[NNagain] Fwd: New Exclusive Report on 'Rip and Replace'
David Bray, PhD
david.a.bray at gmail.com
Thu Mar 21 10:00:07 EDT 2024
Recognizing this is a broad distro so I am going to ask that any use of
this post comply with the Chatham House rule of non-attribution to avoid
consternation for any of the organizations involved - however there is a
company by the name of TrueNorth Cyber that was asked by an important part
of the USG to test a router that externally and internally (at least in
terms of popping the lid) to be a Cisco Router.
However twice the router had run hot. And twice the router was shipped back
to Cisco to verify everything was okay - and twice the bird was shipped
back to the USG saying yes, everything is good.
However TrueNorth does deep hardware interrogation. And with their methods
they identified this was **not** a Cisco router, but rather a Huawei board
claiming to be a Cisco router in terms of electronic presentation with the
bus, bios, etc. And even more disturbingly the board had been in use in a
very sensitive USG environment for about 10 years by that time.
TrueNorth has tested other warehouses of equipment that was believed by
others to be “all good” and found on average 60-65% of hardware equipment
has non-standard configurations inconsistent with the described specs. Not
all of this is as extreme as the above, some of instances where memory from
a different vendor was employed vs. what was sold or a chipset was swapped
out from the standard config - however given the identification of covert
modems at U.S. shipping facilities, how many IT and networking environments
have run deep hardware interrogation to confirm that the hardware they
think they have - really is what it claims to be?
And no - “hologram decals” on hardware won’t help you here given they can
easily be spoofed.
*David Bray, PhD *Principal, LeadDoAdapt Ventures, Inc.
<https://www.leaddoadapt.com/>
Loomis Innovation Council Co-Chair
<https://napawash.org/fellow/305629> & Distinguished
Fellow
<https://www.cxotalk.com/bio/dr-david-bray-distinguished-fellow-stimson-center>Henry
S. Stimson Center <https://www.stimson.org/ppl/david-bray/>, Business
Executives for National Security <https://bens.org/people/dr-david-bray/>
On Thu, Mar 21, 2024 at 09:43 Dave Taht via Nnagain <
nnagain at lists.bufferbloat.net> wrote:
> I have been trying to point out for many years now, that a lot of hardware
> can just have it's firmware replaced with something more trustable, secure,
> reliable, and feature full. I was appalled at the recent BOFO (?) rules
> that mandated buy american for secure .... glass .... and totally ignored
> the firmware problem. I have not read up on rip and replace progress below,
> and am afraid to, if someone could summarize?
>
> Ironically, I regard Huwai's compliance with the GPL, and general
> open source contribution philosophy as exemplary in an industry that
> seemingly has forgotten the benefits of openness or the copyright
> provisions of that license.
>
> The president of huwai once responded to complaints by promising to open
> up all it's source code for inspection... (cannot find the link), but the
> CISCOs of the world evaporated that possibility, and the mess downstream of
> most chinese AND american manufacturers has to be scanned to be believed.
>
> ... a lot of huwai's consumer gear can be reflashed to OpenWrt, which is
> maintained by a group of very security concious folk, mostly based in
> germany.
>
>
>
> ---------- Forwarded message ---------
> From: Broadband Breakfast <news at broadbandcensus.com>
> Date: Thu, Mar 21, 2024 at 9:23 AM
> Subject: New Exclusive Report on 'Rip and Replace'
> To: Dave Taht <dave.taht at gmail.com>
>
>
> Broadband Breakfast Live Online Every Wednesday at 12 Noon ET
> View this email in your browser
> <https://mailchi.mp/broadbandcensus/broadband-maps-from-providers-need-to-be-checked-with-data-from-users-4746958-unsh77cz1u-4747010?e=62f1e7a8b2>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=2942c43d06&e=62f1e7a8b2>
> *'RIP AND REPLACE'* The Policy and Law Behind 'Rip and Replace'
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=aa889f3f96&e=62f1e7a8b2>
> *
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=7a63842898&e=62f1e7a8b2>*
>
> Emerging reports signal a growing concern among telecommunications
> providers grappling with compliance to the Federal Communications
> Commission's mandate to excise problematic equipment from certain Chinese
> companies.
>
> Amid this regulatory melange, providers are finding themselves at a
> crossroads, with the daunting task of navigating stringent regulations,
> facing the financial brunt of equipment replacement, and contending with
> the ambiguity surrounding funding mechanisms for such extensive
> undertakings.
>
> At the heart of this unfolding scenario is the "rip and replace" program,
> a cornerstone initiative under the *Secure and Trusted Communications
> Networks Act of 2019*
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=71ee2b1df3&e=62f1e7a8b2>,
> designed to fortify the nation's telecommunications infrastructure against
> potential espionage and cyber threats.
>
> This *comprehensive effort *
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=5d7ef10837&e=62f1e7a8b2>not
> only mandates the purging of equipment from companies like Huawei
> Technologies and ZTE Corporation, deemed security risks, but also
> underscores a pivotal shift towards securing the integrity and reliability
> of U.S. telecommunications networks.
>
> As the FCC enforces this order, the ripple effects are palpable, spanning
> legal and financial implications for compliant companies and operational
> challenges that demand innovative solutions, all while setting a precedent
> for how national security considerations are increasingly shaping the
> telecommunications landscape.
> *What is 'Rip and Replace'?*
>
> The rip and replace initiative, officially part of the initiatives under *the
> Secure and Trusted Communications Networks Act of 2019*
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=dc620d7161&e=62f1e7a8b2>,
> is a Federal Communications Commission effort aimed at enhancing national
> security within the country's telecommunications infrastructure.
>
> Read more by becoming a Broadband Breakfast Club Member....
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=7eaabbc42f&e=62f1e7a8b2>
> *Have you been to Broadband Breakfast lately?*
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=b0cb6f597e&e=62f1e7a8b2>
> Broadband Breakfast has been freshly redesigned to make it easier to find
> the content you need about America's broadband buildout.
>
> Broadband Breakfast is the community for Better Broadband, Better Lives.
>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=e7b2de2d13&e=62f1e7a8b2>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=9ab17132fd&e=62f1e7a8b2>
>
> *#BROADBAND LIVE*
> Fiber and Wireless Solutions for 'Always On' Deployment Strategies on
> Tuesday, March 26, 2024
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=73473b9966&e=62f1e7a8b2> *TUESDAY
> at 2 p.m. ET – REGISTER HERE to join live!
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=f3acf305fe&e=62f1e7a8b2>*
>
> The application of quantum physics to traditional internet connections
> holds great promise for enhancing speed, efficiency, and security in future
> networks. As quantum processors venture out of physics labs and into data
> centers, hear how they could work in tandem with advancing broadband
> infrastructure to transmit vast datasets across future internet backbones.
> Tune in for a dynamic discussion on how quantum mechanics can transform
> computing, the internet and global communications.
>
>
> The digital infrastructure is evolving at exponential rates and the demand
> for smarter systems and a more connected world is imperative to the
> progression of our communities. Deploying a broadband strategy isn’t
> straight forward and requires flexibility, creativity, and the ability to
> pivot quickly. Join the Wesco experts as they dive into the wireless and
> fiber solutions driving innovation, enabling 24/7 connectivity and IoT, and
> fortifying communities for tomorrow.
> *Panelists*
>
> - *Chris Bailey*, Director, Strategic Accounts
> - *Carla Shaffer*, Vice President, Wireless
> - *Drew Clark *(moderator), Editor and Publisher, Broadband Breakfast
>
>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=3f3e0d1dfb&e=62f1e7a8b2>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=511ee29008&e=62f1e7a8b2> Most
> Democratic Senators Want Congress to Make ACP Renewal 'Must Pass'
> Legislation
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=23c5f1fe02&e=62f1e7a8b2>
>
> WASHINGTON, March 20, 2024 – Thirty three Democratic and Independent
> Senators on Friday co-signed a letter urging Senate and House leaders to
> use “must-pass” budget legislation to include an extension of the
> Affordable Connectivity Program.
>
> The *letter urges Congressional leaders*
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=85ccef98a9&e=62f1e7a8b2> to
> support bipartisan legislation to save the ACP from expiration when funds
> are expected to be exhausted next month. The letter argued that the program
> is necessary to close the connectivity gap between Americans.
>
> Notable signatories include Sen. *John Fetterman*, D-Pennsylvania, Sen. *Raphael
> Warnock*, D-Georgia, and Sen. *Alex Padilla*, D-California.
> Todd Eachus: Government Red Tape Threatens Universal Broadband
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=bae8a27942&e=62f1e7a8b2>
>
> Pennsylvania’s mountainous terrain and rural areas with few homes have
> made it difficult and expensive for broadband expansion.
> What's In the FY 2025 Budget for Broadband and Technology
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=9ee96a8d56&e=62f1e7a8b2>
>
> WASHINGTON, March 20, 2024 – The White House unveiled its *proposed
> fiscal year 2025 budget*
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=1f6ef48d27&e=62f1e7a8b2> last
> week, earmarking $6 billion for enhancing internet affordability for
> consumers and $112 million for expanding rural broadband infrastructure.
>
> The proposed budget underscores that certain broadband and technology
> initiatives are integral to President *Joe Biden*'s economic vision of
> reducing costs, stimulating job growth, boosting manufacturing, and
> ensuring the protection of American consumers.
>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=362746d7a4&e=62f1e7a8b2>
> Introducing the California Broadband Summit at the CalMatters Ideas
> Festival
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=0d849a3197&e=62f1e7a8b2>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=c15861f4fd&e=62f1e7a8b2>
>
> The event in Sacramento, California, on Wednesday, June 5 is part of the CalMatters
> Ideas Festival
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=a43d388573&e=62f1e7a8b2> on
> June 5-6, 2024.
> Reserve Your Spot Now!
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=4f7737a7ef&e=62f1e7a8b2>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=ea0ae5e98f&e=62f1e7a8b2> *Panel
> 1: The California Broadband Moment *
>
> As billions flood into broadband development nationwide, California is
> riding high on this wave, netting $1.86B from the government’s flagship
> Broadband Equity, Access and Deployment Program. For the nation’s leading
> tech hub, how has this pivotal moment unfolded? How does this dovetail with
> the state’s ongoing initiatives aimed to drive innovation in the technology
> and telecom sectors?
> *Panel 2: California’s Pathbreaking Middle Mile Program*
>
> In 2021, California unanimously passed SB 156, earmarking a $6 billion
> broadband investment to bridge the statewide digital divide. More than half
> of the funds are funneled towards building open-access, state-owned middle
> mile networks with high capacity fiber. As this expansive investment fans
> out across the state, how is California positioned to capitalize on it?
> What opportunities and potential pitfalls might the state encounter along
> the way?
> *Panel 3: California’s Cost to Build*
>
> With one of the country's most extensive highway networks, California must
> also wrangle with the prickly issue of broadband right-of-way, which often
> drive up the cost of deployment. This legal clearance for deploying and
> maintaining broadband infrastructure along public routes often muddies the
> waters around broadband expansion plans. Where does the state stand on this
> issue? Are there still any bottlenecks that need ironing out for seamless
> broadband flow across the state?
> *Panel 4: Net Neutrality and Privacy*
>
> While federal net neutrality rules hang in limbo, California has long
> upheld its own law regarding the equal treatment of data, as well as its
> state-leading law on internet privacy With its sights on universal
> broadband access statewide, how does net neutrality factor into
> California’s game plan? What role has California’s leadership role on net
> neutrality and privacy had on broadband for California?
> Sponsors
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=f485dfc5a9&e=62f1e7a8b2>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=fc212dc8fc&e=62f1e7a8b2>
>
> *The California Emerging Technology Fund*
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=4f028aeedd&e=62f1e7a8b2> (CETF)
> has been on a mission over the last decade to forge partnerships and foster
> public policy to close the Digital Divide. This work has been
> strategically-focused, results-oriented, and people-centered. CETF is a
> leading proponent of the Digital Equity Bill of Rights
> House Commerce Committee Advances Four Communications Bills
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=3bcc1bd114&e=62f1e7a8b2>
>
> WASHINGTON, March 20, 2024 – The House Energy and Commerce Committee
> advanced four pieces of communications legislation on Wednesday.
>
> Three of the bills are network security measures targeting companies from
> China and other countries deemed national security threats, and one would
> direct the Federal Communications Commission to stand up a task force to
> study 6G technology. The bills were passed unanimously with bipartisan
> support.
>
> “Taken together, these bills will help protect American networks from
> security threats, while also allowing our country to remain a global leader
> in communications technology,” said Ranking Member *Frank Pallon*e, D-New
> Jersey.
> With Affordable Connectivity Funds Running Out, ISPs May Choose Partial
> Reimbursement
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=b686490934&e=62f1e7a8b2>
>
> WASHINGTON, March 20, 2024 – As the looming deadline of the Affordable
> Connectivity Program draws nearer, providers now face a decision of whether
> to continue offering ACP-supported services through May by taking partial
> reimbursement funding, or dropping consumers.
>
> In a public notice released Monday
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=9882e3ce45&e=62f1e7a8b2>,
> the Federal Communications Commission alerted internet service providers
> that without additional funding from Congress, the Affordable Connectivity
> Program won't reimburse them fully for the service and device benefits
> applied to ACP-recipient internet bills beginning in May.
> Housing Group Blasts Proposal to Ban Broadband 'Bulk Billing'
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=991288f3aa&e=62f1e7a8b2>
>
> An advocacy group on behalf of landlords and lenders argued the FCC should
> not ban bulking billing practices.
>
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=5ec0998466&e=62f1e7a8b2>
>
> *#BROADBAND LIVE*
> Broadband Breakfast on March 27, 2024 – Generative AI and Congressional
> Action
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=0e558c9717&e=62f1e7a8b2>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=3147247da1&e=62f1e7a8b2> *WEDNESDAY,
> 12 NOON ET – REGISTER HERE to join live!
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=8e8431b3ea&e=62f1e7a8b2>*
>
> As generative AI capabilities quickly get woven into the fabric of daily
> life and business practices, the debate around regulating this disruptive
> technology has been catapulted into the public eye. Despite a flurry of
> bill proposals hitting the floor, including President Biden's Executive
> Order laying out an AI bill of rights, national-level guardrails have
> ground to a halt without solid congressional buy-in. With lawmakers
> returning to the Hill in 2024 amidst an election cycle in full swing, how
> does AI regulation factor into the national storyline? What legislative
> measures might be in the pipeline for Congress?
> Broadband Providers Oppose Another Petition to Change FCC Pole Rules
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=bb7051d850&e=62f1e7a8b2>
>
> A coalition of utility companies asked the FCC to discard part of its new
> pole attachment rules.
> House Passes Bill to Fund Broadband in Economically Distressed Areas
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=0908bce4bf&e=62f1e7a8b2>
>
> The bill is aimed at making Economic Development Administration grants
> more accessible for broadband projects.
> At Free State Event, Most Industry and Academics Dump on FCC Regulation
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=0d80971a8c&e=62f1e7a8b2>
>
> The officials criticized the agency’s proposal to create more stringent
> regulations on broadband access.
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=9ffcb8cfd1&e=62f1e7a8b2>
>
> *#BROADBAND LIVE*
> Broadband Breakfast on April 3, 2024 – Generative AI and Congressional
> Action
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=c706a82c3c&e=62f1e7a8b2>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=5db208b638&e=62f1e7a8b2> *WEDNESDAY,
> 12 NOON ET – REGISTER HERE to join live!
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=b5a0318928&e=62f1e7a8b2>*
>
> Reliable high-speed internet is crucial for unlocking the full potential
> of precision agriculture, which utilizes advanced technologies such as GPS,
> sensors, and data analytics to optimize farming practices. With significant
> broadband funding and opportunities across the nation, efforts to enhance
> broadband connectivity on agricultural land, spearheaded by the Federal
> Communications Commission's Precision Agriculture task force, are gaining
> momentum. How is the adoption of precision agriculture going? What promise
> does it hold for the future of farming and technology? How is it factored
> into ongoing broadband funding and deployment in rural areas?
>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=c55c3d98b5&e=62f1e7a8b2>
>
>
>
> *About Broadband Breakfast: Broadband Breakfast is the leading media
> company advocating for higher-capacity internet everywhere through topical,
> timely and intelligent coverage. The company’s annual Digital
> Infrastructure Investment conference champions a robust 21st century
> information economy.*
>
> *#BROADBAND LIVE*
> Sign up to Receive Recording and Slides from Broadband Analytics Seminar
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=5d5ea38a15&e=62f1e7a8b2>
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=482b0cbeda&e=62f1e7a8b2>
>
> [image: http://www.twitter.com/broadbandcensus]
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=3e0edf7381&e=62f1e7a8b2>
> [image: http://www.facebook.com/broadbandbreakfast]
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=c91b53aa0f&e=62f1e7a8b2>
> [image: YouTube]
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=4b56040974&e=62f1e7a8b2>
> [image: LinkedIn]
> <https://BroadbandBreakfast.us3.list-manage.com/track/click?u=5637f8058831c038004b4f502&id=2e491c6b54&e=62f1e7a8b2>
> *Copyright © 2024 Broadband Breakfast, All rights reserved.*
> You are receiving this email because you opted in via our website.
>
> *Our mailing address is:*
> Broadband Breakfast
> 1750 K St NW Ste 1200
> <https://www.google.com/maps/search/1750+K+St+NW+Ste+1200+Washington?entry=gmail&source=g>
> Washington
> <https://www.google.com/maps/search/1750+K+St+NW+Ste+1200+Washington?entry=gmail&source=g>,
> DC 20006-2303
>
> Add us to your address book
> <https://BroadbandBreakfast.us3.list-manage.com/vcard?u=5637f8058831c038004b4f502&id=89ee35bd4e>
>
>
> Want to change how you receive these emails?
> You can update your preferences
> <https://BroadbandBreakfast.us3.list-manage.com/profile?u=5637f8058831c038004b4f502&id=89ee35bd4e&e=62f1e7a8b2&c=78c4b0d97e>
> or unsubscribe from this list
> <https://BroadbandBreakfast.us3.list-manage.com/unsubscribe?u=5637f8058831c038004b4f502&id=89ee35bd4e&t=b&e=62f1e7a8b2&c=78c4b0d97e>
> .
>
>
>
> --
> https://www.youtube.com/watch?v=N0Tmvv5jJKs Epik Mellon Podcast
> Dave Täht CSO, LibreQos
> _______________________________________________
> Nnagain mailing list
> Nnagain at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/nnagain
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/nnagain/attachments/20240321/49a5960b/attachment-0001.html>
More information about the Nnagain
mailing list