Where the hell was my computer going?

Last week, it came out in the news that the American National Security Agency  has been intercepting computers purchased from big companies like HP and Dell on route to the customer, and installing spyware for the purpose of spying on these customers. The tactic is called “interdiction”. Unluckily, this news came out 2 days after we ordered our brand new laptop from Dell.

I began my investigation to learn more about this revelation (thanks to Eddie Snowden himself), and what I discovered was something rather unnerving.

I began with calling Dell’s Customer Care phone center in India. I explained my concern and that I was possibly going to cancel my order pending more info. The operator responded instantly that yes, he was aware of this interdiction, and promptly followed up my question by telling me they had no information about it whatsoever. In fact, I was speaking with the wrong department entirely. To learn more, I must speak with the sales department. I asked to be transferred, but was met with another apology- sales representatives are only available online via Dell’s instant chat service. Well enough. That night I was 8th in line for the queue to chat with someone and decided to try again another day.

Now, I live in Canada. You may be asking, why is Ashta so paranoid about the American NSA be interested in spying on her? I’ve been keeping a close ear on all the coverage emerging, and apparently, the NSA is interested in spying on EVERYBODY. Here’s an article from Winnipeg’s Global Research, and the national CBC talking about this very thing.

Stuff *known and proven* about this:

  • The division is called Tailored Access Operations, and has hundreds of employees.
  • The malware/spyware is installed on your hard disc, meaning even if you format and re-install your whole operating system, it will remain.
  • Not only does it remain, upon connecting to the internet,  it prompts remote reinstallation of the malware/spyware
  • Dell is the only company that has come out with a statement saying they do comply with interdiction

A couple days later, I have the following chat with Nikkil Cheruku (who was also in India).

01/02/2014 04:27:45PM Agent (Nikhil_Cheruku): “Hi Ashta :)”
01/02/2014 04:28:42PM Ashta Cormier: “Hello”
01/02/2014 04:29:08PM Ashta Cormier: “i have placed an order already, but im considering acancellation”
01/02/2014 04:29:13PM Ashta Cormier: “maybe you can hep me decide”
01/02/2014 04:29:23PM Agent (Nikhil_Cheruku): “Glad you have chatted in today, I willbehappy to help you with the information.”
01/02/2014 04:29:27PM Agent (Nikhil_Cheruku): “let me know the order number, sothat I canpull up the information for you”
01/02/2014 04:29:52PM Ashta Cormier: “There is no order number yet. My customernumberis 666xxx”
01/02/2014 04:30:13PM Ashta Cormier: “recent news has come out about the NSAinstalling spyware on Dell computers being shipped to customers”
01/02/2014 04:30:39PM Ashta Cormier: “Are you aware of this process called “interdiction”?”
01/02/2014 04:31:04PM Agent (Nikhil_Cheruku): “i am sorry about that,we are not aware of that”
01/02/2014 04:31:15PM Agent (Nikhil_Cheruku): “we see that there is no order placed”
01/02/2014 04:31:38PM Agent (Nikhil_Cheruku): “let me know the payment method that youhave used at the time of placing the order”
01/02/2014 04:32:03PM Ashta Cormier: “On december 28th i placed an order for an inspiron15r using credit card”
01/02/2014 04:32:14PM Ashta Cormier: “totalling just under $xxxx”
01/02/2014 04:32:43PM Ashta Cormier: “i got notice that it has been acknowledged,but notyet processed.”
01/02/2014 04:33:34PM Agent (Nikhil_Cheruku): “Ashta, the order is not processed, it hasto beprocessed manually by the online order processing department”
01/02/2014 04:34:28PM Ashta Cormier: “How long does that take?”
01/02/2014 04:35:25PM Agent (Nikhil_Cheruku): “it will take 24 hours time to process the orderdo you want to place a request to cancel this order before placing it?”
01/02/2014 04:36:25PM Ashta Cormier: “but its been 5 days since placing the order. is that typicalfor processing?”
01/02/2014 04:37:57PM Agent (Nikhil_Cheruku): “i am sorry about that, Ashta, the online orders dueto the holiday season are on hold, and let me place a request to place theorder in the next 3 – 4 hours and email the order confirmation to you”
01/02/2014 04:39:03PM Ashta Cormier: “Can Dell insure that my privacy will not be violated, i wantsome kind of assurance that the packaged shipped from Dell will not makeit into the hands of the NSA. is this possible?”
01/02/2014 04:39:39PM Ashta Cormier: “does the computer get assembled and shipped from theUS or Canada?”
01/02/2014 04:40:14PM Agent (Nikhil_Cheruku): “No Ashta, Dell Computers will not be installedwithany other program or softwares which is not mentioned or any spywarewith out informing you”
01/02/2014 04:40:35PM Agent (Nikhil_Cheruku): “Ashta, only the softwares which are mentionedin the order confirmation will be installed”
01/02/2014 04:41:20PM Ashta Cormier: “what country will it come from?”
01/02/2014 04:41:52PM Agent (Nikhil_Cheruku): “the computer will be shipped from Texas, USA”
01/02/2014 04:42:05PM Ashta Cormier: “http://www.forbes.com/sites/erikkain/2013/12/29/report-nsa-intercepting-laptops-ordered-online-installing-spyware/
01/02/2014 04:43:21PM Ashta Cormier: “How can you be sure, when the above articledocuments this happening?”
01/02/2014 04:44:34PM Ashta Cormier: “here’s a better one: http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969-3.html
01/02/2014 04:45:52PM Agent (Nikhil_Cheruku): “Ashta, it is a generalized information andDell Computers will not be installed with any spyware”
01/02/2014 04:45:53PM Ashta Cormier: “i’m just looking for some assurance further thanthis chat.”
01/02/2014 04:46:43PM Ashta Cormier: “how can you make sure my package is not interceptedby another party?”
01/02/2014 04:47:39PM Agent (Nikhil_Cheruku): “the package will not be intercepted by any 3rdparty, it is direct from Dell to your place in a sealed box”
01/02/2014 04:49:59PM Ashta Cormier: “ok. i will print this chat out in case i need to use it in asuit. Were you personally aware of this recent news?”
01/02/2014 04:50:30PM Ashta Cormier: “You can go ahead and “place a request to place the orderin the next 3 – 4 hours and email the order confirmation to you””
01/02/2014 04:51:33PM Agent (Nikhil_Cheruku): “i was not aware of the news. However, no computerwas installed with any such spyware from Dell .”
01/02/2014 04:51:49PM Agent (Nikhil_Cheruku): “thank you , we have placed a request to placethe order”
01/02/2014 04:54:15PM Ashta Cormier: “thanks for your help”
01/02/2014 04:54:17PM Ashta Cormier: “http://www.computerworld.com/s/article/9245064/The_NSA_intercepts_computer_deliveries_to_plant_spyware
01/02/2014 04:54:22PM Agent (Nikhil_Cheruku): “you are welcome”
01/02/2014 04:54:39PM Ashta Cormier: “specifically mentions Dell”
01/02/2014 04:54:42PM Ashta Cormier: “^”
01/02/2014 04:56:27PM Ashta Cormier: “and this article says Dell officials comply: http://www.spiegel.de/international/world/catalog-reveals-nsa-has-back-doors-for-numerous-devices-a-940994.html
01/02/2014 04:56:44PM Ashta Cormier: “sorry, Dell officials *said* they do comply”
01/02/2014 04:57:29PM Ashta Cormier: “for your information. i suspect you’ll have to field similarconcerns in the future”
01/02/2014 04:58:11PM Agent (Nikhil_Cheruku): “Ashta, let me forward the article to my managerand email the information to you before processing the order”
01/02/2014 04:59:38PM Ashta Cormier: “i understand that its happening… just as long as it doesn’thappen to my computer. if that can be arranged, i will feel comfortable withprocessing the order.”
01/02/2014 05:00:43PM Ashta Cormier: “i welcome a telephone call from your manager ifpossible. 250-xxx-xxx
01/02/2014 05:01:44PM Agent (Nikhil_Cheruku): “yes, Ashta, you will receive a call beforeplacing order”
01/02/2014 05:02:17PM Ashta Cormier: “thank you very much.”
01/02/2014 05:02:22PM Agent (Nikhil_Cheruku): “you are welcome”
01/02/2014 05:02:39PM Ashta Cormier: “i trust that the balance has not yet been take from mycredit card,right?”
01/02/2014 05:02:48PM Ashta Cormier: “taken*”
01/02/2014 05:03:16PM Agent (Nikhil_Cheruku): “no, the credit card is not yet charged, once youreceive the order confirmation and the order being shipped from Delldepot your card will be charged”
01/02/2014 05:03:31PM Ashta Cormier: “ok good”
01/02/2014 05:06:41PM Agent (Nikhil_Cheruku): “thank you”
01/02/2014 05:07:51PM Agent (Nikhil_Cheruku): “Thank you for choosing Dell Sales Chat andhave a wonderful Evening”
01/02/2014 05:08:29PM Agent sent nudge
01/02/2014 05:08:32PM Ashta Cormier: “you too.”

The next day, I got a phone call from Customer Care. As per the promise of Nikhil, I am expecting this call to begin with reference to my concern about the computer being intercepted by the American government to install spyware on my product. Instead, this rep begins our conversation with “I’m calling to confirm your change in shipping address.”

Address change?

Trying not to sound too shocked, I ask  “What has the address been changed to?”  The rep reads me a Canadian address in a city located in Southern Ontario. I ask him to spell out the street name and confirm the postal code as I write it down.  I instruct him to change the shipping address back to the original one; my house. He sounds a little confused, but confirms this is done.

I ask him then if there are any other notes on my account regarding the recent news of interdiction occurring and my concern via chat about Dell publically admitting their compliance. He says no, “but may I place you on hold to request your chat log be sent to me?” I agree. He places me on hold. After waiting a while, he comes back on the line and says that he’s gotten the chat, and may I mind holding while he reads it? I don’t mind. On hold again. After a longer while, he came back on the line with a different tone of voice, uneasily reassuring me that Dell will not install any software unspecified in my order. I asked if he was personally aware of this recent news, and he said no. I asked what kind of assurance could he give me that my package will not be tampered with from the factory to my home. He explained (a little short of patience?) that if the box looks like it has been opened when it arrives at my home, to not open it, and call Dell right away.  I agree to have my order processed and sent directly to my house.  We hang up.

The next task at hand: to find out about this random address my package was about to be shipped to.

Thanks to the internet, I was able to not only find the address and see it from google streetview, but also discover the two businesses registered to this very same address (including the ‘lower level” specification).  Street view showed me a half-rundown neighbourhood centering on a typical middle-to-lower-class residential household (number confirmed), with a few expensive vehicles in the driveway.  Advanced searches led me to the two businesses: a designated driver service for hire on New Years (complete with a suped up skookum website), and an SMO-expert-for-hire service.

Social Media Optimization: SMO is similar to search engine optimization (SEO) in that the goal is to generate traffic and awareness for a website. In general, SMO refers to optimizing a website and its content in terms of sharing across social media and networking sites. Social media optimization is considered an integral part of an online reputation management (ORM) or search engine reputation management (SERM) strategy for organizations or individuals who care about their online presence.

Whoa. So… from what I can tell, my package was about to be sent to some person who’s good at computer networking and directing online stuff.

Why did Dell have this specific address? Why was my computer going to be sent there?  Would this person (who operates a basement-based computer business) have eventually sent me my package? What would they have done to it? I have their name and number, should I call and ask them? Does the NSA contract out their dirty work to computer-savvy individuals?

Here’s a Rap News from the Juice Media that explains some stuff about how crazy this all is…

Here is the transcript in case you missed any of the ill lyrics


Posted

in

by

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *