US Congress Rules Huawei a 'Security Threat' 186
dgharmon writes with the lead from a story in the Brisbane Time: "Chinese telecom company Huawei poses a security threat to the United States and should be barred from US contracts and acquisitions, a yearlong congressional investigation has concluded. A draft of a report by the House Intelligence Committee said Huawei and another Chinese telecom, ZTE, 'cannot be trusted' to be free of influence from Beijing and could be used to undermine U.S. security."
Don't panic (Score:5, Funny)
Re:Don't panic (Score:5, Insightful)
If past actions are anything to go by this stance actually says "We know that our electronics cannot be trusted to be free from US influence and therefore we cannot assume that a foreign nations electronics will be."
Re:Don't panic (Score:5, Funny)
China practically invented the category of Gov't spyware in electronics. Be careful what you say in front of your Chinese made toaster.
Re: (Score:2)
>China practically invented the category of Gov't spyware in electronics.
NSAKEY
--
BMO
Re:Don't panic (Score:4, Interesting)
I am serious and not serious.
I am serious in implying that we taught the Chinese well.
--
BMO
Re:Don't panic (Score:5, Interesting)
China practically invented the category of Gov't spyware in electronics
Whereas the USA is content with bugging the Chinese premier's aeroplane [airliners.net]...
Perhaps China should have placed Boeing, Dee Howard and Rockwell-Collins on their "security threat" list.
Re: (Score:2)
"China's state-run media, which dubbed the plane Air Force One..."
HEY, just a minute there...
Re: (Score:2)
Perhaps they should build their own jet for their head of state.
Or, if they don't currently have the engineering capacity to do that, perhaps they should stop whining.
why bother when you can buy the state of the art bugging equipment from america, then clone it and put it in electronics you sell to white house?
Re: (Score:3)
I'm pretty sure that China would not mind punishing US citizens for insulting the chairman anymore than the United States would not mind busting Chinese citizens for patent and copyright infringement.
Do your worst! (Score:3)
Re: (Score:2)
Re: (Score:3)
Not that China would care anyhow not to do it anyway, but sinking to their level would only justify them.
Re:Don't panic (Score:5, Insightful)
They are opening a can of worms.
Obviously, the US has been doing exactly that. There are documented cases of back doors introduced into US software and hardware. It could bite them back with other countries using exactly the same argument against them.
I do not fault the US for defending their interests. It is clear that China will use all opportunities available to them, exactly as US did. But they are going to face the same issues that countries like Iran face now. They can use foreign technology that is better than domestic products, or they can try to stop it from entering the country. The fact is that US is quickly becoming irrelevant in hardware manufacturing, so it is a difficult call.
What seems clear is that this won't be good for the economy since it will be interpreted as tariffs by the other side.
Re: (Score:3)
Interesting that sovereign nations are not really any more civilized with each other than savages in the jungle are.
Re: (Score:2)
That's an insult to savages in the jungle.
Sovereign nations are almost...human in their actions. The paranoid planning, pre-emptive strikes on the basis of fear alone, and seeing corruption the same way some of the founders of old saw debt (always need to maintain a minimal amount of it, for "reasons") is strangely familiar.
It's almost like, having banded together as a giant group, the best and the worst of humanity has suddenly been increased a thousand fold.
Re: (Score:2)
My point was that a group of sovereign nations acts at an international level very much how an anarchy of playground kids act individually.
Nations scratch and stab each other's backs, make threats of war, duke out, spy, and all that just like people do on an individual basis if nobody is watching them.
Nations act just like people do, and unlike society, nations do not have anyone babysitting them to make them behave themselves. It is survival of the fittest where being nasty and getting away with it is a g
Crypto AG (Score:2)
Crypto AG [wikipedia.org] makes encryption machines that embassies use to communicate with their governments.
It is widely suspected that the NSA has another KEY that lets them read their "ecrypted" communications. The government made the usual protestations of innocence.
Not that I think you should trust Huawei, either, on the front line. On the front line of your network you should probably have a Linux or BSD firewall.
Re: (Score:3)
It's an easy call and should have been made years ago. You don't let other countries build your infrastructure be it telecoms, miltary, energy, etc...
And yes, it can be tough to bring the jobs back. But that's the battle you have after outsourcing everything including your own prosperity.
Re: (Score:2)
The US will still have "other countries" building it's infrastructure... It'll just be companies in European countries (Alcatel, Siemens, Ericsson), rather than Chinese ones (Huawei, LTE). The US has no telecom companies building most of this stuff, anymore.
Re: (Score:2)
Re: (Score:3)
After my experience with a Huawei S7 - Regardless of spying paranoia, this is the only valid thing to do with a Huawei product.
Same applies to US (Score:5, Interesting)
Re:Same applies to US (Score:5, Informative)
Re: (Score:3)
Just because it is foolish to throw stones while in a glass house doesn't necessarily bring honor to the one who built that house, or the one that put you in it.
Biting the hand that feeds you is foolish, but it doesn't prove the hand is honorable.
Security threat to the United States (Score:5, Funny)
Re: (Score:2)
They aren't talking about smart phones, they are talking about infrastructure telecom components.
Re: (Score:3)
Re: (Score:3)
by 'United States' you mean 'Motorola'.
No, they probably mean 'AT&T', which just happens to be the 3rd largest campaign contributor [opensecrets.org] in the country:
This is great! (Score:4, Insightful)
Other government will eventually do the same to Microsoft, following the logic that US always accuses its enemies of everything it does.
Re: (Score:3, Insightful)
And banning MS anywhere in the world would be bad how? If they switch to Linux and start talking about how much better it is the world would benefit.
Re: (Score:2)
lol american patriot.
A step forward (Score:5, Interesting)
Now all the other governments of the world should ban Microsoft for being a security threat and things could become far better for most of the people. Even could be considered "a national security threat", played a major role in Stuxnet/Flame/etc targetted attacks, where US agencies could had been involved.
In fact, with that argument most US based software companies could be banned outside, unless by licence (i.e. open source ones) you can get all the source, recompile and deploy it yourself. And that includes embedded software devices
Re: (Score:3)
Re: (Score:2)
Yeah, because every Linux user has read the thousands of code lines before installing it.
Re: (Score:3)
I am sure, governments will have no problems with actually doing that.
Regular users rely on large numbers of people reading each of those lines, what is much better than what happens with proprietary software.
Re: (Score:2)
If the Chinese government is using Windows for their government computers, they're fucking insane. In fact, we're insane for using it. Closed source is not secure. Period. Closed source and compiled in a foreign country? Absolutely bat shit crazy.
For what we know, Microsoft practically hand the kernal source code to the Chinese government for their business. There's no telling they re-engineer the whole thing and use it internally. The best you can say about it is the lack of security but I'd say there are very little chance to have an intentional bug left in the source code for the purpose of spying.
Plus, why would Microsoft do that anyway? It doesn't help them in any way, shape, form. You know the government is going to bust their tail any
Re: (Score:3)
That's how.
Re: (Score:3, Funny)
And pray tell what SW would all the countries use to run their businesses. Evidently you have not seen the chaos caused by companies trying to migrate just one application from a MS platform to another. There are millions of custom Windows business applications that would need to be re-engineered and the expense would be prohibitive to say the least. And No, running apps under Wine or any other virtual environment is not an acceptable solution because all it does is add another layer of code between the app
Re: (Score:3)
And pray tell what SW would all the countries use to run their businesses. Evidently you have not seen the chaos caused by companies trying to migrate just one application from a MS platform to another
All I hear you saying is that we should impede progress and let criminals get away with crime because some people are too stupid to choose Open standards that will permit a migration to another platform, later. Fuck them. They didn't do their homework, and they chose Microsoft, and that's how we got here to begin with. Why should the rest of us continue to pay for their bad decisions? We don't keep automakers going just because people won't be able to buy spares.
Re: (Score:3)
No I am just living in the real world where people such as yourself do not have a clue about the massive amount of work it takes to move applications to entirely different platforms. And exactly who are you paying for other peoples bad decisions? All the major software companies use different approaches to get their applications into the market place. Apple locks down their entire ecosystem. MS built their user base because they catered to the developers who create applications. The more people developing
Re: (Score:2)
I don't know, we (us Americans) did bail out a entire auto industry.
I suspected someone would bring that up, but I have an answer ready: We didn't do it for the good of the people who bought cars from the US automakers that needed bailing out.
Re: (Score:2)
that's why Detroit is still the bustling metropolis [time.com] the architects dreamed about...
Show me (Score:2)
Re: (Score:2)
This have been present since forever, so if that measure is taken now in particular hopely was for the current cyberwar climate (and not, i.e. because lobbyist complained about unfair price competition). And admitting that something could be a weapon means that it could be used by you too, so even if Huawei wasn't putting any backdoor in their products, future (or present) US products could have now, specifically to be used as weapons, control, information gathering, etc. And that have implications for US u
Is the free trade not so fun anymore? (Score:4, Insightful)
First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.
This looks like a try at restricting import with arbitrary reasons without any substance behind them. I am sure many countries smile at this as they get to block American goods like GM corn etc citing safety reasons, and now they can use US own rhetoric.
Re:Is the free trade not so fun anymore? (Score:4, Interesting)
Who builds the audit tools?
Re:Is the free trade not so fun anymore? (Score:4, Insightful)
Free trade? It's a slogan not a reality. Governments the world over subsidize their industries. If you think backdoors don't exist in systems like this you're very naive. If I had anything I was worried about keeping secret I'd never use anything I didn't compile inhouse after a long, serious search of the source.
Re: (Score:2)
Right, the real influence is from Social Conservatives who merely hide behind Libertarian slogans. However the only reason Social Conservatives aren't all hanging from the lightpoles is that they spout Libertarian slogans.
Re: (Score:2)
You could introduce a "bug" into a processor that given a specific input (e.g. some GUID) will jump to a memory location and execute it. I guess that would be pretty difficult to find unless it is actually exploited.
Re:Is the free trade not so fun anymore? (Score:5, Insightful)
First off i have a very hard time believing backdoors are built in the large networks they sell
Really? After stuxnet, flame, you think that?
Fact is most of that network hardware gets a great deal less scrutiny than desktop software gets. A much smaller number of people use it directly, far fewer security folks get access to it.
Even if backdoors are not deliberately inserted its beyond reason to think exploits don't exist somewhere. Now what would the Chinese government's security arm do if they discovered a useful reliable exploit? Probably exactly what our own did/does and create things like stuxnet. Oh and if you could work something like that into the network layer it would be way way harder to spot than at the application layer.
Re: (Score:2)
http://it.slashdot.org/story/12/09/26/1225243/ftc-and-pc-rental-companies-settle-in-spying-on-users-case [slashdot.org]
How Was This Arbitrary Again? (Score:4, Insightful)
First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.
I think you underestimate the creativity of the people who make networking gear.
This looks like a try at restricting import with arbitrary reasons without any substance behind them. I am sure many countries smile at this as they get to block American goods like GM corn etc citing safety reasons, and now they can use US own rhetoric.
That's fine. The US House Committee is claiming that Huawei and ZTE receive billions from the Chinese government and are able to subsidize their products with that money so that they can be the lowest bidder to foreign countries. That's not entirely arbitrary as they're not claiming the same thing against Foxconn or Asus. If you want to say Monsanto receives government subsidiaries as tax credits or whatever, you're probably right but so does almost every other international company headquartered out of the United States. Want to place an embargo on the United States? Go right ahead, Iran and Cuba seem to be doing okay. Personally, I think the safety concerns against GM corn are enough to block it and I think they should continue along that line of reasoning -- what economic conspiracy do you have for keeping GM corn out?
... yeah, like you sell networking gear in China and you can say that? Please.
This hearing was open [house.gov] and is completely available on YouTube if you want to rebut more specific claims by the committee. I like listening to the Huawei guy, he's pretty humorous, he says that they will not under any conditions jeopardize the integrity of their networks for any third party or government
Is the free trade not so fun anymore?
Oh, give me a break. Free trade? Are you serious? It's not fun when the most populous country in the world is artificially manipulating its markets, controlling what its currency trades at internally and creating its own companies that are traipsing around claiming to be private companies ... christ, the tariffs and tax laws surrounding international business are so complicated, there's no point in calling any of this "free trade" in any sense of the words.
Re: (Score:3)
That's fine. The US House Committee is claiming that Huawei and ZTE receive billions from the Chinese government and are able to subsidize their products with that money so that they can be the lowest bidder to foreign countries. That's not entirely arbitrary as they're not claiming the same thing against Foxconn or Asus. If you want to say Monsanto receives government subsidiaries as tax credits or whatever, you're probably right but so does almost every other international company headquartered out of the United States. Want to place an embargo on the United States? Go right ahead, Iran and Cuba seem to be doing okay. Personally, I think the safety concerns against GM corn are enough to block it and I think they should continue along that line of reasoning -- what economic conspiracy do you have for keeping GM corn out?
Would it bother you too much if I pointed out that Foxconn (Hon Hai Precision Industry Co., Ltd., actually, Foxconn is the trade name) and Asus are both Taiwanese companies, and the USA generally considers Taiwan to not be a part of China (at least for purposes of defense and business). Perhaps you meant Lenovo and ... never mind, China doesn't have an ODM anywhere close to Foxconn.
Re: (Score:2)
Re: (Score:2)
First off i have a very hard time believing backdoors are built in the large networks they sell. In complex systems like that its next to impossible to hide things in the long run. Anything suspicious would have been found in the audits.
Dormant backdoors are very hard to find, hit the firewall with a secret knock (timing/ports/payload) and it'll magically slip through or start relaying information or run a MITM attack or shut down or start a denial of service attack at a critical moment. You don't have to be so obvious as to send regular bits and bytes, you can use timing information, create intentional bit errors in the error correction or boost/lower the signal strength a fraction to create a covert subchannel, almost everything is possi
Re: (Score:2)
This looks like a try at restricting import with arbitrary reasons without any substance behind them. I am sure many countries smile at this as they get to block American goods like GM corn etc citing safety reasons, and now they can use US own rhetoric.
Care to explain why the Communist party of China has offices inside of Huawei's headquarters?
Re: (Score:3)
Sure. They do that with most large institutions from what I've seen when in China. There's a Party office in all of the universities, too. It allows the Party to keep an eye on things as well as serve as a liaison between the institution and the government when needed. Also, since companies are responsible for handing certain things for their employees that we would not necessarily consider companies doing here
Re: (Score:2)
Umm, they WERE FOUND. The report mentions sending "beacons", "relaying data", and other "anomalies".
Huawei's only contention is that they're merely INCOMPETENT, and their firmware just has tons of bugs, and none of them are (intentional) backdoors.
http://www.computerworld.c [computerworld.com]
Irony (Score:5, Insightful)
I'm told this is ironic because the reason that Huawei got started was because the Chinese did all sorts of experiments with Cisco gear and determined that they couldn't trust them because of all the backdoors they had to accommodate US agencies.
The Chinese needed network gear they could trust, they'd been tearing the Cisco gear down for a while to check them for back doors, so they just went the whole hog and started their own router company.
The main reason that the US *know* that the Huwaei gear has back doors in it is probably because they are the same back doors cloned from the Cisco gear, but with different encryption keys.
Re: (Score:2)
Re: (Score:3)
I was teaching Huawei how to design in the PowerPC CPUs for their first switch designs in 1998, so your timing is about right. I was doing the same for Cisco starting around mid-1994. Their ice cream ping parties were great.
Re: (Score:2)
Re: (Score:2)
If that was the motivation, it turned out to be one of the biggest failed experiments in history. Huawei's code is riddled with exploitable holes, in large part due to software development bad practices.
http://www.computerworld.com/s/article/9229785 [computerworld.com]
Re: (Score:2)
"except for".
Re: (Score:2)
Personally, I'd find it very interesting as the developer to create a "bug" in the required intercept functionality so as to allow it's use by my own country. Nope, nobody would ever do that....
Lobbying (Score:5, Informative)
Hauwei should have started lobbying harder sooner. They spent over 800 million this year but only 200 million last year. Well, if they keep it up things will turn around. Gotta grease those palms in DC to get what you want.
Re: (Score:2)
Re: (Score:2)
The info is freely available to the public. They're just too busy watching "Desperate Cunts of some city or other" or "Dancing with the washed up hasbeens" ot worry about something as unimportant as who's buying up Congress.
http://www.opensecrets.org/lobby/index.php [opensecrets.org]
Re: (Score:3)
Damn! It should have been 800 thousand not million. My bad. I read it off a blog then checked it out after my post. Bad on me for trusting a blogger. I know better and still quoted them. Ack!
A little good sense (Score:2)
All paranoid xenphobic US atitudes taken in context, this is onethat makes some sense. I just wish all other countries in the World would do the same thing towards US government hooked-up and not-trustable Microsoft.
The Terrorists Win If You Have 4G? (Score:2)
Re: (Score:2)
LTE is not 4G.
The only implementation of 4G that exists is LTE-Advanced, which is not deployed anywhere in the United States.
Re: (Score:2)
ITU has accepted that telcos use 4G for "anything faster than 3G", why can't you? Sure it makes it meaningless but it already was.
Re: (Score:2)
Re: (Score:2)
Currently you are buying most of it from Sweden.
Currently it is being bought from Sweden and France. Ericsson and Alcaltel-Lucent are building the 4g networks. But with the high costs of rolling out a new LTE network, Huawei could easily get in the market with vendor financing. One carrier specifically, Clearwire, since they need funding and are targeting TDD-LTE, would be a prime candidate for Huawei to get their foot in the door.
About Time.... (Score:4, Interesting)
That the US Government officially took notice of Chinese efforts to spy on and undermine the US; wasn't all that fake Cisco equipment that ended up in the department of defense enough of a wake up call.
The very fact Huawei has government connections... (Score:4, Insightful)
....Is why they will have trouble selling their networking hardware in much of the world. If Huawei wasn't founded by a ex-Chinese military official, that might be a different story.
Re: (Score:3, Interesting)
To be fair, the DOJ blocked them from buying sourcefire (the commercial part of Snort) for that very reason in 2006: http://www.linuxplanet.com/linuxplanet/reports/6399/1 [linuxplanet.com]
Symantec (as in Norton Antivirus) & Huawei (Score:2)
The devil you know vs. the devil you don't (Score:2)
If the Chinese govt machine wants in to your telecom network then they'll get in one way or another.
It's just a choice between giving them a knob and having their hordes of crackers get the information they need. If they can crack the DoD, then telecom networks should be a walk in the park for them.
Personally I think this is a step in the wrong direction from a trade perspective. It really sends the wrong message.
What I find interesting about all this is that the Chinese were reverse-engineering Cisco stu
Re: (Score:2)
Personally I think this is a step in the wrong direction from a trade perspective. It really sends the wrong message.
Care to explain why the Communist party of China has offices inside of Huawei's headquarters?
Huawei 5.0 (Score:2)
And by security you mean (Score:5, Interesting)
Apple didn't want to tangle with them in a predatory lawsuit that even if they won they'd never see a dime, so they simply lobbied Congress to keep them out.
Re: (Score:2)
Yeah, because Apple is a major supplier of telecoms equipment... what?
Re: (Score:2)
The issue is phones of which those 2 firms are the 2 largest suppliers of, in China
Dear US Congress, (Score:2)
News at 11... (Score:2)
...DoD finds backdoor in nuclear guidance systems.
You read it here first.
Old News (Score:2)
Is there ANY evidence? (Score:2)
So I don't see ANY evidence in the article that Huawei equipment has been responsible for intentional security breaches.
Anybody got details? (Score:3)
Anybody here evaluated Huawei equipment, or otherwise know more details about the reported issues of it sending "beacons" or "relaying data" back home, or the "anomolies" that appear to be backdoors? The real good stuff seems to be locked-up in that "classified" section we don't get to see...
http://www.ctpost.com/news/article/China-high-tech-firms-deny-spying-before-Congress-3861472.php [ctpost.com]
I'm assuming there's something more than just the bugs exposed at defcon:
http://www.computerworld.com/s/article/9229785/Hackers_reveal_critical_vulnerabilities_in_Huawei_routers_at_Defcon [computerworld.com]
This was several years in the making... (Score:2)
Immediately after the Symantec/Huawei joint venture in 2007, backdoors and trojans began to appear that targeted Symantec products. Symantec products have been a staple of DoD environments for a number of years (http://www.symantec.com/press/2003/n030527a.html), so something like this likely raised more than a few eyebrows. I'm honestly surprised that it took this long considering how much trust we have in the Chinese (extremely little) and the fact that Huawei products had already been blacklisted by the D
This story was on "60 Minutes" last night (Score:4, Informative)
60 Minutes covered this story [cbsnews.com] on Sunday night. The House Intelligence Committee is right to have suspicions of Huawei.
I believe the video is the same that aired on TV.
As Seen On 60 Minutes (Score:2)
The real security threats (Score:2)
Offshore the jobs, technology and investments (along with sensitive defense industry tech) to China, and NOW they claim they're a security threat????? Obviously, Korporate AmeriKa and our criminal congress are the security threats.
Re: (Score:3, Funny)
Bullshit. They read the bible, which is how they know the Earth is only 3,000 years old and Jesus buried the phony dinosaur bones that we dig up.
They think it's ~6000 years old. Are you republican by any chance?
Re: (Score:2)
That's a silly comment considering the trade deficit with China.
As for trust, why would anyone in the business world trust China? They openly steal any intellectual property they can get their hands on. I'm in the auto industry, we learned long ago not to allow any assembled components be produced in China. They can make our brackets and bolts and seals but if we let them do final assembly we'l
Re: (Score:2)
Re: (Score:2)
Care to explain why the Communist party of China has offices inside of Huawei's headquarters?
Re: (Score:2)
I find it interesting that Cisco gear isn't considered suspect as well given that it is made in China as well.
Re: (Score:2)
you mean like Trident is?
Built by an American company (Lockheed-Martin) with guidance system and MRV designed and built in the UK with parts from... China.
Polaris/Chevaline, the immediate predecessor to Trident in the UK, is pretty much the same.
The last proposed entirely British designed system (which was cancelled in favour of US-designed V-Force/Skybolt ALBM) was Blue Streak/Ulysses.