[liberationtech] Blue Coat and Syria

Wed Oct 19 18:40:29 PDT 2011

Perhaps not particularly relevant in light of all evidence stacked against
BlueCoat, but where does the law draw the line on this? As Aaron points out,
it would be relatively easy for Syrian govt to procure software indirectly
and for BlueCoat to claim ignorance & innocence. Do companies have a legal
responsibility beyond initial sale or does liability end there?

C

On Wed, Oct 19, 2011 at 7:46 PM, Aaron Huslage <huslage at gmail.com> wrote:

> Thanks Jake for the comment. This is informative :)
>
>
> On Sat, Oct 15, 2011 at 10:43 PM, Jacob Appelbaum <jacob at appelbaum.net>wrote:
>
>> On 10/15/2011 05:47 PM, Aaron Huslage wrote:
>> > Has anyone considered the possibility that these boxes were procured on
>> the
>> > (rather substantial) grey market that exists for network hardware? It
>> also
>> > seems to me that it would be trivially easy for any entity to buy a
>> bunch of
>> > network gear and have it shipped to a non-embargoed country where it is
>> then
>> > taken legally into Syria.
>> >
>>
>> The devices in question are not very old, I think they were probably
>> brand new.
>>
>> > You could even have service contracts on the stuff. No one would be the
>> > wiser. It's not like companies check up on the location of every box
>> they
>> > sell.
>> >
>>
>> They phone home and Bluecoat knows the geoip location as part of their
>> analytics service. Additionally the IP addresses of these servers are on
>> known Syrian IP addresses.
>>
>> > It doesn't take much imagination to see that BlueCoat isn't selling
>> anything
>> > to Syria directly...in the least, plausible deniability is intact.
>> >
>>
>> Your thoughts are speculation and while reasonable, I see no evidence to
>> support it.
>>
>> The evidence shows that there are Bluecoat devices in Syria. These
>> devices are running on Syrian IP addresses, phoning home to BlueCoat's
>> services and servers from Syria in a very detectable manner. All the
>> while Bluecoat denies it all and looks absolutely foolish.
>>
>> In addition, these devices have had upgrades in the last year. Bluecoat
>> has a direct hand in these matters and those in Syria aren't even
>> bothering to cover their tracks.
>>
>> All the best,
>> Jake
>>
>>
>>
>
>
> --
> Aaron Huslage
> http://blog.hact.net
> IM: AIM - ahuslage; GTalk - huslage at gmail.com; Skype - huslage
>
>
> _______________________________________________
> liberationtech mailing list
> liberationtech at lists.stanford.edu
>
> Should you need to change your subscription options, please go to:
>
> https://mailman.stanford.edu/mailman/listinfo/liberationtech
>
> If you would like to receive a daily digest, click "yes" (once you click
> above) next to "would you like to receive list mail batched in a daily
> digest?"
>
> You will need the user name and password you receive from the list
> moderator in monthly reminders.
>
> Should you need immediate assistance, please contact the list moderator.
>
> Please don't forget to follow us on http://twitter.com/#!/Liberationtech
>

-- 
Callie Wallace
@calliewallace
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20111019/91ac6ed5/attachment.html>