflare. I hope this post goes through!

The following pic of TAO modifying an interdicted Cisco router is via Ars Technica, from a leaked internal NSA document disclosed by Glenn Greenwald; I will try to link to the article in a later post, but I want to avoid attempting too many links at once:

nsa-pwn-cisco-640x373.jpg


Thanks, all, for the interesting discussion.
 

Latest Threads

Top