Report accuses BT of supplying backdoors for GCHQ and NSA
Researchers accuse BT of placing backdoors into firmware, linking their modems to network in the U.K. with IPs assigned to the U.S. Department of Defense
By Steve Ragan , Staff Writer
Objectively, while the report does raise serious concerns, this is the only report of its kind. While the ability to reproduce the findings exists, no other researchers have taken on the task.
When asked for comment, BT responded to CSO with a statement saying, "We comply with the law wherever we operate and do not disclose customer data in any jurisdiction unless legally required to do so."
On the issue of the USDOD IP address referenced by the paper's authors, that block of addresses has been used by many firms over the years. It's a valuable piece of IPv4 real-estate that is often enabled internally by an ISP after they've gotten permission from the Defense Information Systems Agency (the part of the USDOD that manages networks and infrastructure).
Just last year, Sprint was using IPs internally from that block for their mobile network. So the fact that BT would be using it too isn't a shock to network engineers who have seen the paper.
In short, one security expert told CSO, the usage of 30.x.x.x /8 doesn't really imply NSA monitoring at all. In fact, he added, "If you want a non-routable IP that won't break when using it, [the] DOD is your best choice."
Read more about data protection in CSOonline's Data Protection section.
Other stories by Steve Ragan