• the NSA listed Cavium, an American semiconductor company marketing Central Processing Units (CPUs) - the main processor in a computer which runs the operating system and applications - as a successful example of a “SIGINT enabled” CPU vendor. Cavium, now owned by Marvell said it does not implement back doors for any government.
• the NSA compromised lawful Russian interception infrastructure, SORM. The NSA archive contains slides showing two Russian officers wearing jackets with a slogan written in Cyrillic: “you talk, we listen”. The NSA and/or GCHQ has also compromised "Key European LI [lawful interception] systems.
• among example targets of its mass surveillance program, PRISM, the NSA listed the Tibetan government in exile.

In case anyone here is unfamiliar with Cavium, their chips are used in network routers from well-known brands. For example, some models from Ubiquiti (the company behind EdgeRouter and UniFi).

Appelbaum adds that “Targeting lawful interception (LI) equipment is a known goal of the NSA”.

He says that it is not unreasonable to assume that parts, if not the entire American lawful interception system, known as CALEA, have been compromised.

In his doctoral thesis he says that key European lawful interception systems “have been compromised by NSA and/or GCHQ”. Appelbaum said that the Snowden archive contained “many named target systems, companies, and other countries” that had been impacted.

That may be the most important relevation, more so than the Cavium thing.

It shows that mass interception/surveillance apparatus are a big risk, even if they are lawful and created with the best of intention. The moment mass interception is implemented, it becomes a target for abuse. And Appelbaum’s publication show these systems actually were targeted and abused in multiple countries, by both local and foreign spies.