I've worked as a security consultant with one or two companies (who shall remain nameless) whose sole product was a hardware device with a black-box software stack meant to be a plug-and-play lawful intercept compliance solution. Telecoms should be able to buy it, install it, and access a web panel to do their government-mandated business.

In the three or four year I worked with them, they would only let me do penetration testing of their user network, and never the segments where the developers were, and never the product itself. In speaking with their security team (one guy - shocker) during compliance initiatives, it was very clear to me that the product itself was not to be touched per the explicit direction of senior leadership.

All I can say is that if the parts of their environment they did let us touch are any indication of the state of the rest of their assets, that device was compromised a long time ago.

when I lived in NoVA I had a roommate that installed and serviced boxes that sound suspiciously similar.

SSL crackers to MITM all ISP user traffic