Cisco switches are thoroughly p0wned, both through SW and HW (Fedex/UPS interception). Your home routers are already p0wned (google "TR-069") by your service provider, so simple NSL's get the govt the vast majority of these. The rest of them are so vulnerable due to 5-10 year old software that they are cracked in seconds. The Cisco situation is hilarious. The US govt complains that Huawei routers have backdoors inserted by the Chinese govt, while simultaneously inserting their own backdoors into Cisco routers. A case of the pot calling the kettle black. The British govt just passed another CALEA-type law to go after non-voice content, and many other govts already have such laws. CALEA backdoors have already been misused by criminals & govts. http://www.theregister.co.uk/2013/05/21/crypto_boffins_oppose_fed_backdoors/ "For example, eavesdroppers tapped the mobile phones of the then Prime Minister of Greece, Kostas Karamanlis, his cabinet ministers and security officials for about nine months between June 2004 and March 2005 around the time of the Athens Olympics." "The spies used CALEA backdoors on Vodafone Greece switches to illegally plant spyware so that conversations were relayed to 14 shadow pay-as-you-go mobile phones." "The Greek newspaper Kathimerini on Sunday revealed in 2011 that four of those phones were originally purchased by the US embassy, although the eavesdroppers were never traced. In a similar case, AT&T's CALEA controls went through a Solaris machine that was rooted by hackers, giving crooks the ability to tap into calls." At 10:26 AM 4/14/2015, Michael Greenwald wrote:
On 2015-04-14 12:40, Dan Asimov wrote: However, if you're talking about network switches, not computers in general, then the CALEA laws require (I think) that every switch has a mechanism to allow the government (subject to warrants and other legal constraints) to tap all traffic going through the switch. My memory is very fuzzy on this point, but I think all switches/routers produced in the US may be required to have this a CALEA tap of some sort.