Activists have long grumbled about the privacy implications of the legal "backdoors"
that networking companies like Cisco build into their equipment—functions that
let law enforcement quietly track the Internet activities of criminal suspects.
Now an IBM researcher has revealed a more serious problem with those backdoors:
They don’t have particularly strong locks, and consumers are at risk.
In a presentation at the Black Hat security conference Wednesday, IBM
Internet Security Systems researcher Tom Cross unveiled research on how easily
the "lawful intercept" function in Cisco’s IOS operating system can be exploited
by cybercriminals or cyberspies to pull data out of the routers belonging to an
Internet service provider (ISP) and watch innocent victims’ online behavior.