On Xerox and Security

During the cold war the only company that had the technology to build photocopying machines was Xerox. Photo copying was even more essential than it is now, since back then people relied more on paper than they did on computers, and as result everybody wanted their machines, that included the Soviet embassies dotting the globe. Back then only Xerox repairmen knew how to maintain their machines and that meant that Americans repairmen were allowed once a month into the impervious Soviet embassies to maintain the machines and even to change ink cartridges. The CIA decided to use that for their advantage.

Xerox Model 914

The repairmen were closely monitored during their visit, and smuggling papers out of the embassy was naturally out of the question they needed to find an alternative low risk solution and so Xerox created a team headed by Donald Carey to find that solution. The solution was a simple yet brilliant at the same time, they installed an off the shelf 8mm movie camera within the bulky photocopier, this camera would snap photos during the photo copying process. The camera hidden in plain sight would look just like the rest of the inner parts of the xerox machine. The repairman would then swap out the camera during his monthly visit along with the rest of the other parts that had to be replaced, and walk out of the embassy with the precious cargo and no body would think twice about what he had in his bag.

The system went into service starting 1963 and was successful enough for the CIA to ask to implement it into another smaller model, which entailed building a smaller custom built camera and modifying the design of that model. In 1969 another company was caught doing something similar so knowing that their machines would now be scrutinized they decided to shut down this project, but not the research contract.

The question now is, if that has happened in the 1960s, long before the prevalence of american technology, can you imagine what could be going on now? all 3 major OS are american (Linux-Mac-Windows), Same applies for enterprise products and even more alarming mobile OS.

In 2009 Etisalat UAE implanted a spyware in one of their “security updates” to their customers, this code relayed messages and monitored data transactions. It was exposed due to the performance impact it had on most users and that the classes were signed by SS8 a data discovery (spying) company.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s