What's new
What's new

Huaweis Ban and the reprocustions

adama

Diamond
Joined
Dec 28, 2004
Location
uk
Not sure who has been following the ongoing spat between the USA and the company Huaweis, From the tech side i do not get it, any one making any kinda electronic device can make back doors into it, its a well known fact most encryption protocols and hardware made in the "democratic" world has back-doors openly accessible by our intelligence agencies. At this point in the modern world you can kinda safely bet once a thought has left your head someone can access it.

Whats scary at least from my position is not the above, fundamentally anything digital is not secure, i can live with it, but your stupid goverment has now banned USA companies from supping them with components for devices, firstly you now have lost your own back doors, secondly, its put a load more people out of work. Thirdly its not going to do much more than slow Huaweis down,

Huawei's microchip vulnerability explained - BBC News

The parts they were buying from USA based companies gave them performance advantages, gave them a reason to respect IP rights etc. Now your goverment has shafted em. Does Trump and your bone headed goverment really expect that to stop a company the size of Huaweis making product? Do you seriously expect them to just turn there back on there industry and god only knows how many millions or even billions of R&D or do you think there going to be buying the next nearest part or simply knock of the American designs that they can now have no greater repercussions brought against them. Its not like your now going to get the Chinese goverment onside to support the IP rights of the American companies either.

Sure i get the principals of the ban, but this is the 21st century, no one country has a monopoly on this level tech any more. All you have done is shoot your selves in the foot once more and destroyed another one of your market leading technologies. Because its been proven time and again you can't build the complete devices there.
 
I disagree that most products made in USA have back-doors in them. There is proof that Huawei has back doors, just check on press releases in the UK, British Telecom proved that they exist. The issue is that Huawei is owned by the chinese government, and the chinese government is not benign.
 
I disagree that most products made in USA have back-doors in them. There is proof that Huawei has back doors, just check on press releases in the UK, British Telecom proved that they exist. The issue is that Huawei is owned by the chinese government, and the chinese government is not benign.

Most software has backdoors because programmers are lazy.

I'm a programmer....

Australia banned Huawei from our 5G build a while ago. Fair call IMO as they do have a track record of backdoors and they are at the command of the Chinese government.

PDW
 
  1. The centre set up in the UK to analyse Huawei hardware and software has found some sloppy code, but no back doors in eight years of investigation.
  2. No major network has external/Internet access to the management plane. To do so would be an open invitation to every hacker on the planet to come and play. (This rule is broken by Cisco Meraki equipment, which ceases to function if it does not have access to the cloud based management system and HP Aruba equipment which will continue to function, but cannot be configured without access to the cloud based management systems)
  3. All US companies are potentially subject to National Security Letters, which can require the company to do what ever the security services demand and to keep secret even the fact that such demands have been received.
  4. None of the risks that have been alluded to as excuses for sanctions against the company have had any specific exploits named publicly as evidence, only rumour and innuendo. If there had been known exploits discovered that were grounds for the sanctions, they would have been announced and would have resulted in criminal prosecutions.

Based on these facts I firmly believe that the actions against Huawei are entirely anti-competitive commercial interference.
 
  1. None of the risks that have been alluded to as excuses for sanctions against the company have had any specific exploits named publicly as evidence, only rumour and innuendo. If there had been known exploits discovered that were grounds for the sanctions, they would have been announced and would have resulted in criminal prosecutions.

Based on these facts I firmly believe that the actions against Huawei are entirely anti-competitive commercial interference.


Yeah im not saying its not also anti competitive, if you ever follow the grubbier side of apple you see them colluding with all sorts of goverment agencies to restrict imports of legitimately purchased apple parts (google Louise Rossman) amoungst other less than dubious activities.

Honestly if you find someone elses back door, the value of prosecuting them over it is but a fraction of what you can possibly gain from it. Find it, block it in your area or feed it false info, then recommend the tech to the world and you get to see everything the Chinese see and more to the point you get to see what it is that possibly interests them. Gotta remember, this is not knowing were a nuke sub is or were missile launches are any more thats probably the most value, knowing dirty tit bits about corrupt officials to bribe em, knowing upcoming market trends etc, i don't think the Chinese want war any more than anyone else. Look back at wiki leaks, even yeah friends talk behind your back! Having a major back door into things is basic espionage 101 and has been since before the dark ages.

As to china being worse than the USA, IMHO based on current evidence, not sure it supports that conclusion either. Equally im really not sure this is something that needs to bother most of us. State level players with these kinda exploits are not interested in knocking off your credit card. Even if 5G ends up haveing the internet of things hang off it, its hard to see why the Chinese goverment is going to be too concerned about how many slices your toaster did this morning. Equally i think a lot of people would do real well to realize that from the Chinese perspective, most of us are of far more value as customers than anything else!

That said it sure is interesting times, equally its a pretty fair bet Trumps actions bite some American share values pretty dang hard and you can bet some people were put in place to take advantage of that one too!
 
As I understand it, China has about 50% of the worldwide 5G infrastructure already under contract.

Given that this is the next generation of critical infrastructure- things like self driving cars will communicate on that network- the question is, do you want China in control of that network?

That's not something I would be comfortable with considering their track record -Lockmart, OMB, etc.
 
Given that this is the next generation of critical infrastructure- things like self driving cars will communicate on that network- the question is, do you want China in control of that network?


Honestly, i want the best, i honestly don't give one fuck who it is, just want the best. At this point sorry but im as certain as i can be someone is going to have there finger in the pie.

That said, 5G is just a transmission protocol. You think 5G is bad, you want to look at how many scams have been orchestrated over 100Mb Cat 5E networks! Going to take 5G a long while to catch up with that!

If you want secure your just as welcome to use https or other encryption algorithms on any network. Self driving cars are already being hacked and have been for a while. What network the data passes over is largely insignificant to those hacks. You have to hack the encryption of the host - slaves before the network access is any use to you.

IMHO the far bigger risk would be to only have one supplier in the market place and have such a colossal tech all hanging on one companies wears. But letting politicians decide this stuff when they can not even manage a simple leave or remain vote is scary and the collateral damage is mounting up fast.
 
Most software has backdoors because programmers are lazy.

I'm a programmer....

Australia banned Huawei from our 5G build a while ago. Fair call IMO as they do have a track record of backdoors and they are at the command of the Chinese government.

PDW

I'm a programmer as well. Not all programmers are lazy. And most businesses work hard at fixing security issues as they become aware of. That isn't to say there aren't security issues in software, software is complex, and security is a very hard problem. Backdoors allowing government access is an explicitly intentional open door to allow intrusion on customers data. Most companies in the USA would fight creating such a back door because it ultimately will destroy their businesses if word gets out that the backdoor exists.

In china, things are different. The chinese government has explicit control over many companies activities and has the ability to force companies to create backdoors. I have personal experience with these kinds of issues while doing business in china.

Ultimately, this is really about the difference in the legal and government frameworks between most western countries and the chinese system. In most western countries, the law allows for company to operate for the most part without government interference, and operate within our free market/capitalist system. In china, every aspect of the country is run by the government, and goals of the government are different including the need to maintain a very intrusive level of control over society and the economy.
 
  1. The centre set up in the UK to analyse Huawei hardware and software has found some sloppy code, but no back doors in eight years of investigation.
  2. No major network has external/Internet access to the management plane. To do so would be an open invitation to every hacker on the planet to come and play. (This rule is broken by Cisco Meraki equipment, which ceases to function if it does not have access to the cloud based management system and HP Aruba equipment which will continue to function, but cannot be configured without access to the cloud based management systems)
  3. All US companies are potentially subject to National Security Letters, which can require the company to do what ever the security services demand and to keep secret even the fact that such demands have been received.
  4. None of the risks that have been alluded to as excuses for sanctions against the company have had any specific exploits named publicly as evidence, only rumour and innuendo. If there had been known exploits discovered that were grounds for the sanctions, they would have been announced and would have resulted in criminal prosecutions.

Based on these facts I firmly believe that the actions against Huawei are entirely anti-competitive commercial interference.

I disagree. There are numerous ongoing investigations in Europe that are finding evidence of backdoors in the Huawei firmware in their 4G products, not all of it sloppy software. Simple google search will show you many of these ongoing investigations. Vodaphone specifically in the UK found issues. And it appears these security weaknesses did in fact allow customer data access from outside the networks.

Your second point just re-inforces my point that western companys and governments strive for security, but the chinese system is just different, there the government specifically requires companies to create backdoors in order to facility government control...just a different system and environment.

The big issue is that if you don't have FULL and COMPLETE supply chain integrity top to bottom you cannot have secure devices and equipment no matter how good your carefully laid plans for network and device security is.

Some devices actually cannot be opened by US goverment. Checkout blackberry and their point to point security scheme. Google the legal battles between Apple and US government whey US government wanted access to cell phone records related to the Southern California terrorist event a few years ago. US companies fight hard to protect their customers privacy despite the attempts of US law enforcement. In the Apple case, Apple in fact did not allow access to their phone.
 
...IMHO the far bigger risk would be to only have one supplier in the market place and have such a colossal tech all hanging on one companies wears. But letting politicians decide this stuff when they can not even manage a simple leave or remain vote is scary and the collateral damage is mounting up fast.
Well, Huawei is charging full speed ahead toward being the monopoly player in that space. They will have no problem undercutting the other players- they have State support and controlling 5G is a major goal of the CCP.

Brexit notwithstanding, someone has to make the decisions- if it's not the politicians, then who?

I also want the best network, and securing the access is a part of that. Huawei was putting undisclosed telnet ports on their hardware. That alone isn't necessarily damning- other companies have telnet access to the hardware too. It's the "hidden" aspect of it that was concerning, especially when you include their other hacking and spying behavior in the equation. If you have a piece of hardware on your network, and it has a telnet port that you are unaware of and don't know the password, it's not likely you will close the hole.

If you are diligent about encrypting everything, that's great. Most people (myself included) are not.

China is not a benevolent player, at least as far as the US is concerned.
 
Well, Huawei is charging full speed ahead toward being the monopoly player in that space. They will have no problem undercutting the other players- they have State support and controlling 5G is a major goal of the CCP.

Brexit notwithstanding, someone has to make the decisions- if it's not the politicians, then who?

I also want the best network, and securing the access is a part of that. Huawei was putting undisclosed telnet ports on their hardware. That alone isn't necessarily damning- other companies have telnet access to the hardware too. It's the "hidden" aspect of it that was concerning, especially when you include their other hacking and spying behavior in the equation. If you have a piece of hardware on your network, and it has a telnet port that you are unaware of and don't know the password, it's not likely you will close the hole.

If you are diligent about encrypting everything, that's great. Most people (myself included) are not.

China is not a benevolent player, at least as far as the US is concerned.

.....And this is exactly a post where Thermite would be able
to give some good, technical insight on.....
And many of you dumped on him, so he walked away.
 
if it's not the politicians, then who?

Honestly you serious, kinda the experts in the field, or like it always has been the telecoms companies. but your seriously suggesting we should leave the major technical aspects of major infrastructure to a electorate that can just about mash out a tweet?
 
There has never been and never will be a bullet proof way to connect all this data that we now accept as part of our lives.
Back doors found are maybe there on purpose and maybe not.
Somebody finds a exploit in your code and its a back door you left open. It might just be something I missed with no malintent.

There should be healthy competition in this space.
Maybe someone saw or thought that one was getting too far ahead.
You did not see the US government step on Microsoft.

Is there a real belief that the coders and chip designers "over there" are not up to the USA standards? Something magic in our water?
Building a new fab is expensive but if you box them they will do it. Then what?

This will fail and US companies will get less work. Then we can support the unemployed with government money.
Bob
 
Not caring about the reputation of a possible supplier is a very cavalier attitude. In determining who has the best to offer regarding any product and service the reputation of that supplier matters a lot in the choice.

American vs Chinese I would trust America has a system in place which protects IP for example. Also the United States and Western countries in general protect it and even honor it. Then there is due process in the laws to offer protection.
 
I also want the best network, and securing the access is a part of that. Huawei was putting undisclosed telnet ports on their hardware. That alone isn't necessarily damning- other companies have telnet access to the hardware too. It's the "hidden" aspect of it that was concerning, especially when you include their other hacking and spying behavior in the equation. If you have a piece of hardware on your network, and it has a telnet port that you are unaware of and don't know the password, it's not likely you will close the hole.

You might want to read an explanation of that vulnerability:- Oh dear. Secret Huawei enterprise router snoop 'backdoor' was Telnet service, sighs Vodafone • The Register


Just the facts Ma'am

Actually, please do take the time to read the article, It makes far more sense than what is coming out of Washington at the moment.
 
Not caring about the reputation of a possible supplier is a very cavalier attitude. In determining who has the best to offer regarding any product and service the reputation of that supplier matters a lot in the choice.

American vs Chinese I would trust America has a system in place which protects IP for example. Also the United States and Western countries in general protect it and even honor it. Then there is due process in the laws to offer protection.

Worrying about China protecting IP or not, is slightly less relevant when the Chinese company in question is more advanced than the US competition in the area of interest...


Someone slap me around the face with a stale herring. I'm starting to sound like the departed Gordon. :ack2:
 
Honestly you serious, kinda the experts in the field, or like it always has been the telecoms companies. but your seriously suggesting we should leave the major technical aspects of major infrastructure to a electorate that can just about mash out a tweet?
I think you are conflating. The politicians are not the ones making technical determinations wrt 5G. Those specifications are made by the 3GPP consortium.

The politicians in this case are looking at China's past behavior, and making a determination whether or not to allow Huawei or ZTE to build out the 5G infrastructure.

This will be the critical communications infrastructure going forward, and the US has determined that it is not in our best interests to have Huawei involved. The decision was not made in a vacuum, and I have no doubt there are considerations that are not made public.
 
Last edited:
Worrying about China protecting IP or not, is slightly less relevant when the Chinese company in question is more advanced than the US competition in the area of interest...


Someone slap me around the face with a stale herring. I'm starting to sound like the departed Gordon. :ack2:

They would not have the product if they had not secured the IP. The advantage is based on R& D from other countries and is completely relevant to the discussion.

It is a major topic of conversation and concern when taking into account doing business with China.
 
They would not have the product if they had not secured the IP. The advantage is based on R& D from other countries and is completely relevant to the discussion.

It is a major topic of conversation and concern when taking into account doing business with China.

It is also one of the key issues that have caused the trade negotiations stalemate.

IP has an incredible value when you don't have to develop it but get to sell it in direct competition with the very groups that did pay for the development.
 








 
Back
Top