Crackdown On Counterfeit Networking Gear 115
angry tapir writes "US agencies targeting the sale of counterfeit networking hardware have gotten 30 felony convictions, including a man attempting to sell fake networking equipment to the US Marine Corps, and seized $143 million worth of fake Cisco hardware. The agencies have conducted Operation Network Raider, which has made 700 separate seizures of networking equipment since 2005, the DOJ said. In addition to the convictions and seizures, nine people are facing trial and another eight defendants are awaiting sentencing."
Get em (Score:5, Insightful)
If people want to clone Cisco gear that's fine, just as long as they don't try to sell it to me as if it were the real thing
Re: (Score:2, Interesting)
You can only clone them if you're a state backed company like Huawei.
Time to collect (Score:1)
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
What if frogs tasted like strawberries?
Re: (Score:2)
Well, if they looked like strawberries, tasted like strawberries, had the same texture as strawberries and grew on the very same plant as the strawberries, tended by the same farmers, could you even call them frogs?
Re:Get em (Score:4, Insightful)
Re: (Score:2)
Don't forget the potential for insertion of malicious code or hardware that could potentially provide an enemy military either remote monitoring or remote killswitch capability. Remember, this gear is being sold to the US military.
Re: (Score:2)
Some of this gear is a new class of "counterfeit" to the point that the name doesn't really even apply. It comes from the very same production line as the legit Cisco gear. Cisco orders 1000 units made, the factory makes 1010. The extras get a fake serial number and are not documented for Cisco. Those are the "counterfeit" Ciscos.
The backing, warranty, and support is a real issue, not to mention the deception, but the quality is identical.
Re: (Score:1)
Due to the nature of the clones, a seller admitting they were cloned would be subject to immediate lawsuit and criminal action for willful infringement of patents and copyrights.
In other words, they are damned if they do, and damned if they don't. The only legal thing they can do is not sell clones at all.
Re: (Score:2)
Maybe, and maybe not. For instance, the extra 10 (or 100 or 1000) un
Re: (Score:2)
Of course that raises the ugly issue of how often the crappy quality components find their way in to the official product (possibly with faked markings).
Re: (Score:2)
Often enough, considering the bad capacitor incidents a while back... a lot of the bad capacitors were properly marked with a "clone" name (usually one very close to a name of a reputable company), but some of them were entirely counterfeit.
Re: (Score:2)
I'd interpret "same quality" as meaning the following
1: the components are the same quality
2: the testing procedure is the same
3: the reject critera are the same
Unless you are actually monitoring the complete process both for legitimate products and illegal ones or you have access to LARGE samples of both legit and pirate material and a comprehensive testsuite you have no way of verifying this.
Re: (Score:2)
It seems given that they run off the same line it would actually be MORE trouble to make a poorer product that looks perfect than to just make exact duplicates in every way.
Others may be true knock-offs and so anything could happen.
Re: (Score:2)
It seems given that they run off the same line it would actually be MORE trouble to make a poorer product that looks perfect than to just make exact duplicates in every way.
But actually making the product isn't the only part of the process that leads to a high quality product. After making the product it needs to be tested. Preferably under conditions more intense than it will see in service.
Consider for example that a factory could make products, sells the one that pass the test legitimately, scraps the on
Re: (Score:1)
You are very enthusiastic about this hardware with fraudulent markings.
If that is because you are using some of it, good luck.
Re: (Score:2)
Actually, I'm not. I just find it interesting. Fully identical gear at a fraction of the price. Not "Nearly as good" or "good enough", actually identical to the very last details. Even the DNA traces left on the inside are identical to the "real" gear.
I can well understand why someone would be ticked off if they bought it at Cisco prices expecting Cisco support and warranty services, but as far as the product itself is concerned, all Cisco users are using it.
Personally, I'd rather buy legit gear that does t
Re: (Score:2)
Not hard.
Just substitute cheaper components everywhere. Where a 1% resistor is ued, use a 5% or 10% resistor. Ditto caps. Where a certain processor is used, use a cheaper slower one. Software will overclock it (very few embedded processors actually have anti-overclock protections), so if it works, great! (Of course, it may crash more oft
Re: (Score:3, Insightful)
back doors (Score:3, Funny)
Re: (Score:2)
What if I could make cognac here in America that was indistinguishable from the genuine stuff? It's the same argument. If I mess up, it reflects badly on France, and likewise, mistakes in the router (don't think of it as a one-off indistinguishability but an ongoing process that could mess up at any time) reflect on Cisco.
Going back to brewing up some cognac in my bathtub now.
Re: (Score:1)
To the extent 'Cognac' is a generic name, you could call your clone cognac, as long as you are not posing as another brand name of the product.
Re: (Score:3, Informative)
Actually no, not in the United States or EU. Cognac is one of the few AC-style protections that you'll find in America:
"""
Cognac’s name is fiercely guarded and protected on multiple levels...Furthermore, Cognac A.O.C. fulfills the requirements under Article 23 of the Agreement of Trade Related Aspects of Intellectual Property (TRIPS) of the World Trade Organization (WTO)...each member of the WTO has the obligation to protect the geographical indication of wines and spirits by preventing the use of a n
Re: (Score:1)
What if it is identical to "geniune" Cisco gear? What difference does it really make, in terms of your ability to use the equipment?
In the IT world the warranty is very important. Business wants to know that if it's equipment fails it can get support from the manufacturer. For cloned gear, this aspect is completely missing and can cost businesses big money in the long run.
Re: (Score:2)
For some obscure reason it seems like they do a great effort of copying items instead of selling it as clones.
Maybe they have 3D copying machines!
Re: (Score:1)
The fact that the real gear is covered by manufacturer warranty and support contract
Re: (Score:2)
I hope they didn't make a mistake and grab the real gear. I've been trying to buy an ASA 5510 for like 2 months and it's been backordered to China like 3 times. Granted, they have a new OS out last month and they're shipping a new model with more RAM but jesus.
Good news, I suppose (Score:2, Interesting)
I'll take a stand and say, "meh."
Re:Good news, I suppose (Score:5, Insightful)
I suppose this is a good thing. Honestly though, I'm not entirely sure why this is considered news - the government has long been opposed to knock-offs of most things. It's a nice buff to the security community, but is so hard to detect that the over all effect is likely to negligible. I'll take a stand and say, "meh."
Still, it's better they target actual criminals than wasting our tax dollars supporting the likes of the RIAA.
Re: (Score:2)
You know, the RIAA has nothing to do with this case. This was trafficking in counterfeit Cisco gear not copyright infringement.
And of course, you present a false dilemma. Or do you really think "actual criminals" got away because resources were used in this case.
I thought so. I just utterly demolished and destroyed your lame, hackneyed comment.
I was only complaining about what I consider to be misuse of public funds on the one hand, and a legitimate use of them on the other. It's not a false dilemma ... time and effort the Justice Department expends on supporting anti-filesharing cases is time not spent going after real criminals of any stripe. I'm sure you're aware, if you're a regular Slashdot user, that Obama has shifted Justice's priorities in that regard (several top spots in the Department being filled by ex-music industry attorneys.) Yes,
Re: (Score:2)
Re: (Score:2)
This is the opposite of a waste of public funds. One of Cisco's biggest customers is the federal government. As such any spending of public money on cracking down on this... Saves the public money.
You didn't read my original post (or the last one, I guess.) I was saying that I think this was reasonable, but their support of the music industry's crackdown is not.
Re: (Score:1)
As such any spending of public money on cracking down on this... Saves the public money.
Not necessarily. The counterfeit market tends to drive prices downward. If hundreds of installations are using the counterfeit gear without any issues or problems, it could be time for the GSA to get involved and figure out what the government is giving so much money to Cisco for.
Re: (Score:2)
You know, the RIAA has nothing to do with this case.
That would be why it's better. Reading comprehension is a wonderful thing.
Re:Good news, I suppose (Score:5, Informative)
Still, it's better they target actual criminals than wasting our tax dollars supporting the likes of the RIAA.
Actually, this is not too far off. The devices in question are GBICs, which are available from various sources and are as close to a commodity items as it gets in this area of networking. However, the big network equipment suppliers (such as Cisco, but they aren't the only ones doing this) order modified GBICs (with device IDs) and restrict their hardware to run only with those, and not the much, much cheaper commodity ones. It turns out that some of these manufactures produce a surplus of those special GBICs and sell them through other channels, as compatible GBICs. It's still fraud if you sell them as originals (especially if you attach stickers with logos of the relevant router maker), but it's hard to see any national security implications. More often than not, these devices are the real thing, just not rubber-stamped by the respective router vendor.
And "counterfeit networking gear" makes it sound rather dramatic. It's more like fake ink cartridges.
Re: (Score:2)
Don't forget not backed by the warranty or tech support. It's national security if things break and the tech support line the vendor gave you redirects to HappyBurger
Look up "service unsupported-transceiver". (Score:3, Interesting)
It is possible to get non-Cisco GBICs working on a Cisco switch. It's just difficult to find the correct command to do so.
The command you want is "service unsupported-transceiver".
Re: (Score:1)
Re: (Score:2, Interesting)
Um... GBICs are not networking gear. They are optical (or copper) connection modules that plug into networking gear.
They are about as much networking gear in themselves as a Cat5 end.
I suppose next we will start seeing a crackdown on genuine Cisco Cat5 plug and fiber MT-RJ connector forgeries?
Re: (Score:2)
Pft, or like how they (Cisco) sell ram for routers at astonishingly high rates: like this over the-top example [newegg.com], and it's essentially just a 256MB DDR SDRAM. Sure, it's ECC, but last I checked you couldn't GIVE away 256MB SDRAMs. This is a standard PC or Laptop form factor. They also sell compact flash cards [provantage.com], which are regular CF cards, with a Cisco sticker, for 433 bucks, here's one [buy.com] that's 256MB (bigger) for 10.99!. So if idiots are buying them, maybe someone in China says "hey, we buy these surplus com
Re: (Score:1)
... it's essentially just a 256MB DDR SDRAM.
Please tell me you're joking ... US$1330 for this? Will Cisco routers take standard ECC SDRAMs instead?
knockoffs are different from counterfeits (Score:2)
If you want to buy a clone card, that's one thing. But if you decide you'd rather pay full price for the real thing, you shouldn't end up with a clone pretending to be the real thing.
Re:Good news, I suppose (Score:4, Funny)
Daaumn. To feign to be unimpressed on slashdot. Balls of steel, man... balls of steel.
What's really scary.... (Score:5, Insightful)
Re:What's really scary.... (Score:4, Funny)
Knowingly selling defective or fraudulent merchandise to DoD should be considered sabotage (it IS sabotage) and the offenders executed.
Be it an engine part that fails or comm equipment that breaks down or a mortar fuse that detonates the round in the mortar tube, knowingly selling bad or fake goods to DoD is sabotage.
Re: (Score:3, Insightful)
...to know that operation critical hardware could fail because it's a knock-off and poorly manufactured...
...or it could fail because its designed to fail at exactly the right time, in the right way. That our infrastructure and military hardware contain so many parts from China has to be one of their best strategic advantages in any conflict we might have. They would be silly not to try and use that.
Re: (Score:1, Flamebait)
Because they wouldn't do that with the legit pieces?
Is it shipped back to Cisco and scanned with an electronic microscope? I suppose it's not.
And I always hear people yapping about going at war with China, but do you realise that a true strategic advantage is that they can stop shelving Walmart?
Re: (Score:2)
Some people could say "I would be really happy if my cousin still lived because somewhere in someplace a network card failed and the troop which would kill him got killed himself."
Re: (Score:2)
i guess its not.
But the real point is that i would also not like to see such equipment in a hospital, in a emergency dispatch center or in a control room of a power plant (nuclear or not), a refinery or a chemical plant. There are a lot of jobs which are only safe as long as you have all information continuously available.
And always you should try to design systems in a way that minimizes the danger of dying.
Re: (Score:2)
Because having your cousin die somewhere in someplace for other reasons is ok?
How did you read that into what he said? Who modded you up?
Irreverent just pointed out that this is not some distant problem but one that can affect people you know.
Re: (Score:2, Informative)
To die is the soldier's job.
Spoken like someone who knows not the first thing about warfare.
Re: (Score:2)
Re: (Score:2)
I'm not a democrat,I'm not even an American, i m not dumb, I don't believe propaganda.
I just think it's very dumb to go kill and get killed for the oil companies.
Re: (Score:2)
And who gets killed?
The only kind of "intellectual property" I support (Score:1, Funny)
Trademarks. They're a form of honesty in advertising.
Cisco=Finisar+Cisco tax (Score:4, Informative)
From my understanding, Cisco uses Finisar GBICs but burns a custom serial number that IOS looks for before bringing up the port. I've made the mistake of putting a Finisar SFP in a Cisco switch and not realizing it until the port doesn't come up.
Of course, you can put a Cisco SFP in just about anything and it will work.
Not saying it makes what this guy did right, but still, if you're that sort of person who'd try to counterfeit, it would be pretty tempting.
Re: (Score:2, Interesting)
That's essentially right... and it's a massive tax - something like 2x or more - for which the 'value-add' from Cisco is essentially nothing. If someone figures out how to make non-Cisco full-spec GBICs work in their gear, there should be no reliability penalty at all.
Re: (Score:1)
Comment removed (Score:5, Interesting)
The Questions Never Answered (Score:2)
Re: (Score:2, Informative)
the stuff is basically finisar GBICs which cisco uses. these are modded with a flash to change the serial number so IOS can recognize them as genuine and a sticker saying cisco slapped on them. the performance is identical to cisco at a tenth of the price.
Re: (Score:2)
Except that you won't get any support from Cisco.
On its own this doesn't sound like the end of the world, but nobody ever rings support when everything is working just fine. You won't find this out until the Shit has Royally Hit the Fan, your manager and your users are breathing down your neck to get the issue fixed immediately and suddenly the 10 minutes you spent routinely updating your CV yesterday looks like it may come in useful rather sooner than you had hoped.
That's if you're lucky.
If you're unlucky
Re: (Score:3, Informative)
the stuff is basically finisar GBICs which cisco uses.
"Basically" covers a lot of ground. Suppose Cisco wants to guarantee 99.995 uptime/reliability. If the underlying equipment is insufficiently precise, Cisco's support engineers have to be sent out more often, which costs more than engineering that extra bit of reliability in hardware. Perhaps Cisco buys Finisar parts in bulk and bins those that don't pass some internal Cisco benchmark/quality inspection.
But that "generic" Finisar GBIC could well be a counterfeit.
Jerry Rawls, President and CEO of Finisar, remarked on the problems Finisar is having with fake GBIC fiber optic transceivers they have discovered at their customers’ premises. Photos were shown of two GBIC transceivers that looked identical from the outside, but only one was manufactured by Finisar. It would seem that the Rolex and Gucci phenomenon of low cost replicas has now reached the photonics community. The concern is that this may be the tip of the iceberg and many companies in the photonics business may be suffering revenue loss from exact ‘fakes.’
source [oida.org]
Cisco mark up on Finisar is huge (Score:2)
So what would you counterfeit? For the small cost of printing a Cisco label that knock off SFP will make you far more profit than the Finisar equivalent.
Before I knew what was being paid, I lobbied for Cisco branded Finisar SFPs, because I assumed the mark-up was going to be no more than 20%. It's not - it's in the order of at least 80%. If Cisco say that they provide far more QA to justify the huge mark up, that tends to imply that Finisar are very low quality ... so why are Cisco using them in the first p
Cicso Hardware ...? (Score:3, Insightful)
So what ... like 2-3 Core Switches?
Re: (Score:2)
Re: (Score:1)
happened to us too... (Score:5, Interesting)
I work for an agency under Department of Defense. We just received about $300k worth of fake Cisco stuff. Fortunately the problem was discovered before my podmate certified the vendor's invoice.
Vendor didn't get paid and contracting is still working the issue.
I wonder who really makes this stuff? (Score:4, Funny)
...attempting to sell fake networking equipment to the US Marine Corps...
After all the polemic about cyber-attacks from Russia & China, this could be more sneaky. Mass-produce some Cisco knock-offs, with a backdoor, and sell 'em cheap...I can see it now:
NetAdmin1: "So, no worried about $latest_attack, then?
NetAdmin2: "Nah, just installed the latest Cisco gear. Got a good price too!!!
Re: (Score:2)
Unfortunately, there's no need to do so. As a few people have pointed out, quite a lot of Cisco gear has been identified as having hardcoded backdoor passwords for "law enforcement" uses. Simply steal _those_ passwords, or obtain them from wherever crackers publish them, and you have quite a lot of network access. It's a major reason that relying on your VPN, your firewall, or your NAT for network security is clearly insufficient.
[Citation needed] (Score:2)
Re: (Score:2)
Pretty much any ISP level device or IOS/CatOS
http://www.forbes.com/2010/02/03/hackers-networking-equipment-technology-security-cisco.html [forbes.com]
http://cryptome.org/isp-spy/cisco-spy.pdf [cryptome.org]
http://www.networkworld.com/community/node/57070 [networkworld.com]
Re: (Score:2)
There's no hardcoded password in that "lawful intercept" stuff. There are bugs in it, and the auditing is inadequate, but it's not like just anybody who knows a password can turn it on, nor can any law enforcement or spy agency turn it on without help from the carrier. The bugs are more like it not complaining loudly enough when somebody tries to brute-force the password the operator has set.
Don't get me wrong. "Lawful intercept" is a bad idea and a huge security hole in every vendor's products (not just
Re: (Score:2)
well I was just giving links, I know there arent hardcoded pw's like the gp says, but I was just giving you some info. =)
How many of these did the NYSE and NASDAQ buy? (Score:2)
It's a misunderstanding... (Score:2)
they weren't passing it as network gear but analplugs:
http://cgi.ebay.fr/TANTUS-Anal-Plug-Cisco-black-/280424829098?cmd=ViewItem&pt=LH_DefaultDomain_71&hash=item414a9f50aa [cgi.ebay.fr]
Only 51 months in jail? Not 30 years? (Score:2)
18 U.S.C. 2154 : US Code - Section 2154: Production of defective war material, war premises, or war utilities
Whoever, when the United States is at war, or in times of national emergency as declared by the President or by the Congress, with intent to injure, interfere with, or obstruct the United States or any associate nation in preparing for or carrying on the war or defense activities, or, with reason to believe that his act may injure, interfere with, or obstruct the United States or any associate n
Cisco - not generic - counterfeit hardware (Score:4, Interesting)
I've seen the counterfeit hardware first hand. Modules for 2600 and 3600 series routers, mostly. That was a few years ago. It was cheap, and nobody at the *cisco partnered CCIE training company* which I will not mention cared. They worked, thats all that mattered.
Its like spam. If people continue to buy from spam adverts, we'll continue to see more spam. If people quit buying, the spammers will eventually move to something else.
They keep selling because it keeps on working.
Re: (Score:1)
The difference between a training company and most companies, is a training company uses most gear they buy for purposes that it won't be a big catastrophe if the equipment fails.
If the company were an ISP or a big telephone company, or other organization with a 24x7 network that HAS TO WORK, and they always make sure to buy the high-end support contract for all their network gear, to ensure any faulty component can be replaced in hours, not days, their opinion on the matter might be quite different :)
Mixed feelings (Score:4, Insightful)
I have really mixed feelings about this. Much of this hardware is not truly counterfeit. It's actually unofficial production from the same components in the same factories as the legit gear. The only way anyone (including Cisco) can tell it from the real thing is the serial numbers.
On one hand, this is fraud an I'm all for stopping fraud. On the other, it only happens because Cisco chose to go with the dirt-cheapest labor out there knowing very well this was a likely result. The use of law enforcement resources is just externalizing the cost. Meanwhile, part of the reason U.S. domestic labor is more costly in the first place is because it exists under a regulatory framework that mostly prevents exactly this sort of fraud.
So they offshore the production and then to add insult to injury, underemployed Americans get to foot the bill for fixing the INEVITABLE fraud, and so are forced to help make the offshoring possible and profitable for Cisco. It's almost like having your employer charge you a fee to process the paperwork for your involuntary layoff.
Perhaps Cisco should bring it back onshore so this sort of fraud doesn't happen in the first place. If the DoD is really concerned about the security of the networking gear (and they really SHOULD be), they should INSIST that Cisco at least make their gear domestically.
Cisco, profits and labor (Score:2, Interesting)
What I don't get is why Cisco doesn't task some employees to keep watch 24/7 over those factories where they make this stuff. Make it a condition of the contract that they get full time, go anyplace whenever they want, access. Then they can at least eliminate the same factories making knock offs at night. I guess they save one night shift payroll expense per factory and pass it on to the US tax payer so they can have dozens of federal employees try to stop it, after the fact.
In short, Cisco is sure a buncha
Get to the source? (Score:1)
here (Score:1)
Shouldn't restitution be paid back to the manufacturing country within the country of origin? Why is the 9t
Dude, wake up! (Score:2)
Someone in purchasing need to understand to stop buying from china, even though it is cheaper, they are almost always knock offs...even Sony had a big fiasco where a full plant was in china with logos and papers and everything said sony, but was fraudulent, and they only found out once someone got a hold of a return for repairs and noticed they were not at all the same on the inside, investigations further linked a factory in china compete with sony signs and all, responsible for selling sony labeled produc
Re: (Score:1)
Re: (Score:1)