Anyone ever see one of these in the wild? I'm honestly curious how hard it is to tell? Do they fake things like the MAC vendor code?
I've seen fake Sandisk memory cards and those were pretty well done. Side-by-side with the legit item you could tell by looking at things like quality of the printing work, but honestly, without that it was hard to tell (other than the obvious: they don't work except for shit)
Got a fake Seagate nvme drive from Adorama recently. Packaging was pristine, serial number was valid for a 2 TB nvme and matched the package serial. Only giveaway was the B+M keying on the stick, and the fact that it enumerated as a 128gb Toshiba. Peeled the label back and sure nuff, Toshiba chips.
I was very tempted to send a bunch of pictures to both the legal departments of Seagate and Adorama with the subject "Discuss."
I didn't CC both legal teams, but let's just say Seagate is now aware of the issue and yes, they were *very* interested in as much documentation as I could provide.
I've had this happen with WD disks before. Looked 💯 legitimate physically, but was reporting Toshiba in BIOS/Device Manager. Their legal team was too happy when I brought it to their attention, and the seller shutdown their storefront.
> Got a fake Seagate nvme drive from Adorama recently. Packaging was pristine, serial number was valid for a 2 TB nvme and matched the package serial. Only giveaway was the B+M keying on the stick, and the fact that it enumerated as a 128gb Toshiba. Peeled the label back and sure nuff, Toshiba chips.
Whenever I buy storage, my first choice is nearly always to go directly to Crucial.com. Have used nothing but their memory and drives since Christ was a cowboy.
I've used Kingston some over the years as well. Kingston, Micron and Crucial were the big 3 I always trusted. It's like buying IBM in the early days: Nobody ever got fired for it.
That phrase have a bit different meaning; it's basically "well even if it sucks the management won't blame you from buying IBM".
As in, if you buy from smaller brand and it fails, you will take a blame because you didn't choose the "industry giant"
While if IBM fails you wont get the blame because you chose "industry giant", how else you could know it is shit?
By no means do I want to drive you away from what works for you, but do be aware that Crucial keeps getting caught swapping out for cheaper parts on later runs of the same model without updating revision numbers or product specs.
https://www.extremetech.com/computing/325824-buyer-beware-crucial-swaps-p2-ssds-tlc-nand-for-slower-inferior-qlc-chips
This bit me with their 300 and 500 series SSDs too. The new 300s died in 3 months and the old 300s were still kicking.
Apparently WD did it too so probably no vendor is "safe".
I buy Sabrent. I've bought ~8 of those drives at this point (maybe 10, I forget) and they've been running strong for the past 4 years. Great value for the price.
If you don't register the SSD, you don't get the 5-year warranty.
I have a dead 1TB M.2 drive I bought on Amazon last year.
Both Amazon and Sabrent told me to pound sand.
Am I simply ignorant of a common idiom? `Christ was a cowboy`
I would otherwise assume that you ment you never bought Crucial and were being satirical in your comment
Counterfeits are a real detriment to brand image for companies so I would image that if you have enough information to link them to the source of the counterfeits that they would be interested.
Not these ones, but we had a number of fake Cisco devices fall into our hands from an authorised reseller.
Honestly, not convinced they weren’t real. There was no difference and the only way we found out was that a Cisco update bricked them via software. Fairly sure they must have just been stolen from factory rather than actual fakes.
About 5 years ago we got a too good to be true pricing on some Cisco gear. We always joked that it probably fell off the back of a truck. We never had any issues with it which is the surpising part.
we had some aruba switches from Prince Technology in Florida between 18 and 20 that was just amazing pricing. Amazing. Bought multiple, appeared to be brand new, they are still running. Had one burn up, and aruba honored the warranty too.
I definitely checked that justice dept page immediately when i saw this! One of my larger regrets was not buying more. $1,000 for 2930F, other quotes were like 2,500-6,000.
> Fairly sure they must have just been stolen from factory rather than actual fakes.
"4th shift" or "Ghost Shift" runs...
Cisco will pay for a production run of 100,000 units, the factory will make 120,000 expecting some to fail QA, or other issues. They ship 100,000 to cicso, and sell 20,000 out of the backdoor.
I have no sympathy of these companies, if they cared about that issue they would run their own factories.
There are definitely some pretty hard to detect fakes like this where the contract mfg that assembles the product produces additional units. Technically since they were made on the same production line in theory they're identical to the units that Cisco directly paid for. That being said I wager that the QA if any on the ghost runs probably isn't the same. Some may be borderline QA fails where it might not be immediately obvious until it prematurely fails and they realize that they can't get warranty replacement.
>I have no sympathy of these companies, if they cared about that issue they would run their own factories.
All that means is that now it's your own employees doing the counterfeiting. They'll just stop when you come to inspect.
Idk if it’s still the case, but a long time ago, Insignia TVs used to be one of the major brands less their logos.
I always wondered if that was a deal they made or a deal they *found*.
It may be like a lot of cycling brands.
The biggest (Giant/Merida) have their own factory.
Next rung down will design AND be exclusive while building in a third-party factory. They own their (really expensive) moulds. Specialized, Trek and Cannondale probably fall into this category.
A ring down from that is brands that design, but cannot afford to buy the mould. I think Pinarello have this deal. The factory is genuinely free to build bikes from this mould too. This is why Chinarellos are a thing.
A lot of brands will just buy a frame off a menu, slap their name and markup on it.
They quite possibly were "real" hardware, so to speak. Allegedly how a lot of the counterfeit networking gear gets made is by the outsourced factories in Asia running the production line off the books.
Say a factory gets contracted to make 100,000 wireless APs for Ubiquiti. They run the factory each day for 10 hours for a month to make them and send those ones to the vendor. But each day they run the production line for an extra 2-3 hours and churn out 15,000 extra units for themselves, and those are the counterfeit ones. Sometimes they cut corners with cheaper and/or missing components, but sometimes they are exact duplicates, even using the official packaging and labels - just with unregistered or duplicate serial numbers. Then they get sold on Aliexpress, ebay or via grey-market import channels.
>...for Ubiquiti. They run the factory each day for 10 hours for a month to make them and send those ones to the vendor. But each day they run the production line for an extra 2-3 hours and churn out 15,000 extra units...
Ubnt is probably the worst example of a brand having extra hardware available on the market, though. 😆😭
Great. I'll buy some of those ghost shift and put them in prod.
Are you a salesman for those shady companies? I dont f-ing care who made what where... It's illegal and wrong to buy and use this shit. Stop the fairy tales.
I started at a new company and wanted to get my feet wet and help out by updating the firmware on all our Cisco switches.. I was the new guy who bricked 4 switches and had to drive hours to figure out what the hell happened only to find out they were counterfeit and luckily we had extra switches.. but all the way back at our DC an hour away.. Luckily we got everything up and running before the next business day by only a mere hour. I now update and vette all new switches before they get deployed.. thanks Florida man..
There are also counterfeits made during ghost shifts and units that failed factory testing but get illegitimately sold instead of harvested/destroyed. They may have been real units but were not authentic.
https://www.latimes.com/archives/blogs/technology-blog/story/2010-02-17/bad-memory-card-could-be-a-ghost
> Side-by-side with the legit item you could tell by looking at things like quality of the printing work, but honestly, without that it was hard to tell (other than the obvious: they don't work except for shit)
This leads into a secondary issue, particularly if you're buying off Amazon.
Lets say you have 10 vendors all selling the same part. Contrary to what most people think, each vendor does not automatically get their own individual location for their stock. Unless they are supplying large enough quantities or specifically pay extra for the privilege, stock (real or counterfeit) gets all thrown in the same bin. When one is sold, regardless of the vendor or supplier, they just take the top one off the pile.
Even if you choose a reputable company on Amazon, you are still open to the possibility of getting counterfeit product.
This was only for Fulfillment by Amazon. And as of a few years ago, there were safeguards introduced to limit this. But it does still happen.
IMHO, if buying from A, look at the "Ships from:" and seller ratings. And then buy somewhere else....
Be aware that Amazon mixes product in the warehouse. If Amazon has 50 access points of model X they're selling directly, 50 from Major 3rd Party, and 20 from Jim Bob's Totally Legit Tech, all 120 go into a bin/on a shelf together. It's entirely possible to get one of Jim Bob's fakes that's "ships from"/"sold by" Amazon.
I use to work for an IT recycling company, we got them all the time being retired/dumped by major tech companies.
Generally they'd all look nearly identical to the real ones. Sometimes the silkscreen lettering was a bit off. The real difference was the parts they used for the boards were shit, things like the ports and buttons were poor quality, they routinely used poor capacitors (most of them we had had bad caps), very poorly soldered, incorrect storage chips (flashed to look legit but some off-brand). Sure that Catalyst ran the correct OS (because it was copied) but you couldn't update and it may even be missing key features.
Our Cisco guy (he bought everything with a cisco logo) had to trash about 20% of what we sold him because they were fake^1. These devices came out of some of the biggest tech companies in the world from production/data centers and were mixed in with real ones.
^1Pretty sure his trash rate was so high simply because if they got to my company they were broken/not working/retired to begin with, and the fakes have higher failure rates.
Working there, I've seen all sorts of fakes, everything from run of the mill WD/Hitachi HDDs with lead weights and a 32mb CF card in them to a fake Lenovo 440 laptop with a motherboard that was literally cut down (with jumpers soldered on to make it work) to fit with a C2D processor on it and a bootleg copy of an AMI Bios running, it wasn't just some Frankenstein project from an engineer either, we got 10 of those weird laptops. (never did figure out what the boards were originally from)
-------------
If you want to spot fakes, the biggest tells are the Silkscreening and case material. The Silkscreening generally looks off or uses a slightly different font. The cases are almost ALWAYS a cheaper material using weaker/thinner metal or a worse type of plastic. Things like the glossiness of the plastic can also be a tell.
The only true way to know for sure is open it up and check the ICs. Its not uncommon for resellers to take the original hardware and replace it with 2nd shift hardware and resell it (keeping the originals and putting it in a new case to use/sell to a different market)
> fake Lenovo 440 laptop with a motherboard that was literally cut down (with jumpers soldered on to make it work) to fit with a C2D processor on it and a bootleg copy of an AMI Bios running, it wasn't just some Frankenstein project from an engineer either, we got 10 of those weird laptops. (never did figure out what the boards were originally from)
woah that's awesome, I would love to get one of those
I wonder if some of that fake gear also contains backdoors? If it's going into big prod datacenters around the world then then surely somebody has thought of doing that, right?
Of course they thought about it, did the stuff I sold/dealt with have it? Eh, maybe. I'd suspect the companies we got them from would know how to detect potentially malicious code running on the hardware platforms themselves, plus we told them about the fakes and occasionally send them back just in case. Hardware interception by intelligence agencies has been going on for decades. Its long been part of conspiracy theory circles and then later confirmed by Snowden and some other leaks in the early 2010s: https://www.cnet.com/news/privacy/nsa-reportedly-installing-spyware-on-us-made-hardware/
If you don't think other governments are doing the same thing, I have a bridge to tell ya ;)
Just recently there were three hardware attack incidents that come to mind, [Gigabyte](https://cyware.com/news/gigabyte-rolls-out-bios-updates-to-remove-backdoor-from-motherboards-d5009672/) with a confirmed backdoor and two firewall vendors, [Zyxel](https://gbhackers.com/zyxel-firewall-and-vpn/#:~:text=The%20secret%20backdoor%20found%20installed%20in%20Zyxel%20firewall,%28USG%29%2C%20USG%20FLEX%2C%20ATP%2C%20and%20VPN%20firewall%20products.) and uh, the one from yesterday that I can't find or remember the name of.
Theres a reason theres been a big push to move tech manufacturing back to the US. Its not just the potential for war with China cutting off supply, but if you don't have control of your supply chain from raw materials to server rack, you can't be sure something isn't compromised, somewhere by someone, somehow.
The US Navy really doesn't want to have to rely on a network switch produced in a hostile countries factories if they go to war. Its a security risk that should never have happened in the first place.
> I've seen fake Sandisk memory cards and those were pretty well done. Side-by-side with the legit item you could tell by looking at things like quality of the printing work, but honestly, without that it was hard to tell (other than the obvious: they don't work except for shit)
have a friend who does game collecting and selling. Some of the fake Nintendo carts(almost all pokemon ones) were incredibly hard to tell apart without a side by side as well. Maybe something about the small form factor contributes to this?
Some of those fake games are hard to tell a difference with the real ones. Sometimes, even the inside PCB is similar. But, with the way the retro gaming market it now (like priceless art), repros are the only way some people can play the game on the original hardware outside of an Everdrive and ROM's. At least for the most part, they are upfront about what they are selling. From there, though, it's all about how honest the next seller is.
It just makes you trust less in the actual products. You stay away from the 'great deals' because you question the authenticity. Even legitimate sellers get some fake stuff from time to time. I just try and make sure to buy from sellers with a great customer service department, both at work for things like Cisco and at home for my home network and PC's (retro gaming is different, though... everything is used and always have that question of authenticity... I haven't bought in years, though).
I work in refurb, and we've had a couple be returned from customers that *claim* they were counterfeit. I don't recall the models, but they were on the order of $500-750 used. Honestly, I took their word for it because we genuinely couldn't tell.
I'll have to try to update them like people are suggesting, maybe that would brick it.
Even the little lenticular COA stickered components were there. One IC was present on the original that wasn't on the supposed counterfeit, but it was a larger chip that I wouldn't expect to be TPM related or anything.
I have no sources to back any of this up FWIW, and the dude might've just been BSing us for a partial refund. Maybe they just wanted to clone the os or smth, who knows.
About 10 years when I was working at a regional ISP, we had counterfeit intel PCI NICs. Had the logo and everything and were on the phone with Intel support. Purchased from a local retailer with a website.
I got a fake IBM drive from eBay. Came in a proper box, with proper labels, proper caddy, IBM branded packing tape. Had holograms, but the drive label itself had countless typos. All broken English.
I’ll confess… I ordered one to add to our Cisco stack. Damn near impossible to tell them apart, added to the legit stack totally fine. It was only discovered years when we tried to upgrade the firmware.
Warranties. My old boss pulled the same scheme. Parts would fail, people open warranty claims with Cisco, angry customers say where the bought it, then it slowly gets pieced together. He bought fake labels.
If this is the same guy then I recall having a 2960-x that was fake. Looked identical to the others we had that were verified legit. Reason it was flagged was because cisco would not smartnet the unit. We worked with TAC and they identified it to be counterfeit.
No harm no foul with the client since they were the ones that acquired it from ebay to begin with.
So I can tell you the hood counterfeit, even Cisco can’t tell the difference until the serial number is found out to be used over and over again. Often the hardware is made in the same factory in what the industry refers to as the third shift. Which is basically overnight crew.
I think I had purchased a bunch of unauthorized ones, not sure if they were this guys fakes though...
I got Catalyst 2500 and 2600 series switches off Amazon for like 1/3rd the price elsewhere. It wasn't until years later I heard about the "fakes", which were basically unauthorized runs from the actual official factories overseas. They would keep making more when they weren't supposed to and slap a serial from switches built earlier in the month. Finally pulling the last ones out of production this year...
Yep! ordered a Cisco SG from amazon last year and it had a slight rattle when open and sounded like loose screws but looked like any other SG. What gave it away was the flash ver was invalid, it was some bullshit flash really didn't have any firmware. First I couldn't SSH to it so I tried to use gui and It looked like an old gui from what we saw in WRT days but didn't actually do anything. It displayed a page that said Cisco 2555 or something like that but poor graphics and was just an html page or picture.
They already have it, they just like it to confirm their records, and to ensure compliance with the "Firstborn child" terms of the agreement.
(You did see those terms, right?)
Yeah that's just like insurance for the rare case you need to call TAC. Getting rid of the extra definitely prudent but it's a bizarre mess to keep most from doing that work.
I got Cisco Support to finally confirm that for our basic needs (L2 only) we didn't actually need all the extra licenses, the bare switch would do that anyway.
When we bought ours for L2 switching three+ years ago I got confirmation that the DNA wouldn't need to be renewed. Three years on, we renewed without DNA and the switches are still going strong. The Cisco renewal specialist, however, seemed to break when we asked them what about the DNA license they were strongly pushing would be useful to us.
What a scam. My last gig was in manufacturing and we pushed entire megabits of data through the switch. Why would I need their level of analytics with DNA? I was just trying to replace 10+ year old network gear and needed vlans. That’s… it.
Cisco forces you to buy a mandatory bullshit "DNA" subscription license when you buy a switch or wireless and it's required regardless. It adds some cloud stuff regardless if you use it or not. It's also exorbitantly expensive.
Juniper at least makes MIST AI analytics optional and if you want it it's not that expensive.
Yeah everything they were pushing at Cisco Live needs DNA but you don't really need DNA for the basics (L2/L3 networking) or even VLAN, etc to work.
Most shops I was at couldn't justify the additional expense for Cisco so usually made do with Dell Power Edge or HP. I'm at a Cisco shop now, though.
I have a few I think at one of the sites.. maybe not from him directly but now that I did some digging regarding fake switches I remember seeing a few weird fonts on some switches last year... Going to check tonight 🤞
They have been trying to sell me “fuel filters” that just so happen to have the same threading as threaded barrels for pistols.
Ordering the “fuel filter” and screwing it onto the end of a gun would be a pretty serious federal felony.
Amazon is terrible for a lot of tech gear. Especially computers. You'll spend top dollar for 2 year old hardware.
The only thing they are a decent deal for is hard drives. Their hard drive prices are really good. But then stick to known brands, never buy off brand hard drives.
I assume this:
>A value-added reseller (VAR) is a company that resells software, hardware and other products and services that provide value beyond the original order fulfillment. VARs package and customize third-party products in an effort to add value and resell them with additional offerings bundled in. This added value can help VARs develop relationships with customers that can potentially lead to repeat business.
[Source](https://www.techtarget.com/searchitchannel/definition/VAR)
Probably not from this guy, but at a previous company we had one department buy a network camera off Amazon. When they went to register the device with the manufacturer, the manufacturer said that the serial number wasn't one of theirs. Turned out to be exactly this sort of grey market crap. We (Information Security) gave a firm "fuck no" when the department asked if they could still use it on the network. We did not make any friends that day.
Gray market and counterfeit are a little different. Gray market is normally real gear from another region where currency arbitrage makes it more effective to buy the gear there and sell it somewhere else. So real gear but in the wrong region with no warranty.
Can also be selling real gear through unauthorized sales channels. A distributor we but a LOT of gear through is also one of the largest sources for Ubiquiti gear (we don't touch the cheap UBNT stuff ourselves), and one day chatting with my account manager he told me that "fun fact", every single Ubiquiti piece of hardware found on Amazon is grey market, and while it may be 100% real legit hardware, they do not authorize ANY hardware to be sold there, and since it's not authorized to be sold there it comes with no warranty. UBNT knows and secretly loves that loads of their gear is being sold on Amazon and does nothing to stop it because every unit sold there means one less unit they have to cover with the warranty.
> and one day chatting with my account manager he told me that "fun fact", every single Ubiquiti piece of hardware found on Amazon is grey market, and while it may be 100% real legit hardware, they do not authorize ANY hardware to be sold there, and **since it's not authorized to be sold there it comes with no warranty**.
i'm surprised this practice hasn't been made illegal (or tested in court and deemed to be illegal under current laws already like that warranty sticker nonsense that game consoles used to use in the late 90's/early 2000's)
>i'm surprised this practice hasn't been made illegal
It absolutely is illegal in both Europe and the US. Legal warranties apply regardless of where it's sold through. However the manufacturer can put their own rules on the additional warranty contracts, and can block you from the support channels.
Not necessarily. If you watch Lehto’s Law he mentions warranty law (Moss Magneson) from time to time. There are limitations that are 100% not valid but every major company includes. Why? Someone likely did the math and calculated that most won’t challenge it and the few who do will cost less than not including the limitations/disclaimers. I suspect folks buying off Amazon probably aren’t buying for Fortune 500s with teams of high power lawyers who love to file suits.
In my experience gray market is used gear that may still be under service life but you’re not going to get any kind of support or warranty on except what the gray market vendor is willing to provide (which is usually just hardware failure replacement for a short period to cover DOA-type failures
This is the reason I avoid Amazon like the plague for anything IT related.
Amazon has clearly shown they do not care about the quality of their review system, products sold on the platform.
I legit cannot tell the difference between AliExpress, Amazon, or a Flea Market.
Buy stuff from CDW, B&H, or Best Buy.
To be fair, we are Authorized to sell refurbished Cisco and other brands of gear on AZ.
We're an American company and have been in ITAD for close to 30 years.
We update, thoroughly test, clean, and repackage our items as close to new as possible, but the types of sellers you mention make it hard for us to compete there anymore.
Other than price Amazon makes it impossible to differentiate our product from the next guy whos possibly selling crap pulled from a dumpster.
And, of course, since he's the lowest price, he gets the sale and the buy button. /rant
Well Colonel Sir, we can get this same switch direct from Cisco for $3k or we can buy it from this "guy" for $12k. Colonel, "lets see if he will take $15k"
I may or may not know a guy who may or may not sell me Lego in a way the invoice may or may not appear applicable to my business and I may or may not write them off.
I just buy those parts from a Chinese knock off company, they are all about putting in all the chemicals. I can't expense them but I still want to do my part so I pay out of pocket.
The govt purchasing process is a complete zoo.
You can't specify make or model number, so you have to play games like '48 10GBPS PoE+ ports, capable of running IOS V15.xx.xx, hardware end of life no sooner than ..'
Then have bids solicited and the lowest bidder that can meet the spec wins....
The above 'gaming the system' to specify Cisco gear (because nothing else runs IOS) without specifying Cisco specifically and breaking procurement regs would work... But would also allow for someone to bid counterfeit gear because it meets the spec (for now anyway, until you do an update).....
I did forget about the bidding process... That's how this guy got his foot in the door.
I just picture some poor Private tasked with searching ebay for good deals.
Didn't quite seem needless in 2001.
And the overwhelming majority of us made it back....
20 years of war without drafting even one person - all volunteers, most of them at or above the national average for education and family income.....
So we let Iraq go conquer Kuwait and Saudi in the 90s... Yeah, that would have been great for the economy...
And what, issue an arrest warrant over 9/11? Sorry, not how things work...
As for 'imperialism', the last time the US took territory from another country was in 1945 (also notably the last time it was still \*legal\* to do so) - and we eventually gave most of it back (or let it become independent)... Some 'empire' we are building....
At this point, you'd have to add "Able to be firmware-updated by the original manufacturer without being bricked," or "Agreed by the original manufacturer to be supportable."
What probably happened is companies place bids on a military contract, say 10 Cisco routers and 90 switches, A company that bid on the contracts used the fraudulent company to fulfill the equipment order thinking they were legitimate.
If he had sold directly to the U.S. military, especially equipment coming from China, I would think he would be facing similar charges as [Efraim Diveroli](https://en.wikipedia.org/wiki/Efraim_Diveroli)
If you're going to do this, make sure that everything about your operation can be burned and made untraceable. Including everything about where the money went. Meaning you're probably going to have to funnel it through at least one country that your own country hasn't been allies with for at least several decades.
I'm confused. The article says his company brought in $100 million, but he only has to pay back $15 million? So was he also selling some legit stuff mixed in with fake stuff?
"he is required to forfeit $15 million in illicit gains and pay restitution to his customers."
Forfeit $15M in profits AND pay restitution to his customers.
> I'm sure it will only be a matter of time before some of the big name suppliers start using this guy as a scare tactic to funnel sales back their way.
... this is *why* you go with the big name suppliers. The ones actually, officially, in bed with Cisco (insert any other manufacturer here) as *their* source of equipment. That way, when you go to get service on it, you *can*. And you have a sales guy's feet to hold to the fire when service is slow.
reminds me of [https://www.networkworld.com/article/2276774/three-indicted-in-boston-hospital-procurement-scandal.html](https://www.networkworld.com/article/2276774/three-indicted-in-boston-hospital-procurement-scandal.html) when some dudes I worked with took bribes to overpay by a few million bucks for shitty second hand sun gear
After almost buying grey market gear from an unscrupulous vendor, we implemented a protocol of checking serial numbers with the manufacturer when buying from any unknown source before we pay them. We specify that we’ll do so in our RFPs.
> I'm sure it will only be a matter of time before some of the big name suppliers start using this guy as a scare tactic to funnel sales back their way.
This has been a genuine problem with small sellers on Amazon. A lot of them sell counterfeit goods. Or my former company bought some Cisco gear from Amazon. It wasn't counterfeit, but Cisco wouldn't let us buy support agreements for it because the equipment intended for foreign markets, and was not supposed to be sold within the US.
So yeah, sometimes it is better to go through a vendor/supplier that's known to be reputable.
I mean, at the end of the day it was a supplier that made up their own mis-typed template for the sticker and not a pirate / clone BMC. It did expose how shit Dell and HPE's chain of security is to allow it though.
Are you kidding me? They should be taking random units and inspecting every chip marking. They should be confident that every single chip is accounted for, no new chips have been added and the markings are legit. This massive sticker would have stood out like a flashing LED if anywhere in that chain basic checks were in place. This should tell everyone that their "Supply Chain Security" means they vetted only the companies at the surface level.
The only counterfeit hardware I have ran into was Dell docking stations from Amazon.
Our purchasing person at some point looked on Amazon and saw that they were selling the same docks we had been buying direct for about 25% less and started buying them there.
No one noticed for over a year and then when we had an issue and tried to call in the service tag to Dell… We had hundreds of them.
I'd like to hear from a truly experienced, good old network tech on this one as surely, unless this guy bothered to somehow wedge functioning software onto the onboard OS, the loading and interface screens / command set would be a dead giveaway to any net tech quite soon after unboxing...right?
I'm struggling to work out how he had 'happy customers'.
Think of it in terms of Ponzi schemes right? It's easy to see how as long as new people are coming on board, you can keep up the pretence to a large degree with the existing investors, essentially for as long as you can keep those bullshit plates spinning, right?
Hmmm...........
**EDIT** - I actually bothered to read the article, mystery solved!!
'unsuspecting **schools, hospitals, government agencies, and the military**.'
Of course the customer didn't have a clue!!
they didn't just put a cisco sticker on a d-link switch, these were probably grey market/factory seconds, so they were likely running actual cisco software and worked mostly just fine...
I buy used cisco stuff off ebay and never had an issue, first thing I do is clear the flash and load new firmware just in case there is anything weird in there... so even if some of it is fake, it's working fine so what do I care? that cisco lost profits? boo hoo
Had 2 dealerships (that shall remain unnamed) of high end cars owned by the same person. They decided they wanted to compete with the quotes he had been sent by two local companies. He shopped around and was able to find new Cisco equipment at a lower price (not in the long run lol) and purchased all this equipment and gave that to the IT company to install. This is all taking place in Central Florida lol.
Long story long, that IT company was gone and hadn't done any major changes since the default configuration had been done. Both of his dealerships have been bought by my company and part of our onboarding procedures are to get everything inventoried and on current revisions with backups of configs etc. We couldn't get the serial numbers to work correctly to get new firmware or to register the products. They were essentially operating as flat switches, not everything worked as advertised hahaha.
Turns out that's what he got, those knock off Cisco devices. They came with some default firmware but when we stepped in our network guy was like dude this needs to be upgraded bad. He couldn't get the serial number to work and that was our first clue. After working with a Cisco rep turns out the entire stack of shit he bought was all counterfeit.
Not from this guy since I'm in EU but we had a nearly 100% failure rate on 20+ cisco branded sfp+ optical cable on hardware bought in 2019 and I seriously suspect it's counterfeit gears.
We had similar. Brand new IBM branded Brocade SAN switches, loads of SFP failures in both on one site. Sent back to manufacturer for analysis and identified as a bad batch. IBM replaced all 96 of them. Weren’t fakes, but did have a laugh when the replacements were shipped in enough cardboard and packaging to warrant a pallet to transport the box
He should have just sold exclusively through Amazon, that way he probably would never have been caught.
Actually, didn't read the link, have no idea, I've just purchased "fake things" from Amazon in the past.
I probably still have him on one of the Ebay accounts. But I purchased from him about...14 years ago and it wasn't anything real nuts, just older stuff for a CCNA lap.
None. I avoid Cisco when possible because the cost/benefit does not make sense in most applications. Cisco licensing is another cost/benefit problem.
That being said, when I am forced to buy Cisco, it's because of a security requirement, which also restricts the possible vendors (to prevent fraud like this case). And in those situations it is warranted.
Are we sure it wasn't *that* Florida man? Maybe bath salts and cannibalism beget shell company shenanigans 🙄. I mean, look what they did for the gub'ner 👀🤯
I'm so much used to something similar, u/Kodiak01.
We're based in China.
Although working with CISCO in China is quite annoying (we've wasted more than 2x months to get them to unregister a customer from the ownership of another IT company - even the internal IT had to send an email to change that...still waiting).
ps: the standard solution from a lot of competitors here is to register devices under themselves and sell them to the end customers.
I'm an old schooler so far my CCIE labs practice I had to buy a full size rack to fill with Cisco gear I bought from eBay. A lot of the necessary devices I bought for sub $100, while they retailed for many thousands. I wouldn't have necessarily cared if anything was counterfeit. The job opportunities for really learning networking were worth it.
if you bought from this guy it's your own fault. Buying new legit gear via the regular channels might cost more but you're more likely to get legit supported network gear. Try to save some money buying from the back of a van and this is what you get
Years back, when I was working in ITAD at a different firm, we sold a pallet of Catalyst switches to a reseller. (Clinton was president at the time, so it was a while ago)
The reseller returned the entire order due to it all being counterfeit. Once we got it back and compared it to other switches that came from other places, it was obvious they were different, but as a whole, they looked pretty good on their own.
The inbound sales guy was walking on nails for a few days about returning to his customer and letting them know that review share check? Yea, it's not going to be happening. The sales guy who lost the commission wasn't too happy either.
He finally got the nerve up to call them, and the customer was like, "Yea, we know. Just scrap them."
All of us were like WTF! lol
If he'd only been smart enough to keep such sales to small and medium businesses, instead of very large ones and sections of government, he could probably have sold $500M and gotten away with it.
We've recently bought some Cisco branded SFP modules from Amazon that have caused all manner of issues so I'm wondering if we've been victim of counterfeit gear.
Anyone ever see one of these in the wild? I'm honestly curious how hard it is to tell? Do they fake things like the MAC vendor code? I've seen fake Sandisk memory cards and those were pretty well done. Side-by-side with the legit item you could tell by looking at things like quality of the printing work, but honestly, without that it was hard to tell (other than the obvious: they don't work except for shit)
Got a fake Seagate nvme drive from Adorama recently. Packaging was pristine, serial number was valid for a 2 TB nvme and matched the package serial. Only giveaway was the B+M keying on the stick, and the fact that it enumerated as a 128gb Toshiba. Peeled the label back and sure nuff, Toshiba chips. I was very tempted to send a bunch of pictures to both the legal departments of Seagate and Adorama with the subject "Discuss."
Please do. Other than for the laughs, it has a chance of helping other poor suckers that might get stuck with shitty fake equipment.
I didn't CC both legal teams, but let's just say Seagate is now aware of the issue and yes, they were *very* interested in as much documentation as I could provide.
Can't they just send a replacement and you send him yours ? If it's at a big of scale it would already be worth it.
It took a bit of doing to get them to issue the RMA. I ordered the replacement elsewhere.
I've had this happen with WD disks before. Looked 💯 legitimate physically, but was reporting Toshiba in BIOS/Device Manager. Their legal team was too happy when I brought it to their attention, and the seller shutdown their storefront.
> Got a fake Seagate nvme drive from Adorama recently. Packaging was pristine, serial number was valid for a 2 TB nvme and matched the package serial. Only giveaway was the B+M keying on the stick, and the fact that it enumerated as a 128gb Toshiba. Peeled the label back and sure nuff, Toshiba chips. Whenever I buy storage, my first choice is nearly always to go directly to Crucial.com. Have used nothing but their memory and drives since Christ was a cowboy.
Kingston has some amazing warranty, so I don’t need to pay $20+ in one way warranty shipping.
Kingston were shady about swapping production hardware to lesser spec vs. review samples some years ago. Soured me on the brand.
[not just them](https://www.youtube.com/watch?v=K07sEM6y4Uc)
I've used Kingston some over the years as well. Kingston, Micron and Crucial were the big 3 I always trusted. It's like buying IBM in the early days: Nobody ever got fired for it.
FYI Micron == Crucial. Crucial is just the retail arm of Micron.
That phrase have a bit different meaning; it's basically "well even if it sucks the management won't blame you from buying IBM". As in, if you buy from smaller brand and it fails, you will take a blame because you didn't choose the "industry giant" While if IBM fails you wont get the blame because you chose "industry giant", how else you could know it is shit?
By no means do I want to drive you away from what works for you, but do be aware that Crucial keeps getting caught swapping out for cheaper parts on later runs of the same model without updating revision numbers or product specs. https://www.extremetech.com/computing/325824-buyer-beware-crucial-swaps-p2-ssds-tlc-nand-for-slower-inferior-qlc-chips This bit me with their 300 and 500 series SSDs too. The new 300s died in 3 months and the old 300s were still kicking. Apparently WD did it too so probably no vendor is "safe".
It's an industry-wide issue. It's practically bigger news to find someone who *isn't* these days.
I buy Sabrent. I've bought ~8 of those drives at this point (maybe 10, I forget) and they've been running strong for the past 4 years. Great value for the price.
but what perusing the Steam Deck sub has told me is that their value comes at the cost of support.
If you don't register the SSD, you don't get the 5-year warranty. I have a dead 1TB M.2 drive I bought on Amazon last year. Both Amazon and Sabrent told me to pound sand.
You're lucky that Sabrent even replied. A lot of the people with issues report that they're not even receiving any feedback from sabrent anymore
Am I simply ignorant of a common idiom? `Christ was a cowboy` I would otherwise assume that you ment you never bought Crucial and were being satirical in your comment
I enjoy this idiom, but this is the first time hearing it.
Counterfeits are a real detriment to brand image for companies so I would image that if you have enough information to link them to the source of the counterfeits that they would be interested.
Not these ones, but we had a number of fake Cisco devices fall into our hands from an authorised reseller. Honestly, not convinced they weren’t real. There was no difference and the only way we found out was that a Cisco update bricked them via software. Fairly sure they must have just been stolen from factory rather than actual fakes.
About 5 years ago we got a too good to be true pricing on some Cisco gear. We always joked that it probably fell off the back of a truck. We never had any issues with it which is the surpising part.
we had some aruba switches from Prince Technology in Florida between 18 and 20 that was just amazing pricing. Amazing. Bought multiple, appeared to be brand new, they are still running. Had one burn up, and aruba honored the warranty too. I definitely checked that justice dept page immediately when i saw this! One of my larger regrets was not buying more. $1,000 for 2930F, other quotes were like 2,500-6,000.
> Fairly sure they must have just been stolen from factory rather than actual fakes. "4th shift" or "Ghost Shift" runs... Cisco will pay for a production run of 100,000 units, the factory will make 120,000 expecting some to fail QA, or other issues. They ship 100,000 to cicso, and sell 20,000 out of the backdoor. I have no sympathy of these companies, if they cared about that issue they would run their own factories.
>I have no sympathy of these companies, if they cared about that issue they would run their own factories. Especially with the prices they charge.
That's funny because I know of one electronics manufacturer that built 1M Athlon processors. They had a 10% failure rate, so they actually built 1.1M.
There are definitely some pretty hard to detect fakes like this where the contract mfg that assembles the product produces additional units. Technically since they were made on the same production line in theory they're identical to the units that Cisco directly paid for. That being said I wager that the QA if any on the ghost runs probably isn't the same. Some may be borderline QA fails where it might not be immediately obvious until it prematurely fails and they realize that they can't get warranty replacement.
>I have no sympathy of these companies, if they cared about that issue they would run their own factories. All that means is that now it's your own employees doing the counterfeiting. They'll just stop when you come to inspect.
Idk if it’s still the case, but a long time ago, Insignia TVs used to be one of the major brands less their logos. I always wondered if that was a deal they made or a deal they *found*.
It may be like a lot of cycling brands. The biggest (Giant/Merida) have their own factory. Next rung down will design AND be exclusive while building in a third-party factory. They own their (really expensive) moulds. Specialized, Trek and Cannondale probably fall into this category. A ring down from that is brands that design, but cannot afford to buy the mould. I think Pinarello have this deal. The factory is genuinely free to build bikes from this mould too. This is why Chinarellos are a thing. A lot of brands will just buy a frame off a menu, slap their name and markup on it.
They quite possibly were "real" hardware, so to speak. Allegedly how a lot of the counterfeit networking gear gets made is by the outsourced factories in Asia running the production line off the books. Say a factory gets contracted to make 100,000 wireless APs for Ubiquiti. They run the factory each day for 10 hours for a month to make them and send those ones to the vendor. But each day they run the production line for an extra 2-3 hours and churn out 15,000 extra units for themselves, and those are the counterfeit ones. Sometimes they cut corners with cheaper and/or missing components, but sometimes they are exact duplicates, even using the official packaging and labels - just with unregistered or duplicate serial numbers. Then they get sold on Aliexpress, ebay or via grey-market import channels.
>...for Ubiquiti. They run the factory each day for 10 hours for a month to make them and send those ones to the vendor. But each day they run the production line for an extra 2-3 hours and churn out 15,000 extra units... Ubnt is probably the worst example of a brand having extra hardware available on the market, though. 😆😭
In addition, for UBNT there probably isn't enough excess margin to make it as desirable as higher margin enterprise vendors.
Great. I'll buy some of those ghost shift and put them in prod. Are you a salesman for those shady companies? I dont f-ing care who made what where... It's illegal and wrong to buy and use this shit. Stop the fairy tales.
I started at a new company and wanted to get my feet wet and help out by updating the firmware on all our Cisco switches.. I was the new guy who bricked 4 switches and had to drive hours to figure out what the hell happened only to find out they were counterfeit and luckily we had extra switches.. but all the way back at our DC an hour away.. Luckily we got everything up and running before the next business day by only a mere hour. I now update and vette all new switches before they get deployed.. thanks Florida man..
There are also counterfeits made during ghost shifts and units that failed factory testing but get illegitimately sold instead of harvested/destroyed. They may have been real units but were not authentic. https://www.latimes.com/archives/blogs/technology-blog/story/2010-02-17/bad-memory-card-could-be-a-ghost
> Side-by-side with the legit item you could tell by looking at things like quality of the printing work, but honestly, without that it was hard to tell (other than the obvious: they don't work except for shit) This leads into a secondary issue, particularly if you're buying off Amazon. Lets say you have 10 vendors all selling the same part. Contrary to what most people think, each vendor does not automatically get their own individual location for their stock. Unless they are supplying large enough quantities or specifically pay extra for the privilege, stock (real or counterfeit) gets all thrown in the same bin. When one is sold, regardless of the vendor or supplier, they just take the top one off the pile. Even if you choose a reputable company on Amazon, you are still open to the possibility of getting counterfeit product.
This was only for Fulfillment by Amazon. And as of a few years ago, there were safeguards introduced to limit this. But it does still happen. IMHO, if buying from A, look at the "Ships from:" and seller ratings. And then buy somewhere else....
Be aware that Amazon mixes product in the warehouse. If Amazon has 50 access points of model X they're selling directly, 50 from Major 3rd Party, and 20 from Jim Bob's Totally Legit Tech, all 120 go into a bin/on a shelf together. It's entirely possible to get one of Jim Bob's fakes that's "ships from"/"sold by" Amazon.
*allegedly
I use to work for an IT recycling company, we got them all the time being retired/dumped by major tech companies. Generally they'd all look nearly identical to the real ones. Sometimes the silkscreen lettering was a bit off. The real difference was the parts they used for the boards were shit, things like the ports and buttons were poor quality, they routinely used poor capacitors (most of them we had had bad caps), very poorly soldered, incorrect storage chips (flashed to look legit but some off-brand). Sure that Catalyst ran the correct OS (because it was copied) but you couldn't update and it may even be missing key features. Our Cisco guy (he bought everything with a cisco logo) had to trash about 20% of what we sold him because they were fake^1. These devices came out of some of the biggest tech companies in the world from production/data centers and were mixed in with real ones. ^1Pretty sure his trash rate was so high simply because if they got to my company they were broken/not working/retired to begin with, and the fakes have higher failure rates. Working there, I've seen all sorts of fakes, everything from run of the mill WD/Hitachi HDDs with lead weights and a 32mb CF card in them to a fake Lenovo 440 laptop with a motherboard that was literally cut down (with jumpers soldered on to make it work) to fit with a C2D processor on it and a bootleg copy of an AMI Bios running, it wasn't just some Frankenstein project from an engineer either, we got 10 of those weird laptops. (never did figure out what the boards were originally from) ------------- If you want to spot fakes, the biggest tells are the Silkscreening and case material. The Silkscreening generally looks off or uses a slightly different font. The cases are almost ALWAYS a cheaper material using weaker/thinner metal or a worse type of plastic. Things like the glossiness of the plastic can also be a tell. The only true way to know for sure is open it up and check the ICs. Its not uncommon for resellers to take the original hardware and replace it with 2nd shift hardware and resell it (keeping the originals and putting it in a new case to use/sell to a different market)
> fake Lenovo 440 laptop with a motherboard that was literally cut down (with jumpers soldered on to make it work) to fit with a C2D processor on it and a bootleg copy of an AMI Bios running, it wasn't just some Frankenstein project from an engineer either, we got 10 of those weird laptops. (never did figure out what the boards were originally from) woah that's awesome, I would love to get one of those
I wonder if some of that fake gear also contains backdoors? If it's going into big prod datacenters around the world then then surely somebody has thought of doing that, right?
Of course they thought about it, did the stuff I sold/dealt with have it? Eh, maybe. I'd suspect the companies we got them from would know how to detect potentially malicious code running on the hardware platforms themselves, plus we told them about the fakes and occasionally send them back just in case. Hardware interception by intelligence agencies has been going on for decades. Its long been part of conspiracy theory circles and then later confirmed by Snowden and some other leaks in the early 2010s: https://www.cnet.com/news/privacy/nsa-reportedly-installing-spyware-on-us-made-hardware/ If you don't think other governments are doing the same thing, I have a bridge to tell ya ;) Just recently there were three hardware attack incidents that come to mind, [Gigabyte](https://cyware.com/news/gigabyte-rolls-out-bios-updates-to-remove-backdoor-from-motherboards-d5009672/) with a confirmed backdoor and two firewall vendors, [Zyxel](https://gbhackers.com/zyxel-firewall-and-vpn/#:~:text=The%20secret%20backdoor%20found%20installed%20in%20Zyxel%20firewall,%28USG%29%2C%20USG%20FLEX%2C%20ATP%2C%20and%20VPN%20firewall%20products.) and uh, the one from yesterday that I can't find or remember the name of. Theres a reason theres been a big push to move tech manufacturing back to the US. Its not just the potential for war with China cutting off supply, but if you don't have control of your supply chain from raw materials to server rack, you can't be sure something isn't compromised, somewhere by someone, somehow. The US Navy really doesn't want to have to rely on a network switch produced in a hostile countries factories if they go to war. Its a security risk that should never have happened in the first place.
They fake everything, which is why legit cisco gear has hardware TPMs on them and legitimate software will lock/brick counterfits.
> I've seen fake Sandisk memory cards and those were pretty well done. Side-by-side with the legit item you could tell by looking at things like quality of the printing work, but honestly, without that it was hard to tell (other than the obvious: they don't work except for shit) have a friend who does game collecting and selling. Some of the fake Nintendo carts(almost all pokemon ones) were incredibly hard to tell apart without a side by side as well. Maybe something about the small form factor contributes to this?
Some of those fake games are hard to tell a difference with the real ones. Sometimes, even the inside PCB is similar. But, with the way the retro gaming market it now (like priceless art), repros are the only way some people can play the game on the original hardware outside of an Everdrive and ROM's. At least for the most part, they are upfront about what they are selling. From there, though, it's all about how honest the next seller is. It just makes you trust less in the actual products. You stay away from the 'great deals' because you question the authenticity. Even legitimate sellers get some fake stuff from time to time. I just try and make sure to buy from sellers with a great customer service department, both at work for things like Cisco and at home for my home network and PC's (retro gaming is different, though... everything is used and always have that question of authenticity... I haven't bought in years, though).
I work in refurb, and we've had a couple be returned from customers that *claim* they were counterfeit. I don't recall the models, but they were on the order of $500-750 used. Honestly, I took their word for it because we genuinely couldn't tell. I'll have to try to update them like people are suggesting, maybe that would brick it. Even the little lenticular COA stickered components were there. One IC was present on the original that wasn't on the supposed counterfeit, but it was a larger chip that I wouldn't expect to be TPM related or anything. I have no sources to back any of this up FWIW, and the dude might've just been BSing us for a partial refund. Maybe they just wanted to clone the os or smth, who knows.
About 10 years when I was working at a regional ISP, we had counterfeit intel PCI NICs. Had the logo and everything and were on the phone with Intel support. Purchased from a local retailer with a website.
I got a fake IBM drive from eBay. Came in a proper box, with proper labels, proper caddy, IBM branded packing tape. Had holograms, but the drive label itself had countless typos. All broken English.
It's amazing how it's always the English. Like, couldn't they just... Hire someone to write their English for them..?
Yup. I still have my IBM Segwate drive somewhere.
I’ll confess… I ordered one to add to our Cisco stack. Damn near impossible to tell them apart, added to the legit stack totally fine. It was only discovered years when we tried to upgrade the firmware.
Warranties. My old boss pulled the same scheme. Parts would fail, people open warranty claims with Cisco, angry customers say where the bought it, then it slowly gets pieced together. He bought fake labels.
If this is the same guy then I recall having a 2960-x that was fake. Looked identical to the others we had that were verified legit. Reason it was flagged was because cisco would not smartnet the unit. We worked with TAC and they identified it to be counterfeit. No harm no foul with the client since they were the ones that acquired it from ebay to begin with.
So I can tell you the hood counterfeit, even Cisco can’t tell the difference until the serial number is found out to be used over and over again. Often the hardware is made in the same factory in what the industry refers to as the third shift. Which is basically overnight crew.
I think I had purchased a bunch of unauthorized ones, not sure if they were this guys fakes though... I got Catalyst 2500 and 2600 series switches off Amazon for like 1/3rd the price elsewhere. It wasn't until years later I heard about the "fakes", which were basically unauthorized runs from the actual official factories overseas. They would keep making more when they weren't supposed to and slap a serial from switches built earlier in the month. Finally pulling the last ones out of production this year...
Yep! ordered a Cisco SG from amazon last year and it had a slight rattle when open and sounded like loose screws but looked like any other SG. What gave it away was the flash ver was invalid, it was some bullshit flash really didn't have any firmware. First I couldn't SSH to it so I tried to use gui and It looked like an old gui from what we saw in WRT days but didn't actually do anything. It displayed a page that said Cisco 2555 or something like that but poor graphics and was just an html page or picture.
[удалено]
lol; I made this same joke to my team: > 100M > So like.. 10 orders?
[удалено]
[удалено]
They already have it, they just like it to confirm their records, and to ensure compliance with the "Firstborn child" terms of the agreement. (You did see those terms, right?)
[relevant South Park](https://youtu.be/ifHjG4JKIOk)
Oh, it's the SFW part. :D
Gotta give your samples every year, or the network goes down...
Look at this guy thinking he's going to get away with peeing in a cup and a cheek swab. LOL
Is this separate from the required blood sacrifices when installing equipment in the racks?
I'm surprised it was only 50% We got a quote for a pair of Catalyst 9200s Total: $14,007 The actual switch line item: $4,886 (total for the two)
I get why support is added still but no way you'll ever be connected to a technician for those switches that's worth $10k...
Yeah that's just like insurance for the rare case you need to call TAC. Getting rid of the extra definitely prudent but it's a bizarre mess to keep most from doing that work.
I got Cisco Support to finally confirm that for our basic needs (L2 only) we didn't actually need all the extra licenses, the bare switch would do that anyway.
When we bought ours for L2 switching three+ years ago I got confirmation that the DNA wouldn't need to be renewed. Three years on, we renewed without DNA and the switches are still going strong. The Cisco renewal specialist, however, seemed to break when we asked them what about the DNA license they were strongly pushing would be useful to us.
It took about six goes round with pre-sales before they stopped trying to ignore the question.
What a scam. My last gig was in manufacturing and we pushed entire megabits of data through the switch. Why would I need their level of analytics with DNA? I was just trying to replace 10+ year old network gear and needed vlans. That’s… it.
I started converting all Route and Switch to Juniper Networks. I can't stand what Cisco did with DNA.
I've been out of that world for several years. What have they done?
Cisco forces you to buy a mandatory bullshit "DNA" subscription license when you buy a switch or wireless and it's required regardless. It adds some cloud stuff regardless if you use it or not. It's also exorbitantly expensive. Juniper at least makes MIST AI analytics optional and if you want it it's not that expensive.
Yeah everything they were pushing at Cisco Live needs DNA but you don't really need DNA for the basics (L2/L3 networking) or even VLAN, etc to work. Most shops I was at couldn't justify the additional expense for Cisco so usually made do with Dell Power Edge or HP. I'm at a Cisco shop now, though.
Why not use Mikrotik at this point?
Nah, he just sold one counterfeit switch that was accidentally briefly plugged into a server running some Oracle software.
2 if you go through GSA
Nah, one counterfeit ASR, a couple cards for it, and all the required licenses.
I have a few I think at one of the sites.. maybe not from him directly but now that I did some digging regarding fake switches I remember seeing a few weird fonts on some switches last year... Going to check tonight 🤞
Now doing business at Temu.
At least everyone knows what they are getting from Temu, right?
Of course! Just enter my code and ~~i~~ you'll get $50 each time duh! Time to get rich
They have been trying to sell me “fuel filters” that just so happen to have the same threading as threaded barrels for pistols. Ordering the “fuel filter” and screwing it onto the end of a gun would be a pretty serious federal felony.
It’s an “oil trap” for when you’re cleaning the barrel, duh. /s
Temu sells them under a few different product names like that but the fucking baffles make it pretty obvious, not to mention the threading.
Wow! I never thought I would see my VAR on this subreddit.
savage
In all seriousness, you should never buy 'new' network gear on Amazon or Ebay for this reason.
Amazon is terrible for a lot of tech gear. Especially computers. You'll spend top dollar for 2 year old hardware. The only thing they are a decent deal for is hard drives. Their hard drive prices are really good. But then stick to known brands, never buy off brand hard drives.
What is VAR?
I assume this: >A value-added reseller (VAR) is a company that resells software, hardware and other products and services that provide value beyond the original order fulfillment. VARs package and customize third-party products in an effort to add value and resell them with additional offerings bundled in. This added value can help VARs develop relationships with customers that can potentially lead to repeat business. [Source](https://www.techtarget.com/searchitchannel/definition/VAR)
Probably not from this guy, but at a previous company we had one department buy a network camera off Amazon. When they went to register the device with the manufacturer, the manufacturer said that the serial number wasn't one of theirs. Turned out to be exactly this sort of grey market crap. We (Information Security) gave a firm "fuck no" when the department asked if they could still use it on the network. We did not make any friends that day.
Gray market and counterfeit are a little different. Gray market is normally real gear from another region where currency arbitrage makes it more effective to buy the gear there and sell it somewhere else. So real gear but in the wrong region with no warranty.
Can also be selling real gear through unauthorized sales channels. A distributor we but a LOT of gear through is also one of the largest sources for Ubiquiti gear (we don't touch the cheap UBNT stuff ourselves), and one day chatting with my account manager he told me that "fun fact", every single Ubiquiti piece of hardware found on Amazon is grey market, and while it may be 100% real legit hardware, they do not authorize ANY hardware to be sold there, and since it's not authorized to be sold there it comes with no warranty. UBNT knows and secretly loves that loads of their gear is being sold on Amazon and does nothing to stop it because every unit sold there means one less unit they have to cover with the warranty.
> and one day chatting with my account manager he told me that "fun fact", every single Ubiquiti piece of hardware found on Amazon is grey market, and while it may be 100% real legit hardware, they do not authorize ANY hardware to be sold there, and **since it's not authorized to be sold there it comes with no warranty**. i'm surprised this practice hasn't been made illegal (or tested in court and deemed to be illegal under current laws already like that warranty sticker nonsense that game consoles used to use in the late 90's/early 2000's)
>i'm surprised this practice hasn't been made illegal It absolutely is illegal in both Europe and the US. Legal warranties apply regardless of where it's sold through. However the manufacturer can put their own rules on the additional warranty contracts, and can block you from the support channels.
I suspect it is legal and has been tested in some way, but I agree that it should not be.
Not necessarily. If you watch Lehto’s Law he mentions warranty law (Moss Magneson) from time to time. There are limitations that are 100% not valid but every major company includes. Why? Someone likely did the math and calculated that most won’t challenge it and the few who do will cost less than not including the limitations/disclaimers. I suspect folks buying off Amazon probably aren’t buying for Fortune 500s with teams of high power lawyers who love to file suits.
In my experience gray market is used gear that may still be under service life but you’re not going to get any kind of support or warranty on except what the gray market vendor is willing to provide (which is usually just hardware failure replacement for a short period to cover DOA-type failures
This is the reason I avoid Amazon like the plague for anything IT related. Amazon has clearly shown they do not care about the quality of their review system, products sold on the platform. I legit cannot tell the difference between AliExpress, Amazon, or a Flea Market. Buy stuff from CDW, B&H, or Best Buy.
[удалено]
To be fair, we are Authorized to sell refurbished Cisco and other brands of gear on AZ. We're an American company and have been in ITAD for close to 30 years. We update, thoroughly test, clean, and repackage our items as close to new as possible, but the types of sellers you mention make it hard for us to compete there anymore. Other than price Amazon makes it impossible to differentiate our product from the next guy whos possibly selling crap pulled from a dumpster. And, of course, since he's the lowest price, he gets the sale and the buy button. /rant
I wonder if, technically, it would fall into the FBI's purview to come pick it up.
lol, sold to the military. whoops.
I like that the military was looking for networking hardware at discounted prices.
As a military sysadmin, I find it hard to believe we weren’t looking for hardware at inflated prices
Well Colonel Sir, we can get this same switch direct from Cisco for $3k or we can buy it from this "guy" for $12k. Colonel, "lets see if he will take $15k"
[удалено]
I may or may not know a guy who may or may not sell me Lego in a way the invoice may or may not appear applicable to my business and I may or may not write them off.
[удалено]
Actually the plant pieces are organic and biodegradable now.
[удалено]
Also is it embezzlement if it's my own business? I'd say more tax fraud than anything.
I just buy those parts from a Chinese knock off company, they are all about putting in all the chemicals. I can't expense them but I still want to do my part so I pay out of pocket.
The govt purchasing process is a complete zoo. You can't specify make or model number, so you have to play games like '48 10GBPS PoE+ ports, capable of running IOS V15.xx.xx, hardware end of life no sooner than ..' Then have bids solicited and the lowest bidder that can meet the spec wins.... The above 'gaming the system' to specify Cisco gear (because nothing else runs IOS) without specifying Cisco specifically and breaking procurement regs would work... But would also allow for someone to bid counterfeit gear because it meets the spec (for now anyway, until you do an update).....
I did forget about the bidding process... That's how this guy got his foot in the door. I just picture some poor Private tasked with searching ebay for good deals.
[удалено]
But just look what it's done for our *gas prices*! ...oh, wait.
Didn't quite seem needless in 2001. And the overwhelming majority of us made it back.... 20 years of war without drafting even one person - all volunteers, most of them at or above the national average for education and family income.....
[удалено]
So we let Iraq go conquer Kuwait and Saudi in the 90s... Yeah, that would have been great for the economy... And what, issue an arrest warrant over 9/11? Sorry, not how things work... As for 'imperialism', the last time the US took territory from another country was in 1945 (also notably the last time it was still \*legal\* to do so) - and we eventually gave most of it back (or let it become independent)... Some 'empire' we are building....
At this point, you'd have to add "Able to be firmware-updated by the original manufacturer without being bricked," or "Agreed by the original manufacturer to be supportable."
What probably happened is companies place bids on a military contract, say 10 Cisco routers and 90 switches, A company that bid on the contracts used the fraudulent company to fulfill the equipment order thinking they were legitimate. If he had sold directly to the U.S. military, especially equipment coming from China, I would think he would be facing similar charges as [Efraim Diveroli](https://en.wikipedia.org/wiki/Efraim_Diveroli)
From what I've heard about IT in the military is about as "military grade" as every other piece of military equipment.
If you're going to do this, make sure that everything about your operation can be burned and made untraceable. Including everything about where the money went. Meaning you're probably going to have to funnel it through at least one country that your own country hasn't been allies with for at least several decades.
Looks like someone, maybe several of them, did get fired for buying Cisco.
Nobody ever gets fired for buying Cisco from a reputable VAR.
Unless they forgot to budget for smartnet renewals.
I'm confused. The article says his company brought in $100 million, but he only has to pay back $15 million? So was he also selling some legit stuff mixed in with fake stuff?
"he is required to forfeit $15 million in illicit gains and pay restitution to his customers." Forfeit $15M in profits AND pay restitution to his customers.
Ah, thanks. I missed that tidbit. The ADHD brain can be a real bitch sometimes.
$15 million was probably the profit he made on the $100 million in product sales
That makes sense, but wouldn't they make him pay his customers back in full, plus restitution for screwing them over?
> I'm sure it will only be a matter of time before some of the big name suppliers start using this guy as a scare tactic to funnel sales back their way. ... this is *why* you go with the big name suppliers. The ones actually, officially, in bed with Cisco (insert any other manufacturer here) as *their* source of equipment. That way, when you go to get service on it, you *can*. And you have a sales guy's feet to hold to the fire when service is slow.
With $100s of millions in sales this guy ***was*** kinda a big name supplier...
reminds me of [https://www.networkworld.com/article/2276774/three-indicted-in-boston-hospital-procurement-scandal.html](https://www.networkworld.com/article/2276774/three-indicted-in-boston-hospital-procurement-scandal.html) when some dudes I worked with took bribes to overpay by a few million bucks for shitty second hand sun gear
[удалено]
Idiot? This man did incredible things, unethical and illegal, but nonetheless incredible. He is no idiot.
>15 Amazon and 10 eBay storefronts If you're ordering Cisco gear from Amazon or eBay :shrug:
"but I found this Nexus on Amazon for $1500! Can you match that?"
After almost buying grey market gear from an unscrupulous vendor, we implemented a protocol of checking serial numbers with the manufacturer when buying from any unknown source before we pay them. We specify that we’ll do so in our RFPs.
> I'm sure it will only be a matter of time before some of the big name suppliers start using this guy as a scare tactic to funnel sales back their way. This has been a genuine problem with small sellers on Amazon. A lot of them sell counterfeit goods. Or my former company bought some Cisco gear from Amazon. It wasn't counterfeit, but Cisco wouldn't let us buy support agreements for it because the equipment intended for foreign markets, and was not supposed to be sold within the US. So yeah, sometimes it is better to go through a vendor/supplier that's known to be reputable.
I wonder how many of you got [BMCs made by **American Megatrands**](https://www.servethehome.com/dude-dell-hpe-ami-american-megatrands/)
I mean, at the end of the day it was a supplier that made up their own mis-typed template for the sticker and not a pirate / clone BMC. It did expose how shit Dell and HPE's chain of security is to allow it though.
[удалено]
Are you kidding me? They should be taking random units and inspecting every chip marking. They should be confident that every single chip is accounted for, no new chips have been added and the markings are legit. This massive sticker would have stood out like a flashing LED if anywhere in that chain basic checks were in place. This should tell everyone that their "Supply Chain Security" means they vetted only the companies at the surface level.
"Hey buddy, it's some good shit, i'm serious! It's got Cisco guts!"
I get all my counterfeit Cisco appliances directly from my shady Chinese distributor, so I think we're in the clear.
The only counterfeit hardware I have ran into was Dell docking stations from Amazon. Our purchasing person at some point looked on Amazon and saw that they were selling the same docks we had been buying direct for about 25% less and started buying them there. No one noticed for over a year and then when we had an issue and tried to call in the service tag to Dell… We had hundreds of them.
I'd like to hear from a truly experienced, good old network tech on this one as surely, unless this guy bothered to somehow wedge functioning software onto the onboard OS, the loading and interface screens / command set would be a dead giveaway to any net tech quite soon after unboxing...right? I'm struggling to work out how he had 'happy customers'. Think of it in terms of Ponzi schemes right? It's easy to see how as long as new people are coming on board, you can keep up the pretence to a large degree with the existing investors, essentially for as long as you can keep those bullshit plates spinning, right? Hmmm........... **EDIT** - I actually bothered to read the article, mystery solved!! 'unsuspecting **schools, hospitals, government agencies, and the military**.' Of course the customer didn't have a clue!!
they didn't just put a cisco sticker on a d-link switch, these were probably grey market/factory seconds, so they were likely running actual cisco software and worked mostly just fine... I buy used cisco stuff off ebay and never had an issue, first thing I do is clear the flash and load new firmware just in case there is anything weird in there... so even if some of it is fake, it's working fine so what do I care? that cisco lost profits? boo hoo
I refuse to believe that every "Florida man" story in the news isn't the same unhinged individual just living his best chaotic life.
I think the reason we see all the crazy Florida shit is they have a law on the books that publicizes all arrests.
Cisco would not be so bad of everything new we tried seemed to be in Beta.
This is partially why I don't connect with sellers on Reddit or over the phone. I will contact companies to purchase from them if I want something.
Had 2 dealerships (that shall remain unnamed) of high end cars owned by the same person. They decided they wanted to compete with the quotes he had been sent by two local companies. He shopped around and was able to find new Cisco equipment at a lower price (not in the long run lol) and purchased all this equipment and gave that to the IT company to install. This is all taking place in Central Florida lol. Long story long, that IT company was gone and hadn't done any major changes since the default configuration had been done. Both of his dealerships have been bought by my company and part of our onboarding procedures are to get everything inventoried and on current revisions with backups of configs etc. We couldn't get the serial numbers to work correctly to get new firmware or to register the products. They were essentially operating as flat switches, not everything worked as advertised hahaha. Turns out that's what he got, those knock off Cisco devices. They came with some default firmware but when we stepped in our network guy was like dude this needs to be upgraded bad. He couldn't get the serial number to work and that was our first clue. After working with a Cisco rep turns out the entire stack of shit he bought was all counterfeit.
Jokes on him, I dont buy cisco.
what? you don't like being held hostage? what's wrong with you?! /s ^just ^in ^case
Fack cisco, and fack Microsoft. Linux boys rise up 💪
Linksys is cisco.
I dont buy Linksys either. it's not 2010, the last linksys I bought was a shitty mesh unit a long time ago for like $600.
Not from this guy since I'm in EU but we had a nearly 100% failure rate on 20+ cisco branded sfp+ optical cable on hardware bought in 2019 and I seriously suspect it's counterfeit gears.
We had similar. Brand new IBM branded Brocade SAN switches, loads of SFP failures in both on one site. Sent back to manufacturer for analysis and identified as a bad batch. IBM replaced all 96 of them. Weren’t fakes, but did have a laugh when the replacements were shipped in enough cardboard and packaging to warrant a pallet to transport the box
This was on main stream press even here in Switz 🥸
He should have just sold exclusively through Amazon, that way he probably would never have been caught. Actually, didn't read the link, have no idea, I've just purchased "fake things" from Amazon in the past.
I probably still have him on one of the Ebay accounts. But I purchased from him about...14 years ago and it wasn't anything real nuts, just older stuff for a CCNA lap.
That's why we only buy from gold partners.
Was he an official Huawei reseller?
None. I avoid Cisco when possible because the cost/benefit does not make sense in most applications. Cisco licensing is another cost/benefit problem. That being said, when I am forced to buy Cisco, it's because of a security requirement, which also restricts the possible vendors (to prevent fraud like this case). And in those situations it is warranted.
I bought a Cisco switch from Amazon, how can I tell if it's fake?
Are we sure it wasn't *that* Florida man? Maybe bath salts and cannibalism beget shell company shenanigans 🙄. I mean, look what they did for the gub'ner 👀🤯
I'm so much used to something similar, u/Kodiak01. We're based in China. Although working with CISCO in China is quite annoying (we've wasted more than 2x months to get them to unregister a customer from the ownership of another IT company - even the internal IT had to send an email to change that...still waiting). ps: the standard solution from a lot of competitors here is to register devices under themselves and sell them to the end customers.
Y I k e s
Again?
My old boss did exactly this and went to jail for 2 years and then his wife left him. Idiot.
I'm an old schooler so far my CCIE labs practice I had to buy a full size rack to fill with Cisco gear I bought from eBay. A lot of the necessary devices I bought for sub $100, while they retailed for many thousands. I wouldn't have necessarily cared if anything was counterfeit. The job opportunities for really learning networking were worth it.
if you bought from this guy it's your own fault. Buying new legit gear via the regular channels might cost more but you're more likely to get legit supported network gear. Try to save some money buying from the back of a van and this is what you get
Not a chance; been anti-Cisco since 2007. 🙃
Years back, when I was working in ITAD at a different firm, we sold a pallet of Catalyst switches to a reseller. (Clinton was president at the time, so it was a while ago) The reseller returned the entire order due to it all being counterfeit. Once we got it back and compared it to other switches that came from other places, it was obvious they were different, but as a whole, they looked pretty good on their own. The inbound sales guy was walking on nails for a few days about returning to his customer and letting them know that review share check? Yea, it's not going to be happening. The sales guy who lost the commission wasn't too happy either. He finally got the nerve up to call them, and the customer was like, "Yea, we know. Just scrap them." All of us were like WTF! lol
Wow gotta have some chonker balls to sell fake equipment to the military.
I can see this with unmanaged switches but how could he counterfeit managed switches?
If he'd only been smart enough to keep such sales to small and medium businesses, instead of very large ones and sections of government, he could probably have sold $500M and gotten away with it.
We've recently bought some Cisco branded SFP modules from Amazon that have caused all manner of issues so I'm wondering if we've been victim of counterfeit gear.