Forgot your password?
typodupeerror
Networking Technology

Chinese Man Gets 30 Months For Fake Cisco Sales 161

Posted by kdawson
from the hey-pancho dept.
alphadogg writes "A Chinese man was sentenced to two-and-a-half years in a US prison this week for trafficking in counterfeit Cisco Systems gear. Yongcai Li, 33, will also have to pay the networking company nearly $800,000 in restitution after being the conduit for hundreds of thousands of dollars' worth of counterfeit computer hardware, the FBI said Friday. Prosecutors said he procured the fake gear in China and then sent it to co-conspirators in the US. His alleged co-conspirators have not been charged. Li was arrested by FBI agents on Jan. 9, 2009, in Las Vegas — while the annual Consumer Electronics Show was taking place there. Two years ago, the FBI claimed to have seized more than $78 million worth of counterfeit equipment in more than 400 seizures."
This discussion has been archived. No new comments can be posted.

Chinese Man Gets 30 Months For Fake Cisco Sales

Comments Filter:
  • Excuse me, editors? (Score:3, Informative)

    by Snover (469130) on Sunday February 07, 2010 @09:04PM (#31056596) Homepage

    2.5 years is not 30 years, it’s 30 months.

  • Bastards (Score:5, Insightful)

    by socceroos (1374367) on Sunday February 07, 2010 @09:09PM (#31056632)

    His alleged co-conspirators have not been charged.

    And why not? These guys should be getting just as much time as the other dude.

    • Re: (Score:3, Interesting)

      by couchslug (175151)

      Not if they rolled on him for a lighter sentence.

    • Re: (Score:3, Interesting)

      by whoever57 (658626)

      And why not? These guys should be getting just as much time as the other dude.

      Perhaps because they cut a deal with the DA's office?

    • Couldn't agree more. There might be a lot more people in China ready to keep the business going, but there are not going to be that many in US. It'll be a surprise for me if they got away because of some powerful contacts.
    • Re:Bastards (Score:5, Insightful)

      by Darkness404 (1287218) on Sunday February 07, 2010 @09:21PM (#31056710)
      Because its quite hard to prove it. For all we know he was selling them as legitimate Cisco products. If someone said that they bought wholesale Cisco consumer-grade routers and you owned a small electronics shop and could sell them for $10 profit, and the person looked legitimate most people would buy them.
      • If you RTFA, or even the small part I quoted, the US based contacts are described as co-conspirators. If accurate, there is nothing legitimate about them.
      • by dwater (72834)

        > Because its quite hard to prove it

        It wouldn't normally stop them from being *charged*. In any case, IMO, it should fall into the same category as receiving stolen goods.

    • by dwater (72834)

      It's obviously because they weren't Chinese, but USians - it's the usual double standards at work.

  • Good thing... (Score:5, Insightful)

    by Anonymous Coward on Sunday February 07, 2010 @09:17PM (#31056678)

    Good thing he didn't download a music album instead. He might of ended up with 3 times that fee.

  • by JoshuaZ (1134087) on Sunday February 07, 2010 @09:18PM (#31056688) Homepage
    China has apparently decided to get stricter about dealing with counterfeits. This may signal that China is more willing to cooperate with other countries and large corporations. However, as China produces more and more of its own goods, it has a direct economic incentive to cooperate with counterfeiting issues since that will encourage reciprocal behavior in other countries. Moreover, according to TFA, the FBI and the US government in general have been trying in particular to deal with counterfeit Cisco products. So this still took lots of pressure and activity. And Cisco does a lot of business in China, so that's yet another reason China might crack down in a case like this. This thus isn't similar to a situation like that with Google that fits in with China's broader policies on censorship and how it runs its political system. It shouldn't be surprising that China will occasionally cooperate when it has a direct economic incentive and doesn't risk tainting its people with democracy or free speech.
    • by fluffy99 (870997) on Sunday February 07, 2010 @09:33PM (#31056802)

      The only reason the Chinese govt got involved was pressure from the FBI. The only reason the FBI got involved is that some of those fake Cisco routers had a modified IOS with a backdoor password. I have a suspicion that the Chinese govt was actually involved in selling the compromised counterfeit equipment.

      This and many other examples, are why the security specialists highly recommend formatting any new computers or equipment and installing fresh software/firmware from a known good source.

      • by houghi (78078)

        A backdoor password that they did not know of.

      • security specialists highly recommend formatting any new computers or equipment and installing fresh software/firmware from a known good source.

        Here's something I can never solve: how do you reliably reflash a compromised device's firmware? If it's compromised, it could just patch the new firmware you send to it, or claim it reflashed it when it didn't do anything.

        • Well assuming they left the pins accessible (at least on home routers they are nearly always brought out to pads for a header, I dunno about the pro stuff) and you have a suitable firmware image you can take control of the processors IO BUS over the JTAG (or similar) port and use it to program the flash chip. Such programs are sometimes reffered to as "debrickers"

          You can either flash a full firmware image this way (doable but very slow) or you can program a minimal boot image and then install everything els

  • by Darkness404 (1287218) on Sunday February 07, 2010 @09:25PM (#31056760)
    The question is, what counts as counterfeit hardware? Is he taking, say "genuine" Cisco hardware (as in, made in the same factory just not with the Cisco name on it) and selling it as real Cisco hardware, is he taking inferior components to make his hardware, is the hardware functional?
    • by Ron Bennett (14590) on Sunday February 07, 2010 @09:37PM (#31056830) Homepage

      Even if the units are coming off the exact same production line (some factories, reportedly, occasionally run extra shifts for counterfeiters), some of the components used may be rejects (ie. functional, but outside of spec; think chip fabs) from the legitimate production run; units not tested as rigorously with minimal quality control.

      With that said, even if the unauthorized units are exactly identical, which in the real world is unlikely to the be the case as I've explained above, in regards to the law, it's still counterfeiting.

      Ron

      • Hm, either way, if they could sell more -cheap- "counterfeit" stuff in the US I think that would be a good thing. Generally cheap crap works out well, though, sadly I have yet to see any counterfeit stuff for actually -cheap-.
      • Re: (Score:3, Interesting)

        by Zemran (3101)

        If the goods where made on the company's own production line, that would be theft rather than counterfeit. The products made in that factory belongs to the company regardless of quality control or time of manufacture.

    • by plover (150551) * on Sunday February 07, 2010 @09:42PM (#31056868) Homepage Journal

      There's a lot that can go wrong with counterfeit hardware, even if it's made in the same factory. Out-of-spec components can be used in place of the high quality ones originally specified by the Cisco engineers. Cheap lead-based solder could be used with the RoHS label. Speeding up the production process can lead to shoddy workmanship. They probably aren't paying inspectors to check the assemblies. Toxic waste could be dumped in the garbage.

      So not only does this make for a trouble-prone product for the customer, it also costs Cisco extra. A customer who paid for a box labeled Cisco is going to expect the same customer service as one who purchased actual legitimate Cisco hardware. They're going to send the crappy boxes in for warranty replacements on Cisco's nickel. And if the quality is sub-par they're going to be complaining about crappy Cisco hardware when it's not Cisco's fault, affecting their brand image.

      In some cases the counterfeiters are fencing stolen but legitimate merchandise, but in most cases they're producing low-quality knock-offs.

      • by tonycheese (921278) on Sunday February 07, 2010 @09:57PM (#31056944)

        On top of all this, this kind of story will hurt Cisco's brand image as well. Next time you go out to buy something from a small electronics store, you may decide to go with a different brand since you know for a fact that many counterfeit Cisco products have been packaged and sold as the real thing.

        • by Eil (82413)

          Or you buy it from a trustworthy dealer, like you would with any mission-critical piece of networking gear.

          If your network is important enough that you're going to put Cisco gear in it, the last place you ought to be shopping for routers is some hole-in-the-wall second-hand computer store or, even worse, eBay.

      • Re: (Score:2, Interesting)

        by Anonymous Coward

        Cheap lead-based solder could be used with the RoHS label.

        Just FYI, lead-based solder is superior to RoHS. Even the "cheap" stuff. When people talk about "cheap, lead-based solder" they actually mean inexpensive.

        If I could find someone using actual lead solder for my circuitry, I'd buy it in a heartbeat over the RoHS. As an example, had the solder on the original XBOX 360 been lead instead of RoHS, the solder wouldn't have broken under heat stress & they'd have had fewer problems with the red rings showing up.

        We use the RoHS to keep the hippies quiet(er).

        • by plover (150551) *

          Yes, by "cheap lead-based solder" I meant inexpensive. Counterfeiters are all about reducing costs to the absolute minimum required to collect your money.

          But if there's lead in a box labeled RoHS, and it's disposed of carelessly, lead is reintroduced back into the environment. It would be handled without safety precautions.

          I'd rather have durable lead soldered parts than RoHS equipment, too. But if it's labeled RoHS, I would be OK tossing it in the trashcan rather than paying to drop it off at the recycl

        • Re: (Score:2, Interesting)

          by mjensen (118105)

          Not really the cheap you intend, but USA military often removes the RoHS solder for the old fashioned lead solder. They do this because there is a LOT of data to back up the lead solder, and lead-free solder hasn't been studied enough. Their putting trusting something they know (good and bad on lead) instead of an unknown (lead-free).

        • We use the RoHS to keep the hippies quiet(er).
          Afaict manufacturers use the lead-free solder everywhere because it's the only way to make products legally sellable in europe and it's cheaper for them to take the higher cost and failure rate of lead free solder everywhere than to set up two totally different production and stock handling processes for different markets.

      • by fishexe (168879)

        There's a lot that can go wrong with counterfeit hardware, even if it's made in the same factory. Out-of-spec components can be used in place of the high quality ones originally specified by the Cisco engineers. Cheap lead-based solder could be used with the RoHS label. Speeding up the production process can lead to shoddy workmanship. They probably aren't paying inspectors to check the assemblies. Toxic waste could be dumped in the garbage.

        All the things you say are true. They could also be using parts that were tested and found to be sub-spec, so you could end up buying a router that was made on the actual Cisco assembly line, but was known to be defective and supposed to be destroyed (or made up from similarly condemned components). That's just yet another thing to worry about, even for apparently identical "genuine" equipment.

        I would have no problem buying, say, bootleg clothes or backpacks made in the same factory as the real deal, but

        • by plover (150551) *

          What makes clothing special or different from electronics? Do you think clothing can't be made "sub-par"? That insulation placed in cheap knockoff down jackets can't be made from coarsely chopped chicken feathers that do nothing to keep you warm? That weak plastic connectors or zippers can't be substituted for durable connectors? That the fabric can't be cut against the weft so that it hangs at funny angles, or ravels instantly? That inadequate hems aren't used so the clothes fall apart after a wearing

          • by TheLink (130905)
            > "It's $200 in the store vs. $20 from the guy with the blanket on the sidewalk, I'll buy from the guy, it's the same thing."

            Where did most people get their toxic pet food from? The guy with the blanket on the sidewalk or from the stores?
            • by plover (150551) *

              Yes, that situation was a bit different. It was a crooked manufacturer selling phony products to various companies. And the scale was more massive than the midnight production runs of the "ordinary" counterfeiters. But the nature of the problems are comparable. Low quality ingredients sold as if they were high quality.

              This is also a problem in the aircraft replacement parts industry. Counterfeiters are stamping low strength bolts with markings indicating high strength parts. Inspectors are unable to see the

              • I'm sure I remember an "air crash investigation" episode about an accident caused by counterfeit parts, I don't remember whether it was a full blown crash though.

          • by fishexe (168879)

            Or more seriously, a couple years ago huge amounts of pet food were found to have had melamine additives that test positive for proteins instead of using an actual protein made from wheat glutein, causing many pets to painfully die from renal failure. And how many knock-off toys made with lead have been recalled in the past few years?

            Those weren't knock-offs. They were the actual licensed products (like Thomas the Tank Engine products) sold by the American companies that hired the Chinese factories. The deadly pet food was sold in stores by American and Canadian manufacturers. And there's no such thing as "glutein".

            • by plover (150551) *

              I will learn to spell protein and gluten correctly.
              I will learn to spell protein and gluten correctly.
              I will learn to spell protein and gluten correctly.

              Sorry, teacher.

          • by pnutjam (523990)
            After that first paragraph, I thought you had been going through my dresser. I know, I dress like crap, but don't call me out so publicly...
        • by mwvdlee (775178)

          Or it could just be assembly line "overrun"; products that are in every way exactly like the products sold but simply not accounted for in the normal production run.
          Imagine Cisco ordering production of 1,000 routers and the factory producing 1,100 routers and keeping 100 off the books. Those 100 are completely identical to the rest but merely "left over" from the production run.

      • by fluffy99 (870997) on Sunday February 07, 2010 @11:02PM (#31057350)

        And if the quality is sub-par they're going to be complaining about crappy Cisco hardware when it's not Cisco's fault, affecting their brand image.

        All true. Do you know if Cisco is honoring warranties on the counterfeits. Surely when you call in a TAC case, they know from the serial number if it's legitimate or not.

      • by kimvette (919543)

        Cheap lead-based solder could be used with the RoHS label.

        Oh, so you mean the counterfeits would actually be better? lead solder isn't "cheap" in the way you mean: it does not develop "tin whiskers" like tin-based solder does. Lead solder is also a lot more resistant to fatigue and breakage due to vibration, shock, etc.

      • Cheap lead-based solder could be used with the RoHS label.

        That's actually a better solution then the damn ROHs compliant crap that's being used. No end of problems from Tin Whiskers causing shorts and failures. Hell I think the ROHs issue was dreamed up just to ensure the damn hardware would fail in less time then it used to. Engineered Obsolescence so people have to replace it more frequently (Buy Buy Buy) is the name of the game nowday instead of selling a quality product that will last for 10 years.

      • by houghi (78078)

        Yeah and having the brand on it won't have any of those inferior stuff or any of those situations happen. Right? only fake batteries explode and only fake cars need to be recalled (and I am not taking about Toyota)

      • Oh, dear, yes. I've had just this happen with Adaptec controllers: this sort of nonsense is extremely common in low-end "pizza-box" servers. I've cost such vendors money and gotten the compoany I worked for barred as a customer when shown the non-spec detritus that was inside them, read the vendor the riot act on their contract, and shipped back the whole pallet of servers for them to replace components with the parts we actually ordered. The idiot over in purchasing kept buying non-approved hardware from t

      • by magarity (164372)

        Toxic waste could be dumped in the garbage
         
        In China they already dump the toxic waste from manufacturing the legit products straight into the town storm drains.

    • The question is, what counts as counterfeit hardware? Is he taking, say "genuine" Cisco hardware (as in, made in the same factory just not with the Cisco name on it) and selling it as real Cisco hardware, is he taking inferior components to make his hardware, is the hardware functional?

      To a very large degree, it doesn't much matter whether he's using the same components as are found in the official Cisco hardware.

      Even if the hardware he's selling is 100% identical to Cisco hardware, it isn't Cisco. This means that if I buy something thinking that it's Cisco, and have a problem, I'm going to call up Cisco and complain about it. And then they're going to tell me that I don't have their hardware. I'm wasting their time (and money)... And I've got a product that nobody is going to support

    • by lanner (107308) on Sunday February 07, 2010 @10:01PM (#31056970)

      I have some "fake" Cisco WIC cards for the 2600 series here in a couple of routers. I'll tell you that they work just as well as regular Cisco WIC cards, and the systems you install them into can't tell the difference. These have been running reliably for years now.

      Cisco is begging for a counterfeit market for their parts, because they mark up prices to insane levels.

      True, it's the research, development, documentation, and support that makes their products great, but charging what they charge is just stupid.

      Here's an example;

      Intel 2-port 10Gig network card, $2500.00

      http://www.cdw.com/shop/products/default.aspx?EDC=1352161 [cdw.com]

      Same EXACT card but branded as Cisco costs over $14000.00

      http://www.cdw.com/shop/products/default.aspx?edc=1424619 [cdw.com]

      Yes, these are the same cards, my company has several of the large ASA firewalls that these go into, and the Intel cards. Sit them side by side and they are identical. At most, different firmware, but I doubt it. I've never actually tried since we can't be dorking around with production equipment.

      Newer Cisco routers and switches are now using licensing for features and ports, so installing non-Cisco-extortion-priced parts won't really be an issue anyway. Reference the 3750-E/3560-E switches and those new 1900/2900/3900 series routers.

      • by LordLucless (582312) on Sunday February 07, 2010 @10:11PM (#31057030)
        So, buy the cheap parts. Selling identical, unbranded hardware isn't a crime (patent issues aside). The Cisco ones come bundled with Cisco support and all that jazz. The problem is when people sell those cheap parts, but claim they are Cisco. People buy them at a higher price because they think they're getting Cisco, and hence, Cisco support. It's that fraud which is the crime.
        • I haven't worked with Cisco support all that much, just a few times with some access routers, WIC cards and miscellaneous software BS. But I'm pretty sure they always wanted my serial number or SmartNet info, and to get the latter you have to supply a serial number.

          Why wouldn't Cisco just reject these products because the serial numbers are wrong/bogus/nonexistent? It seems unlikely the counterfeits would have legitimate serial numbers, or if they cloned a range, ones that couldn't be flagged.

          And since wh

        • by rwyoder (759998) on Sunday February 07, 2010 @11:18PM (#31057432)

          So, buy the cheap parts. Selling identical, unbranded hardware isn't a crime (patent issues aside). The Cisco ones come bundled with Cisco support and all that jazz. The problem is when people sell those cheap parts, but claim they are Cisco. People buy them at a higher price because they think they're getting Cisco, and hence, Cisco support. It's that fraud which is the crime.

          Anyone who has purchased Cisco hardware knows that the price does not include support.
          Support is a separate line item that must be added to the purchase order.

          • by Anonymous Coward on Sunday February 07, 2010 @11:40PM (#31057576)

            This. This right fucking here. This is why I don't care if something hurts Cisco. They're bastards on their pricing and turning EVERYTHING in to an extra charge. Read the fine print, read the instructions twice, and keep a good hold of your wallet when you go in to buy Cisco. You are getting in to a product that will probably run you 4-5 times the already overblown up front price tag they initially show you once you get through licenses, support, etc.

            I've started building linux firewalls for small to medium businesses on recycled hardware. Businesses that were seriously considering (and often buy) hugely overpriced Cisco systems that don't really deliver... well... anything for their astronomical price. It works out a helluva lot better, and they never *need* support. Once you get in to enterprise level needs, you should be dealing with Juniper and the like since they actually deliver something amazingly capable for the price. Unlike Cisco.

            Why the hell is Cisco still in business, again?

            • Keifer Southerland and that chick who opened "Mr. Show"

            • Cisco is still in business because of their marketing department.

              For small to medium business a linux firewall works but a Sonicwall product has arguable merit. It requires less electricity to use, is easier to manage by any technician that walks in the door, USEFUL support contracts are available at minimal cost, and I challenge you to assemble a content filter / antispyare / antimalware / gateway antivirus solution on Linux that is anywhere close to as good.

              No I don't work for SonicWall and to be honest

              • by pnutjam (523990)
                PfSense [pfsense.com]is where it's at. Affordable support, top notch, their support is really great and you often talk to the developers. Even if you don't pay, they have an excellent community with a forum and mailing list. Use a server, an old PC, or slap it into an embedded system from hacom [hacom.net] or netgate [netgate.com]. Your customers will never even suspect it is just an x86 computer.

                I have never had better support then I got from all of these companies. They work with you to solve all issues and you talk to people who know
          • by RulerOf (975607)

            Support is a separate line item that must be added to the purchase order.

            At my last job, when I was working with sales reps and PC Connection, a piece of software I was looking at purchasing could not be sold without support, regardless of whether or not you wanted it. It was a separate line item, but for what it's worth, the vendor didn't actually list the price of their product without the support included anyway. The two items together came to the vendor's advertised price.

    • by Sleepy (4551)

      Fake is a broad definition but simple to describe: it's unauthorized and unsupported by Cisco.

      Trying to determine if the fakes are "0% accurate" or "50% accurate" is not really possible, given all the small parts and encrypted firmware, etc. It's counterfit.

    • The big thing that makes it counterfeit is that it says it is made by Cisco and isn't. That right there is what really causes the problem. There's nothing saying you can't make a device like a Cisco device and sell it. In fact, you'll find many companies do. HP's ProCurve switches were made to function a lot like Cisco switches (at least last time I used them, which was some time ago). For that matter you can make cards to plug in to Cisco's gear under your own label. All this is perfectly fine. However, wh

  • "You're telling me that Crisco makes delicious pie crusts AND hi-end networking equipment? Sold!"
    • by plover (150551) *

      I'm not saying that Cisco makes a greasy vegetable oil product.

      But Firefox's spellchecker insists is.

    • by Zen Hash (1619759)

      "You're telling me that Crisco makes delicious pie crusts AND hi-end networking equipment? Sold!"

      I've seen support requests emailed in from network admins needing assistance with their "Sysco [sysco.com] routers..."

  • Just think how much time he'd have gotten if they were *real* Ciscos!

  • win win for Cisco (Score:5, Insightful)

    by Anonymous Coward on Sunday February 07, 2010 @10:30PM (#31057134)

    Farm out production to cheap labor in a country that has little regard for IP. Cisco wins
    Get FBI and US justice department to enforce and foot the bill for counterfeiting under the guise of "National security". Cisco wins

    In both cases, Cisco wins and in all cases the US citizens lose. We foot the bill, lose the jobs, get Chinese made equipment in our government and pay with tax dollars to support Ciscos business decision.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Thank you, at least someone wrote up this point. That's the main question I have about this story. Why are my tax dollars going to enforce profitability for Cisco? If the people who got cheap networking equipment feel that they were wronged, let them bring a civil suit or let Cisco file suit on their behalf and on their own dime. You'll notice that criminal sentencing does not provide any restitution to those that were scammed. If the FBI has the time to act as corporate security guards, they need to be dow

  • And yet China continues to be a preferred trade partner to the "free" world. What the hell does this even mean anymore? They poison our children with first lead, then cadmium laced jewellery, they hack our networks an infest them with malware/spyware, force labor upon their own children, yet they are our "friends" because we can buy their crap for cheap and sell it at Walmart.

    Isn't it time to reevaluate our trade partner status with this country that is set on deceiving us with every opportunity they get?

  • by NicknamesAreStupid (1040118) on Monday February 08, 2010 @01:50AM (#31058330)
    About 13 years ago, the government of China contacted Cisco through its Hong Kong office and said "China has been very good to Cisco. Now it is time for Cisco to be very good to China." They forced Cisco to open factories in China, and China started a company later known as Huawei, run by some army generals. The Internet was becoming a major communications component of their country, both private and government, and they did not like the idea that their infrastructure would be made in America. Once Cisco opened their Chinese factories, someone in China began almost immediately cloning Cisco hardware. I wonder who? The clones were so close that they even had the same bugs.

    Cisco seemed to put up with this for a while, since almost all of the hardware was kept within China. Then, sometime in the last ten years, I can't remember when, Huawei started selling Cisco-like hardware worldwide. At that point, Cisco sued and forced them to stop all international sales of the disputed products. Later, Huawei rewrote its router code and even licensed code from another American company.

    So, what to do with all that surplus manufacturing capacity?
    • Well, whether you are against patent and copyright law or not, China is doing it's best to erode the spirit and application of these laws. For most intents and purposes, those laws do not work and barely exist there. Ideas circulate freely, DRM-free, patent-law-free, and copyright-free. Not legally - but in practice they do. Just as at Pirate Bay. If you ask me, the strongest political force to modify patent and copyright laws is piracy, not open-source. The reason is, there is strength in numbers. Many m
    • How had China been very good to Cisco up to that point if (at that time) China wasn't buying much of Cisco's stuff and Cisco wasn't manufacturing in China either?

  • If the routers are just as good as the "genuine" except that Cisco didn't get paid for the use of their name, then is not this another case, when the imaginary property (on "trademark") rears its ugly (if imaginary) head?

    Yes, the buyers were lead to believe, they are buying the "real" thing, but that's between them and the seller.

    But the US government is involved — on behalf of a fat corporation [yahoo.com], which means, Cisco ought now to be frowned upon, just as the mafiAA members are.

    And yet, kdawson see

  • I'd bet money that 1) this guy is an agent of the Chinese government in some way or another, and 2) a CRC of the microcode for the firmware in these routers would not match the CRC of the microcode in an American-made one.

    Think about it. If *I* were China and I wanted built-in industrial espionage capabilities through an undetectable backdoor, this is *exactly* how I'd do it - with trajaned firmware in counterfeit network hardware. You got yer plausible deniability, untraceability, undetectability, and a

Real computer scientists don't comment their code. The identifiers are so long they can't afford the disk space.

Working...