Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
United States China Security The Military Politics

US Congress Rules Huawei a 'Security Threat' 186

dgharmon writes with the lead from a story in the Brisbane Time: "Chinese telecom company Huawei poses a security threat to the United States and should be barred from US contracts and acquisitions, a yearlong congressional investigation has concluded. A draft of a report by the House Intelligence Committee said Huawei and another Chinese telecom, ZTE, 'cannot be trusted' to be free of influence from Beijing and could be used to undermine U.S. security."
This discussion has been archived. No new comments can be posted.

US Congress Rules Huawei a 'Security Threat'

Comments Filter:
  • Don't panic (Score:5, Funny)

    by Chrisq ( 894406 ) on Monday October 08, 2012 @06:11AM (#41583155)
    Don't panic. If you have a Huawei phone just fill a bucket with water and drop the phone in. After 12 hours you can safely dispose of t in the bin. Then go and buy a phone made in the West like the ....uhm ..... well ... do without a phone.
    • Re:Don't panic (Score:5, Insightful)

      by Anonymous Coward on Monday October 08, 2012 @06:39AM (#41583329)

      If past actions are anything to go by this stance actually says "We know that our electronics cannot be trusted to be free from US influence and therefore we cannot assume that a foreign nations electronics will be."

    • Re:Don't panic (Score:5, Insightful)

      by javilon ( 99157 ) on Monday October 08, 2012 @06:45AM (#41583383) Homepage

      They are opening a can of worms.

      Obviously, the US has been doing exactly that. There are documented cases of back doors introduced into US software and hardware. It could bite them back with other countries using exactly the same argument against them.

      I do not fault the US for defending their interests. It is clear that China will use all opportunities available to them, exactly as US did. But they are going to face the same issues that countries like Iran face now. They can use foreign technology that is better than domestic products, or they can try to stop it from entering the country. The fact is that US is quickly becoming irrelevant in hardware manufacturing, so it is a difficult call.

      What seems clear is that this won't be good for the economy since it will be interpreted as tariffs by the other side.

      • Interesting that sovereign nations are not really any more civilized with each other than savages in the jungle are.

        • That's an insult to savages in the jungle.

          Sovereign nations are almost...human in their actions. The paranoid planning, pre-emptive strikes on the basis of fear alone, and seeing corruption the same way some of the founders of old saw debt (always need to maintain a minimal amount of it, for "reasons") is strangely familiar.

          It's almost like, having banded together as a giant group, the best and the worst of humanity has suddenly been increased a thousand fold.

          • My point was that a group of sovereign nations acts at an international level very much how an anarchy of playground kids act individually.

            Nations scratch and stab each other's backs, make threats of war, duke out, spy, and all that just like people do on an individual basis if nobody is watching them.

            Nations act just like people do, and unlike society, nations do not have anyone babysitting them to make them behave themselves. It is survival of the fittest where being nasty and getting away with it is a g

      • Crypto AG [wikipedia.org] makes encryption machines that embassies use to communicate with their governments.

        It is widely suspected that the NSA has another KEY that lets them read their "ecrypted" communications. The government made the usual protestations of innocence.

        Not that I think you should trust Huawei, either, on the front line. On the front line of your network you should probably have a Linux or BSD firewall.

      • by gr8_phk ( 621180 )

        The fact is that US is quickly becoming irrelevant in hardware manufacturing, so it is a difficult call.

        It's an easy call and should have been made years ago. You don't let other countries build your infrastructure be it telecoms, miltary, energy, etc...
        And yes, it can be tough to bring the jobs back. But that's the battle you have after outsourcing everything including your own prosperity.

        • You don't let other countries build your infrastructure be it telecoms, miltary, energy, etc...

          The US will still have "other countries" building it's infrastructure... It'll just be companies in European countries (Alcatel, Siemens, Ericsson), rather than Chinese ones (Huawei, LTE). The US has no telecom companies building most of this stuff, anymore.

    • by Andy Dodd ( 701 )

      After my experience with a Huawei S7 - Regardless of spying paranoia, this is the only valid thing to do with a Huawei product.

  • Same applies to US (Score:5, Interesting)

    by Seeteufel ( 1736784 ) on Monday October 08, 2012 @06:15AM (#41583173) Homepage
    I guess the same applies to companies like IBM, AT&T and Microsoft in the European Union, companies which undermine our domestic security (see the IBM Lotus Notes backdoor scandal in Sweden [heise.de]) and seek to influence our law makers. In particular AT&T with their lobbying for censorship rules and Microsoft which does not disclose the source code of its applications to the IT security agencies and undermines open source and open standards policies --- as if they were part of the European constituency. Oh, and don't mention the OOXML case.
  • by Kinky Bass Junk ( 880011 ) on Monday October 08, 2012 @06:18AM (#41583185)
    Sure, if by 'security threat' you mean 'economic threat', and by 'United States' you mean 'Motorola'.
  • This is great! (Score:4, Insightful)

    by Alex Belits ( 437 ) * on Monday October 08, 2012 @06:19AM (#41583187) Homepage

    Other government will eventually do the same to Microsoft, following the logic that US always accuses its enemies of everything it does.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      And banning MS anywhere in the world would be bad how? If they switch to Linux and start talking about how much better it is the world would benefit.

  • A step forward (Score:5, Interesting)

    by gmuslera ( 3436 ) on Monday October 08, 2012 @06:24AM (#41583231) Homepage Journal

    Now all the other governments of the world should ban Microsoft for being a security threat and things could become far better for most of the people. Even could be considered "a national security threat", played a major role in Stuxnet/Flame/etc targetted attacks, where US agencies could had been involved.

    In fact, with that argument most US based software companies could be banned outside, unless by licence (i.e. open source ones) you can get all the source, recompile and deploy it yourself. And that includes embedded software devices

    • If the Chinese government is using Windows for their government computers, they're fucking insane. In fact, we're insane for using it. Closed source is not secure. Period. Closed source and compiled in a foreign country? Absolutely bat shit crazy.
      • by toriver ( 11308 )

        Yeah, because every Linux user has read the thousands of code lines before installing it.

        • I am sure, governments will have no problems with actually doing that.

          Regular users rely on large numbers of people reading each of those lines, what is much better than what happens with proprietary software.

      • by denobug ( 753200 )

        If the Chinese government is using Windows for their government computers, they're fucking insane. In fact, we're insane for using it. Closed source is not secure. Period. Closed source and compiled in a foreign country? Absolutely bat shit crazy.

        For what we know, Microsoft practically hand the kernal source code to the Chinese government for their business. There's no telling they re-engineer the whole thing and use it internally. The best you can say about it is the lack of security but I'd say there are very little chance to have an intentional bug left in the source code for the purpose of spying.

        Plus, why would Microsoft do that anyway? It doesn't help them in any way, shape, form. You know the government is going to bust their tail any

        • http://www.itworld.com/security/281553/researcher-warns-stuxnet-flame-show-microsoft-may-have-been-infiltrated-nsa-cia
          That's how.
    • Re: (Score:3, Funny)

      by cavreader ( 1903280 )

      And pray tell what SW would all the countries use to run their businesses. Evidently you have not seen the chaos caused by companies trying to migrate just one application from a MS platform to another. There are millions of custom Windows business applications that would need to be re-engineered and the expense would be prohibitive to say the least. And No, running apps under Wine or any other virtual environment is not an acceptable solution because all it does is add another layer of code between the app

      • And pray tell what SW would all the countries use to run their businesses. Evidently you have not seen the chaos caused by companies trying to migrate just one application from a MS platform to another

        All I hear you saying is that we should impede progress and let criminals get away with crime because some people are too stupid to choose Open standards that will permit a migration to another platform, later. Fuck them. They didn't do their homework, and they chose Microsoft, and that's how we got here to begin with. Why should the rest of us continue to pay for their bad decisions? We don't keep automakers going just because people won't be able to buy spares.

        • No I am just living in the real world where people such as yourself do not have a clue about the massive amount of work it takes to move applications to entirely different platforms. And exactly who are you paying for other peoples bad decisions? All the major software companies use different approaches to get their applications into the market place. Apple locks down their entire ecosystem. MS built their user base because they catered to the developers who create applications. The more people developing

    • So show me how turning the argument around makes it invalid? Of course each country has to evaluate these thing on their own. What's your point?
      • by gmuslera ( 3436 )

        This have been present since forever, so if that measure is taken now in particular hopely was for the current cyberwar climate (and not, i.e. because lobbyist complained about unfair price competition). And admitting that something could be a weapon means that it could be used by you too, so even if Huawei wasn't putting any backdoor in their products, future (or present) US products could have now, specifically to be used as weapons, control, information gathering, etc. And that have implications for US u

  • First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.

    This looks like a try at restricting import with arbitrary reasons without any substance behind them. I am sure many countries smile at this as they get to block American goods like GM corn etc citing safety reasons, and now they can use US own rhetoric.

    • by JustOK ( 667959 ) on Monday October 08, 2012 @06:41AM (#41583351) Journal

      Who builds the audit tools?

    • by amiga3D ( 567632 ) on Monday October 08, 2012 @06:44AM (#41583377)

      Free trade? It's a slogan not a reality. Governments the world over subsidize their industries. If you think backdoors don't exist in systems like this you're very naive. If I had anything I was worried about keeping secret I'd never use anything I didn't compile inhouse after a long, serious search of the source.

    • by javilon ( 99157 )

      You could introduce a "bug" into a processor that given a specific input (e.g. some GUID) will jump to a memory location and execute it. I guess that would be pretty difficult to find unless it is actually exploited.

    • by DarkOx ( 621550 ) on Monday October 08, 2012 @06:54AM (#41583445) Journal

      First off i have a very hard time believing backdoors are built in the large networks they sell

      Really? After stuxnet, flame, you think that?

      Fact is most of that network hardware gets a great deal less scrutiny than desktop software gets. A much smaller number of people use it directly, far fewer security folks get access to it.

      Even if backdoors are not deliberately inserted its beyond reason to think exploits don't exist somewhere. Now what would the Chinese government's security arm do if they discovered a useful reliable exploit? Probably exactly what our own did/does and create things like stuxnet. Oh and if you could work something like that into the network layer it would be way way harder to spot than at the application layer.

    • by eldavojohn ( 898314 ) * <eldavojohn@gm a i l . com> on Monday October 08, 2012 @07:02AM (#41583493) Journal

      First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.

      I think you underestimate the creativity of the people who make networking gear.

      This looks like a try at restricting import with arbitrary reasons without any substance behind them. I am sure many countries smile at this as they get to block American goods like GM corn etc citing safety reasons, and now they can use US own rhetoric.

      That's fine. The US House Committee is claiming that Huawei and ZTE receive billions from the Chinese government and are able to subsidize their products with that money so that they can be the lowest bidder to foreign countries. That's not entirely arbitrary as they're not claiming the same thing against Foxconn or Asus. If you want to say Monsanto receives government subsidiaries as tax credits or whatever, you're probably right but so does almost every other international company headquartered out of the United States. Want to place an embargo on the United States? Go right ahead, Iran and Cuba seem to be doing okay. Personally, I think the safety concerns against GM corn are enough to block it and I think they should continue along that line of reasoning -- what economic conspiracy do you have for keeping GM corn out?

      This hearing was open [house.gov] and is completely available on YouTube if you want to rebut more specific claims by the committee. I like listening to the Huawei guy, he's pretty humorous, he says that they will not under any conditions jeopardize the integrity of their networks for any third party or government ... yeah, like you sell networking gear in China and you can say that? Please.

      Is the free trade not so fun anymore?

      Oh, give me a break. Free trade? Are you serious? It's not fun when the most populous country in the world is artificially manipulating its markets, controlling what its currency trades at internally and creating its own companies that are traipsing around claiming to be private companies ... christ, the tariffs and tax laws surrounding international business are so complicated, there's no point in calling any of this "free trade" in any sense of the words.

      • by QQBoss ( 2527196 )

        That's fine. The US House Committee is claiming that Huawei and ZTE receive billions from the Chinese government and are able to subsidize their products with that money so that they can be the lowest bidder to foreign countries. That's not entirely arbitrary as they're not claiming the same thing against Foxconn or Asus. If you want to say Monsanto receives government subsidiaries as tax credits or whatever, you're probably right but so does almost every other international company headquartered out of the United States. Want to place an embargo on the United States? Go right ahead, Iran and Cuba seem to be doing okay. Personally, I think the safety concerns against GM corn are enough to block it and I think they should continue along that line of reasoning -- what economic conspiracy do you have for keeping GM corn out?

        Would it bother you too much if I pointed out that Foxconn (Hon Hai Precision Industry Co., Ltd., actually, Foxconn is the trade name) and Asus are both Taiwanese companies, and the USA generally considers Taiwan to not be a part of China (at least for purposes of defense and business). Perhaps you meant Lenovo and ... never mind, China doesn't have an ODM anywhere close to Foxconn.

    • If this isn't just politial b.s. then the only way to address it would be to share the source and toolchain, so that the client can build and sign their own firmware... support then becomes interesting... Care to cite any published reports auditing networking gear? Router code is typically closed source firmware, every model being different, and with a new revision coming out every few months. Knock-knock protocols, where you send a message to one port, then to another port, etc... as a combination to op
    • by Kjella ( 173770 )

      First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.

      Dormant backdoors are very hard to find, hit the firewall with a secret knock (timing/ports/payload) and it'll magically slip through or start relaying information or run a MITM attack or shut down or start a denial of service attack at a critical moment. You don't have to be so obvious as to send regular bits and bytes, you can use timing information, create intentional bit errors in the error correction or boost/lower the signal strength a fraction to create a covert subchannel, almost everything is possi

    • This looks like a try at restricting import with arbitrary reasons without any substance behind them. I am sure many countries smile at this as they get to block American goods like GM corn etc citing safety reasons, and now they can use US own rhetoric.

      Care to explain why the Communist party of China has offices inside of Huawei's headquarters?

      • by querist ( 97166 )
        "Care to explain why the Communist party of China has offices inside of Huawei's headquarters?"

        Sure. They do that with most large institutions from what I've seen when in China. There's a Party office in all of the universities, too. It allows the Party to keep an eye on things as well as serve as a liaison between the institution and the government when needed. Also, since companies are responsible for handing certain things for their employees that we would not necessarily consider companies doing here
    • First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.

      Umm, they WERE FOUND. The report mentions sending "beacons", "relaying data", and other "anomalies".

      Huawei's only contention is that they're merely INCOMPETENT, and their firmware just has tons of bugs, and none of them are (intentional) backdoors.

      http://www.computerworld.c [computerworld.com]

  • Irony (Score:5, Insightful)

    by Dr_Barnowl ( 709838 ) on Monday October 08, 2012 @06:29AM (#41583271)

    I'm told this is ironic because the reason that Huawei got started was because the Chinese did all sorts of experiments with Cisco gear and determined that they couldn't trust them because of all the backdoors they had to accommodate US agencies.

    The Chinese needed network gear they could trust, they'd been tearing the Cisco gear down for a while to check them for back doors, so they just went the whole hog and started their own router company.

    The main reason that the US *know* that the Huwaei gear has back doors in it is probably because they are the same back doors cloned from the Cisco gear, but with different encryption keys.

    • I'm told Huawei [wikipedia.org] started off selling phone switches, while Cisco [wikipedia.org] was working on computer networks from the start. They weren't really competitors until around 2000, as Huawei expanded into computer networks to accommodate the gradual merging of phone and computer networks.
      • by QQBoss ( 2527196 )

        I was teaching Huawei how to design in the PowerPC CPUs for their first switch designs in 1998, so your timing is about right. I was doing the same for Cisco starting around mid-1994. Their ice cream ping parties were great.

    • the reason that Huawei got started was because the Chinese did all sorts of experiments with Cisco gear and determined that they couldn't trust them because of all the backdoors they had to accommodate US agencies.

      The Chinese needed network gear they could trust

      If that was the motivation, it turned out to be one of the biggest failed experiments in history. Huawei's code is riddled with exploitable holes, in large part due to software development bad practices.

      http://www.computerworld.com/s/article/9229785 [computerworld.com]

  • Lobbying (Score:5, Informative)

    by amiga3D ( 567632 ) on Monday October 08, 2012 @06:39AM (#41583335)

    Hauwei should have started lobbying harder sooner. They spent over 800 million this year but only 200 million last year. Well, if they keep it up things will turn around. Gotta grease those palms in DC to get what you want.

    • Source? I'm interested in similar numbers for other corps assuming info is available to the public
    • by amiga3D ( 567632 )

      Damn! It should have been 800 thousand not million. My bad. I read it off a blog then checked it out after my post. Bad on me for trusting a blogger. I know better and still quoted them. Ack!

  • All paranoid xenphobic US atitudes taken in context, this is onethat makes some sense. I just wish all other countries in the World would do the same thing towards US government hooked-up and not-trustable Microsoft.

  • So we'll get our new 4G LTE system where? Per the 60 Minutes segment that aired last night, there is no U.S. company capable of providing the infrastructure. They named a French, Chinese and perhaps a Swedish company as the only options.
    • LTE is not 4G.

      The only implementation of 4G that exists is LTE-Advanced, which is not deployed anywhere in the United States.

      • by toriver ( 11308 )

        ITU has accepted that telcos use 4G for "anything faster than 3G", why can't you? Sure it makes it meaningless but it already was.

    • Currently you are buying most of it from Sweden.
      • Currently you are buying most of it from Sweden.

        Currently it is being bought from Sweden and France. Ericsson and Alcaltel-Lucent are building the 4g networks. But with the high costs of rolling out a new LTE network, Huawei could easily get in the market with vendor financing. One carrier specifically, Clearwire, since they need funding and are targeting TDD-LTE, would be a prime candidate for Huawei to get their foot in the door.

  • About Time.... (Score:4, Interesting)

    by NormAtHome ( 99305 ) on Monday October 08, 2012 @07:01AM (#41583485)

    That the US Government officially took notice of Chinese efforts to spy on and undermine the US; wasn't all that fake Cisco equipment that ended up in the department of defense enough of a wake up call.

  • by MtViewGuy ( 197597 ) on Monday October 08, 2012 @07:02AM (#41583491)

    ....Is why they will have trouble selling their networking hardware in much of the world. If Huawei wasn't founded by a ex-Chinese military official, that might be a different story.

  • If the Chinese govt machine wants in to your telecom network then they'll get in one way or another.

    It's just a choice between giving them a knob and having their hordes of crackers get the information they need. If they can crack the DoD, then telecom networks should be a walk in the park for them.

    Personally I think this is a step in the wrong direction from a trade perspective. It really sends the wrong message.

    What I find interesting about all this is that the Chinese were reverse-engineering Cisco stu

    • Personally I think this is a step in the wrong direction from a trade perspective. It really sends the wrong message.

      Care to explain why the Communist party of China has offices inside of Huawei's headquarters?

  • "Book 'Em Danno"
  • by gelfling ( 6534 ) on Monday October 08, 2012 @08:22AM (#41584149) Homepage Journal

    Apple didn't want to tangle with them in a predatory lawsuit that even if they won they'd never see a dime, so they simply lobbied Congress to keep them out.

  • three words: "Made in China". Good luck of getting rid of this phrase regarding all your electronics.
  • ...DoD finds backdoor in nuclear guidance systems.

    You read it here first.

  • ZTE and Huawei cannot be used in any sensitive infrastructure in information-sensitive environs within the US Government; nor can Lenovo for that matter.
  • So I don't see ANY evidence in the article that Huawei equipment has been responsible for intentional security breaches.

  • by evilviper ( 135110 ) on Monday October 08, 2012 @10:22AM (#41585645) Journal

    Anybody here evaluated Huawei equipment, or otherwise know more details about the reported issues of it sending "beacons" or "relaying data" back home, or the "anomolies" that appear to be backdoors? The real good stuff seems to be locked-up in that "classified" section we don't get to see...

      http://www.ctpost.com/news/article/China-high-tech-firms-deny-spying-before-Congress-3861472.php [ctpost.com]

    I'm assuming there's something more than just the bugs exposed at defcon:

      http://www.computerworld.com/s/article/9229785/Hackers_reveal_critical_vulnerabilities_in_Huawei_routers_at_Defcon [computerworld.com]

  • Immediately after the Symantec/Huawei joint venture in 2007, backdoors and trojans began to appear that targeted Symantec products. Symantec products have been a staple of DoD environments for a number of years (http://www.symantec.com/press/2003/n030527a.html), so something like this likely raised more than a few eyebrows. I'm honestly surprised that it took this long considering how much trust we have in the Chinese (extremely little) and the fact that Huawei products had already been blacklisted by the D

  • by acoustix ( 123925 ) on Monday October 08, 2012 @10:50AM (#41586069)

    60 Minutes covered this story [cbsnews.com] on Sunday night. The House Intelligence Committee is right to have suspicions of Huawei.

    I believe the video is the same that aired on TV.

  • Just my observation; but it seemed like no one who did business with Huawei could answer yes or no questions with a reply of "yes," or "no."
  • Yeah, but don't those chipsets from Cisco and Juniper, also made in China, already have the same hardwired backdoors??

    Offshore the jobs, technology and investments (along with sensitive defense industry tech) to China, and NOW they claim they're a security threat????? Obviously, Korporate AmeriKa and our criminal congress are the security threats.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...