Huaweis Ban and the reprocustions
Close
Login to Your Account
Page 1 of 6 123 ... LastLast
Results 1 to 20 of 109
  1. #1
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default Huaweis Ban and the reprocustions

    Not sure who has been following the ongoing spat between the USA and the company Huaweis, From the tech side i do not get it, any one making any kinda electronic device can make back doors into it, its a well known fact most encryption protocols and hardware made in the "democratic" world has back-doors openly accessible by our intelligence agencies. At this point in the modern world you can kinda safely bet once a thought has left your head someone can access it.

    Whats scary at least from my position is not the above, fundamentally anything digital is not secure, i can live with it, but your stupid goverment has now banned USA companies from supping them with components for devices, firstly you now have lost your own back doors, secondly, its put a load more people out of work. Thirdly its not going to do much more than slow Huaweis down,

    Huawei's microchip vulnerability explained - BBC News

    The parts they were buying from USA based companies gave them performance advantages, gave them a reason to respect IP rights etc. Now your goverment has shafted em. Does Trump and your bone headed goverment really expect that to stop a company the size of Huaweis making product? Do you seriously expect them to just turn there back on there industry and god only knows how many millions or even billions of R&D or do you think there going to be buying the next nearest part or simply knock of the American designs that they can now have no greater repercussions brought against them. Its not like your now going to get the Chinese goverment onside to support the IP rights of the American companies either.

    Sure i get the principals of the ban, but this is the 21st century, no one country has a monopoly on this level tech any more. All you have done is shoot your selves in the foot once more and destroyed another one of your market leading technologies. Because its been proven time and again you can't build the complete devices there.

  2. Likes LKeithR, Pathogen, JoeE. liked this post
  3. #2
    Join Date
    Feb 2017
    Country
    UNITED STATES
    State/Province
    California
    Posts
    356
    Post Thanks / Like
    Likes (Given)
    6
    Likes (Received)
    89

    Default

    I disagree that most products made in USA have back-doors in them. There is proof that Huawei has back doors, just check on press releases in the UK, British Telecom proved that they exist. The issue is that Huawei is owned by the chinese government, and the chinese government is not benign.

  4. Likes SND, ratbldr427 liked this post
  5. #3
    Join Date
    Mar 2011
    Location
    Denver, CO USA
    Posts
    10,212
    Post Thanks / Like
    Likes (Given)
    58
    Likes (Received)
    5695

    Default

    Come on...
    Stuxnet is enough evidence no one is clean.

  6. #4
    Join Date
    Jul 2006
    Location
    Australia (Hobart)
    Posts
    3,462
    Post Thanks / Like
    Likes (Given)
    543
    Likes (Received)
    2612

    Default

    Quote Originally Posted by drcoelho View Post
    I disagree that most products made in USA have back-doors in them. There is proof that Huawei has back doors, just check on press releases in the UK, British Telecom proved that they exist. The issue is that Huawei is owned by the chinese government, and the chinese government is not benign.
    Most software has backdoors because programmers are lazy.

    I'm a programmer....

    Australia banned Huawei from our 5G build a while ago. Fair call IMO as they do have a track record of backdoors and they are at the command of the Chinese government.

    PDW

  7. Likes digger doug, pressbrake1, ratbldr427 liked this post
  8. #5
    Join Date
    Jul 2007
    Country
    UNITED KINGDOM
    Posts
    4,614
    Post Thanks / Like
    Likes (Given)
    2395
    Likes (Received)
    2180

    Default

    1. The centre set up in the UK to analyse Huawei hardware and software has found some sloppy code, but no back doors in eight years of investigation.
    2. No major network has external/Internet access to the management plane. To do so would be an open invitation to every hacker on the planet to come and play. (This rule is broken by Cisco Meraki equipment, which ceases to function if it does not have access to the cloud based management system and HP Aruba equipment which will continue to function, but cannot be configured without access to the cloud based management systems)
    3. All US companies are potentially subject to National Security Letters, which can require the company to do what ever the security services demand and to keep secret even the fact that such demands have been received.
    4. None of the risks that have been alluded to as excuses for sanctions against the company have had any specific exploits named publicly as evidence, only rumour and innuendo. If there had been known exploits discovered that were grounds for the sanctions, they would have been announced and would have resulted in criminal prosecutions.


    Based on these facts I firmly believe that the actions against Huawei are entirely anti-competitive commercial interference.

  9. Likes gerritv, Rob F., gregormarwick liked this post
  10. #6
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default

    Quote Originally Posted by Mark Rand View Post
    1. None of the risks that have been alluded to as excuses for sanctions against the company have had any specific exploits named publicly as evidence, only rumour and innuendo. If there had been known exploits discovered that were grounds for the sanctions, they would have been announced and would have resulted in criminal prosecutions.


    Based on these facts I firmly believe that the actions against Huawei are entirely anti-competitive commercial interference.

    Yeah im not saying its not also anti competitive, if you ever follow the grubbier side of apple you see them colluding with all sorts of goverment agencies to restrict imports of legitimately purchased apple parts (google Louise Rossman) amoungst other less than dubious activities.

    Honestly if you find someone elses back door, the value of prosecuting them over it is but a fraction of what you can possibly gain from it. Find it, block it in your area or feed it false info, then recommend the tech to the world and you get to see everything the Chinese see and more to the point you get to see what it is that possibly interests them. Gotta remember, this is not knowing were a nuke sub is or were missile launches are any more thats probably the most value, knowing dirty tit bits about corrupt officials to bribe em, knowing upcoming market trends etc, i don't think the Chinese want war any more than anyone else. Look back at wiki leaks, even yeah friends talk behind your back! Having a major back door into things is basic espionage 101 and has been since before the dark ages.

    As to china being worse than the USA, IMHO based on current evidence, not sure it supports that conclusion either. Equally im really not sure this is something that needs to bother most of us. State level players with these kinda exploits are not interested in knocking off your credit card. Even if 5G ends up haveing the internet of things hang off it, its hard to see why the Chinese goverment is going to be too concerned about how many slices your toaster did this morning. Equally i think a lot of people would do real well to realize that from the Chinese perspective, most of us are of far more value as customers than anything else!

    That said it sure is interesting times, equally its a pretty fair bet Trumps actions bite some American share values pretty dang hard and you can bet some people were put in place to take advantage of that one too!

  11. Likes Greg White liked this post
  12. #7
    Join Date
    Jan 2017
    Country
    UNITED STATES
    State/Province
    Oregon
    Posts
    2,246
    Post Thanks / Like
    Likes (Given)
    407
    Likes (Received)
    1632

    Default

    As I understand it, China has about 50% of the worldwide 5G infrastructure already under contract.

    Given that this is the next generation of critical infrastructure- things like self driving cars will communicate on that network- the question is, do you want China in control of that network?

    That's not something I would be comfortable with considering their track record -Lockmart, OMB, etc.

  13. #8
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default

    Quote Originally Posted by jancollc View Post

    Given that this is the next generation of critical infrastructure- things like self driving cars will communicate on that network- the question is, do you want China in control of that network?

    Honestly, i want the best, i honestly don't give one fuck who it is, just want the best. At this point sorry but im as certain as i can be someone is going to have there finger in the pie.

    That said, 5G is just a transmission protocol. You think 5G is bad, you want to look at how many scams have been orchestrated over 100Mb Cat 5E networks! Going to take 5G a long while to catch up with that!

    If you want secure your just as welcome to use https or other encryption algorithms on any network. Self driving cars are already being hacked and have been for a while. What network the data passes over is largely insignificant to those hacks. You have to hack the encryption of the host - slaves before the network access is any use to you.

    IMHO the far bigger risk would be to only have one supplier in the market place and have such a colossal tech all hanging on one companies wears. But letting politicians decide this stuff when they can not even manage a simple leave or remain vote is scary and the collateral damage is mounting up fast.

  14. Likes Mark Rand, Pathogen liked this post
  15. #9
    Join Date
    Feb 2017
    Country
    UNITED STATES
    State/Province
    California
    Posts
    356
    Post Thanks / Like
    Likes (Given)
    6
    Likes (Received)
    89

    Default

    Quote Originally Posted by PDW View Post
    Most software has backdoors because programmers are lazy.

    I'm a programmer....

    Australia banned Huawei from our 5G build a while ago. Fair call IMO as they do have a track record of backdoors and they are at the command of the Chinese government.

    PDW
    I'm a programmer as well. Not all programmers are lazy. And most businesses work hard at fixing security issues as they become aware of. That isn't to say there aren't security issues in software, software is complex, and security is a very hard problem. Backdoors allowing government access is an explicitly intentional open door to allow intrusion on customers data. Most companies in the USA would fight creating such a back door because it ultimately will destroy their businesses if word gets out that the backdoor exists.

    In china, things are different. The chinese government has explicit control over many companies activities and has the ability to force companies to create backdoors. I have personal experience with these kinds of issues while doing business in china.

    Ultimately, this is really about the difference in the legal and government frameworks between most western countries and the chinese system. In most western countries, the law allows for company to operate for the most part without government interference, and operate within our free market/capitalist system. In china, every aspect of the country is run by the government, and goals of the government are different including the need to maintain a very intrusive level of control over society and the economy.

  16. Likes ratbldr427 liked this post
  17. #10
    Join Date
    Feb 2017
    Country
    UNITED STATES
    State/Province
    California
    Posts
    356
    Post Thanks / Like
    Likes (Given)
    6
    Likes (Received)
    89

    Default

    Quote Originally Posted by Mark Rand View Post
    1. The centre set up in the UK to analyse Huawei hardware and software has found some sloppy code, but no back doors in eight years of investigation.
    2. No major network has external/Internet access to the management plane. To do so would be an open invitation to every hacker on the planet to come and play. (This rule is broken by Cisco Meraki equipment, which ceases to function if it does not have access to the cloud based management system and HP Aruba equipment which will continue to function, but cannot be configured without access to the cloud based management systems)
    3. All US companies are potentially subject to National Security Letters, which can require the company to do what ever the security services demand and to keep secret even the fact that such demands have been received.
    4. None of the risks that have been alluded to as excuses for sanctions against the company have had any specific exploits named publicly as evidence, only rumour and innuendo. If there had been known exploits discovered that were grounds for the sanctions, they would have been announced and would have resulted in criminal prosecutions.


    Based on these facts I firmly believe that the actions against Huawei are entirely anti-competitive commercial interference.
    I disagree. There are numerous ongoing investigations in Europe that are finding evidence of backdoors in the Huawei firmware in their 4G products, not all of it sloppy software. Simple google search will show you many of these ongoing investigations. Vodaphone specifically in the UK found issues. And it appears these security weaknesses did in fact allow customer data access from outside the networks.

    Your second point just re-inforces my point that western companys and governments strive for security, but the chinese system is just different, there the government specifically requires companies to create backdoors in order to facility government control...just a different system and environment.

    The big issue is that if you don't have FULL and COMPLETE supply chain integrity top to bottom you cannot have secure devices and equipment no matter how good your carefully laid plans for network and device security is.

    Some devices actually cannot be opened by US goverment. Checkout blackberry and their point to point security scheme. Google the legal battles between Apple and US government whey US government wanted access to cell phone records related to the Southern California terrorist event a few years ago. US companies fight hard to protect their customers privacy despite the attempts of US law enforcement. In the Apple case, Apple in fact did not allow access to their phone.

  18. #11
    Join Date
    Jan 2017
    Country
    UNITED STATES
    State/Province
    Oregon
    Posts
    2,246
    Post Thanks / Like
    Likes (Given)
    407
    Likes (Received)
    1632

    Default

    Quote Originally Posted by adama View Post
    ...IMHO the far bigger risk would be to only have one supplier in the market place and have such a colossal tech all hanging on one companies wears. But letting politicians decide this stuff when they can not even manage a simple leave or remain vote is scary and the collateral damage is mounting up fast.
    Well, Huawei is charging full speed ahead toward being the monopoly player in that space. They will have no problem undercutting the other players- they have State support and controlling 5G is a major goal of the CCP.

    Brexit notwithstanding, someone has to make the decisions- if it's not the politicians, then who?

    I also want the best network, and securing the access is a part of that. Huawei was putting undisclosed telnet ports on their hardware. That alone isn't necessarily damning- other companies have telnet access to the hardware too. It's the "hidden" aspect of it that was concerning, especially when you include their other hacking and spying behavior in the equation. If you have a piece of hardware on your network, and it has a telnet port that you are unaware of and don't know the password, it's not likely you will close the hole.

    If you are diligent about encrypting everything, that's great. Most people (myself included) are not.

    China is not a benevolent player, at least as far as the US is concerned.

  19. Likes ratbldr427 liked this post
  20. #12
    Join Date
    Oct 2005
    Country
    UNITED STATES
    State/Province
    Pennsylvania
    Posts
    14,060
    Post Thanks / Like

    Default

    Quote Originally Posted by jancollc View Post
    Well, Huawei is charging full speed ahead toward being the monopoly player in that space. They will have no problem undercutting the other players- they have State support and controlling 5G is a major goal of the CCP.

    Brexit notwithstanding, someone has to make the decisions- if it's not the politicians, then who?

    I also want the best network, and securing the access is a part of that. Huawei was putting undisclosed telnet ports on their hardware. That alone isn't necessarily damning- other companies have telnet access to the hardware too. It's the "hidden" aspect of it that was concerning, especially when you include their other hacking and spying behavior in the equation. If you have a piece of hardware on your network, and it has a telnet port that you are unaware of and don't know the password, it's not likely you will close the hole.

    If you are diligent about encrypting everything, that's great. Most people (myself included) are not.

    China is not a benevolent player, at least as far as the US is concerned.
    .....And this is exactly a post where Thermite would be able
    to give some good, technical insight on.....
    And many of you dumped on him, so he walked away.

  21. #13
    Join Date
    Dec 2004
    Location
    uk
    Posts
    14,058
    Post Thanks / Like
    Likes (Given)
    4552
    Likes (Received)
    6696

    Default

    Quote Originally Posted by jancollc View Post
    if it's not the politicians, then who?
    Honestly you serious, kinda the experts in the field, or like it always has been the telecoms companies. but your seriously suggesting we should leave the major technical aspects of major infrastructure to a electorate that can just about mash out a tweet?

  22. #14
    Join Date
    Oct 2007
    Country
    SPAIN
    Posts
    2,840
    Post Thanks / Like
    Likes (Given)
    1384
    Likes (Received)
    953

    Default

    Being the cynic that I am in anything .gov related, I will add that the investigation committee that overseas all this, is HCSEC.
    And the .gov has obviously had them lined up for a long time (since 2010) to implement this.

    Quote:-
    Huawei Cyber Security Evaluation Centre - owned by Huawei, and staffed by them and some from GCHQ's public-facing branch, the National Cyber Security Centre.
    HCSEC was set up in 2010 "to mitigate any perceived risks arising from the involvement of Huawei in parts of the UK's critical national infrastructure" and its function is to review Huawei software and hardware before it is installed in Britain.

  23. #15
    Join Date
    Jan 2007
    Location
    Flushing/Flint, Michigan
    Posts
    7,421
    Post Thanks / Like
    Likes (Given)
    365
    Likes (Received)
    6213

    Default

    There has never been and never will be a bullet proof way to connect all this data that we now accept as part of our lives.
    Back doors found are maybe there on purpose and maybe not.
    Somebody finds a exploit in your code and its a back door you left open. It might just be something I missed with no malintent.

    There should be healthy competition in this space.
    Maybe someone saw or thought that one was getting too far ahead.
    You did not see the US government step on Microsoft.

    Is there a real belief that the coders and chip designers "over there" are not up to the USA standards? Something magic in our water?
    Building a new fab is expensive but if you box them they will do it. Then what?

    This will fail and US companies will get less work. Then we can support the unemployed with government money.
    Bob

  24. Likes Mark Rand liked this post
  25. #16
    Join Date
    May 2007
    Country
    UNITED STATES
    State/Province
    Texas
    Posts
    2,599
    Post Thanks / Like
    Likes (Given)
    3051
    Likes (Received)
    479

    Default

    Not caring about the reputation of a possible supplier is a very cavalier attitude. In determining who has the best to offer regarding any product and service the reputation of that supplier matters a lot in the choice.

    American vs Chinese I would trust America has a system in place which protects IP for example. Also the United States and Western countries in general protect it and even honor it. Then there is due process in the laws to offer protection.

  26. #17
    Join Date
    Jul 2007
    Country
    UNITED KINGDOM
    Posts
    4,614
    Post Thanks / Like
    Likes (Given)
    2395
    Likes (Received)
    2180

    Default

    Quote Originally Posted by jancollc View Post
    I also want the best network, and securing the access is a part of that. Huawei was putting undisclosed telnet ports on their hardware. That alone isn't necessarily damning- other companies have telnet access to the hardware too. It's the "hidden" aspect of it that was concerning, especially when you include their other hacking and spying behavior in the equation. If you have a piece of hardware on your network, and it has a telnet port that you are unaware of and don't know the password, it's not likely you will close the hole.
    You might want to read an explanation of that vulnerability:- Oh dear. Secret Huawei enterprise router snoop 'backdoor' was Telnet service, sighs Vodafone • The Register


    Just the facts Ma'am

    Actually, please do take the time to read the article, It makes far more sense than what is coming out of Washington at the moment.

  27. Likes barbter liked this post
  28. #18
    Join Date
    Jul 2007
    Country
    UNITED KINGDOM
    Posts
    4,614
    Post Thanks / Like
    Likes (Given)
    2395
    Likes (Received)
    2180

    Default

    Quote Originally Posted by Spinit View Post
    Not caring about the reputation of a possible supplier is a very cavalier attitude. In determining who has the best to offer regarding any product and service the reputation of that supplier matters a lot in the choice.

    American vs Chinese I would trust America has a system in place which protects IP for example. Also the United States and Western countries in general protect it and even honor it. Then there is due process in the laws to offer protection.
    Worrying about China protecting IP or not, is slightly less relevant when the Chinese company in question is more advanced than the US competition in the area of interest...


    Someone slap me around the face with a stale herring. I'm starting to sound like the departed Gordon.

  29. Likes PDW, adama liked this post
  30. #19
    Join Date
    Jan 2017
    Country
    UNITED STATES
    State/Province
    Oregon
    Posts
    2,246
    Post Thanks / Like
    Likes (Given)
    407
    Likes (Received)
    1632

    Default

    Quote Originally Posted by adama View Post
    Honestly you serious, kinda the experts in the field, or like it always has been the telecoms companies. but your seriously suggesting we should leave the major technical aspects of major infrastructure to a electorate that can just about mash out a tweet?
    I think you are conflating. The politicians are not the ones making technical determinations wrt 5G. Those specifications are made by the 3GPP consortium.

    The politicians in this case are looking at China's past behavior, and making a determination whether or not to allow Huawei or ZTE to build out the 5G infrastructure.

    This will be the critical communications infrastructure going forward, and the US has determined that it is not in our best interests to have Huawei involved. The decision was not made in a vacuum, and I have no doubt there are considerations that are not made public.
    Last edited by jancollc; 05-22-2019 at 10:14 AM.

  31. #20
    Join Date
    May 2007
    Country
    UNITED STATES
    State/Province
    Texas
    Posts
    2,599
    Post Thanks / Like
    Likes (Given)
    3051
    Likes (Received)
    479

    Default

    Quote Originally Posted by Mark Rand View Post
    Worrying about China protecting IP or not, is slightly less relevant when the Chinese company in question is more advanced than the US competition in the area of interest...


    Someone slap me around the face with a stale herring. I'm starting to sound like the departed Gordon.
    They would not have the product if they had not secured the IP. The advantage is based on R& D from other countries and is completely relevant to the discussion.

    It is a major topic of conversation and concern when taking into account doing business with China.


Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •