Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
China United States Technology

Why Huawei Gives the US and Its Allies Security Nightmares (technologyreview.com) 346

Perhaps the most insightful piece that sums up why the U.S. and its allies are apprehensive of using Huawei's products. Six reasons, we are just highlighting the pointers, click on the source story to read the description:
1. There could be "kill switches" in Huawei equipment.
2. ... That even close inspections miss.
3. Back doors could be used for data snooping.
4. The rollout of 5G wireless networks will make everything worse.
5. Chinese firms will ship tech to countries in defiance of a US trade embargo.
6. Huawei isn't as immune to Chinese government influence as it claims to be.

This discussion has been archived. No new comments can be posted.

Why Huawei Gives the US and Its Allies Security Nightmares

Comments Filter:
  • More reasons (Score:4, Informative)

    by Anonymous Coward on Monday December 31, 2018 @06:18AM (#57883136)

    7. It's competition to US products.
    8. People with Huawei equipment can be spied upon by the Chinese government and not as easily by the US government.

    • Re:More reasons (Score:5, Insightful)

      by Anonymous Coward on Monday December 31, 2018 @07:43AM (#57883334)

      What US products? We have systematically destroyed 99% of our production capacity for the components that go into cell phones by allowing corporations to fire everyone and move production to other countries which allow workers to be so badly treated that they're slaves in all but name only.

      The only part the USA plays in making a cell phone is some manufacturers assembling the parts here in order to get an "Assembled in the USA" label. We can't make enough of the components for any cell phone to qualify as "Made in the USA".

      • Re:More reasons (Score:5, Interesting)

        by Dixie_Flatline ( 5077 ) <vincent@jan@goh.gmail@com> on Monday December 31, 2018 @09:59AM (#57883734) Homepage

        They are not "slaves in all but name only". The working conditions are pretty good in a lot of those Chinese factories, the workers make enough money to send home to their rural families, and despite the sensationalist claims, suicide rates are roughly equivalent to the non-factory worker population. I would say that it is far more likely that your vegetables were picked by someone in the USA that is functionally a slave or that your clothes are made by some child in a sweatshop than your phone is made by a "slave". Indeed, one of the reasons why the work has moved to China is the presence of so much SKILLED labour all concentrated in one place.

        China isn’t perfect, the factories often try to get away with shit, not everyone there is acting in good faith...but I could say exactly the same thing about a lot of places in North America. I think the real fear here is that despite everything, we AREN'T any better than the Chinese, and it offends our moral sensibilities that we might not have any moral high ground to stand on when it comes to workers and their rights.

        • Re: More reasons (Score:2, Informative)

          "it offends our moral sensibilities that we might not have any moral high ground to stand on when it comes to workers and their rights."

          Everyone knows that in Soviet America workers have no rights.

        • by Anonymous Coward
          While we certainly aren't better in some ways, in others we currently still are. While our government may currently be run by people who can be generously termed jackasses, at least they aren't yet able to censor us and their isn't a great firewall of the US like there is in China. Oh, and you can call our POTUS a jackass and not end up in prison.
          • by Luckyo ( 1726890 )

            Prison? Try "re-education camp" if you're low enough on totem pole, and "being the star of televised execution" if you're high enough.

            Seriously, this is never in the news in the West for propagandistic reasons, but televised executions of higher ups that were in some kind of opposition to Xi's policies and rising of his cult of personality have been ongoing for quite a few years now in China.

      • Exactly! This isn't about the trade war at all.

        This is about national security, and the top competitors are European.

        I don't see why it is controversial that we should prefer to have sensitive equipment in our communications systems come from our actual friends and allies, instead of from countries that are politically hostile to our basic values.

        The biggest thing is that civics and civil rights in Europe are similar to the rights in the US, so there is less risk of activities that would be harmful to our w

    • Re:More reasons (Score:4, Informative)

      by NicknameUnavailable ( 4134147 ) on Monday December 31, 2018 @09:13AM (#57883564)
      0. We know for a fact that the government backdoors the shit out of any tech made under their roof, because we do it, Intel actually got caught doing it in leaks over a half a decade ago, and they still do it. It's like giving up the ability to spy on your slaves to your next-largest competitor, you just don't do that.
    • by AmiMoJo ( 196126 )

      Instead of speculation why not find out?

      Huawei will let governments inspect their code and publish known good firmware hashes. Does Cisco?

    • Re: More reasons (Score:4, Insightful)

      by Anonymous Coward on Monday December 31, 2018 @10:07AM (#57883770)

      Number 8 there is the big one.

      The US could not care less about the actual hardware security, they just want access to the equipment no matter where it is.

      Huawei has systematically refused to provide that access

      So, the US advocates against people using them "for security reasons"

    • Please remember that when they mention New Zealand they actually mean the GCSB which has these legal objectives.

      Objective of Bureau

      The objective of the Bureau, in performing its functions, is to contribute toâ"
      (a)
      the national security of New Zealand; and
      (b)
      the international relations and well-being of New Zealand; and
      (c)
      the economic well-being of New Zealand.

      Our security sevices now deal in corporate welfare as well as national security. Perhaps they always did but since snowden they
  • by SuricouRaven ( 1897204 ) on Monday December 31, 2018 @06:19AM (#57883138)

    Every point made here is just as true from the other side too. I know China is investing heavily in developing high-end microprocessor designs and manufacturing capability, but shouldn't it make strategic sense for them to also spend as much money as it takes to purge their country of Microsoft? Windows Update could be easily repurposed for espionage, and even if the US government doesn't control it yet, they could surely do so if they situation was desperate enough. I'd expect China to be throwing huge piles of money into transitioning away from Windows entirely for all military and government functions, and all major companies too. They even tried with Red Flag Linux, and that ended badly. China is striving for hardware manufacturing capability, but seems to be unconcerned over software.

    • Cisco = Huawei (Score:5, Interesting)

      by stooo ( 2202012 ) on Monday December 31, 2018 @07:25AM (#57883264) Homepage

      Cisco does exactly the same.

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      Oh it has.

      The Chinese government still thinks they're clever for stealing US tech.

      https://www.telegraph.co.uk/news/worldnews/northamerica/usa/1455559/CIA-plot-led-to-huge-blast-in-Siberian-gas-pipeline.html

      That's just a hint of what goes on.

      The reason the US government doesn't steal foreign tech and give it to US companies is because they know it's an attack vector like a flash drive labeled honeymoon left in a bank parking lot.

      • by hackingbear ( 988354 ) on Monday December 31, 2018 @02:28PM (#57885072)

        The reason the US government doesn't steal foreign tech

        Except the US government has done [theintercept.com] exactly that [bbc.com]:

        The report recommends “a multi-pronged, systematic effort to gather open source and proprietary information through overt means, clandestine penetration (through physical and cyber means), and counterintelligence” (emphasis added). In particular, the DNI’s report envisions “cyber operations” to penetrate “covert centers of innovation” such as R&D facilities.

        The level of American hypocrisy makes me vomit every day.

    • by markdavis ( 642305 ) on Monday December 31, 2018 @07:54AM (#57883352)

      >"I'd expect China to be throwing huge piles of money into transitioning away from Windows entirely for all military and government functions, and all major companies too. They even tried with Red Flag Linux, and that ended badly."

      You are correct that they shouldn't trust closed US software/hardware (yet we probably shouldn't either). Although their attempt with using Linux didn't end "badly", it just ended because for whatever reason, they decided not to pursue it. At the time, it was probably less about security than a bluff to try and force Microsoft to lower prices and/or include certain "features", coupled with their unwillingness to port their applications to the platform. Actually, it could have been a huge win for them had they continued the process.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      Yes. And that tells me exactly what the US government expects to be to do to a "US made" phone.

    • Windows Update could be easily repurposed for espionage
      If you didn't before, now you see one of the reasons why so many of us hate Microsoft, have shunned Windows 10, and moved to Linux: when you don't have control over the machine, the machine can instead control you. With Windows 10, the only 'control' you have over Windows Update is to stop and disable the Service completely; you don't have any ability, like in the past, to pick-and-choose which updates get downloaded and installed. Therefore you're no
    • They even tried with Red Flag Linux, and that ended badly. China is striving for hardware manufacturing capability, but seems to be unconcerned over software.

      I suspect it didn't end badly: the Chinese probably got full access to Windows source code and they negotiated a deal with Microsoft, so that Windows Updates were controlled by the Chinese side, so that Microsoft couldn't push backdoors at will.

      A win-win situation for all the involved parties: Microsoft still can sell Windows to China, the Chinese ca

  • US govt propaganda (Score:5, Insightful)

    by Anonymous Coward on Monday December 31, 2018 @06:19AM (#57883140)

    That's why we are to be afraid. Guess what, your mobile mandatory location identifying device (as required by US law) is a leash.

    • by Anonymous Coward on Monday December 31, 2018 @07:01AM (#57883218)

      All popular computer applications are spyware now. Everything is data-mining you as much as possible. It's part of society. The correct thing to do is ditch everything and start from scratch. Build a new internet, new protocols, that use mandatory encryption for every action. The military already does that, but civilians are stuck with the shitty version of the internet.

    • This is the real point. Folks like us (well me, anyway, i don't know about all you zombies) are just a resource for which governments and big corporations are competing.

  • by getuid() ( 1305889 ) on Monday December 31, 2018 @06:21AM (#57883146)

    1. There most likely are "kill switches" in $USBRAND equipment.

    2. ... That even close inspections miss.

    3. Back doors are already being used for data snooping.

    4. The rollout of 5G wireless networks will make everything worse.

    5. US firms will ship tech to countries wherever the fuck they want regardless of anything else.

    6. $USBRAND isn't immune to US government influence, period.

    I fail to see a problem with Huawei in particular.

    • by Anonymous Coward on Monday December 31, 2018 @06:22AM (#57883150)

      pretty much, everyone in the intelligence industry worry about the stuff they are doing to other countries being done back.

      Look at what they are saying that other places are likely doing, and you get a pretty good list of what they are doing to other places.

    • by Dunbal ( 464142 ) * on Monday December 31, 2018 @07:35AM (#57883302)

      3. Back doors are already being used for data snooping.

      Hell, FRONT doors are already being used for data snooping. Well you clicked "I agree", right?

    • by JaredOfEuropa ( 526365 ) on Monday December 31, 2018 @08:05AM (#57883378) Journal
      Speaking as someone from western Europe, the problem with Huawei is that in geopolitical terms China is not an ally by any stretch of the imagination. The USA are. If there's any serious trouble, we do not have to worry about the USA shutting us off unless they decide at some point that we are no longer allies. The biggest worry is that equipment from the US has some backdoor (installed on behest of the government or whatever) that the Chinese can exploit.
    • What is the purpose of your saying this? If it's to claim that it's all perfectly okay and no one should give a damn, then you can get fucked.
    • "isn't immune to US government influence" is a gross understatement (I assume you were being ironic!). We know that US companies up and down the stack have been clandestinely legally compelled to compromise user security in favor of national security goals.

      Software: NSA-designed Ecliptic Curve encryption algorithm adopted by companies (RSA, Microsoft, Cisco) despite widespread suspicion that they were designed with backdoors: https://en.wikipedia.org/wiki/... [wikipedia.org] ...and then all the stuff Snowden exposed. Heck,

  • The real reason (Score:5, Informative)

    by DNS-and-BIND ( 461968 ) on Monday December 31, 2018 @06:27AM (#57883158) Homepage

    7. Huawei phones lack the backdoors that allow the US intelligence community to spy on its own people.

    That's it, really. They don't trust us, not at all. You really have to wonder why? Why do they feel the need to spy on us and know what we're thinking? Our elected government made this illegal, and the intelligence community promptly broke the law and lied about it.

    On March 12, 2013, Director of National Intelligence James Clapper told Congress that intel officials were not collecting mass data on tens of millions of Americans. NSA whistleblower Edward Snowden soon revealed material that proved Clapper's testimony false: The government had been gathering and storing data from ordinary Americans' phone records, email and Internet use. [wikileaks.org]

    They don't feel any obligation to us at all. It's OK if they break the laws we passed with our elected government and lie to our faces - they don't feel safe if we can keep secrets from them. Fuck democracy, they have wars to start. [youtu.be] If we all started buying Huawei they would feel very unsafe indeed.

    • Re:The real reason (Score:5, Interesting)

      by Dunbal ( 464142 ) * on Monday December 31, 2018 @07:45AM (#57883338)
      I had never heard of Huawei until I moved back to Costa Rica earlier this year. I was basically GIVEN two of their phones by the local phone company - they're that cheap. And they're pretty good. I don't use them because I still have my Samsung but I had a look at them. Given what they offer (a lot) for what they cost (almost nothing), I can understand why the US cell phone market is shaking in its boots. This is not so much about spying and 100% about the oligopolies making sure they don't lose market share. Anyway, I have 2 spare phones.
      • That sounds good, but only if you have no clue who makes the alternatives.

        For example, your Samsung isn't from the US.

    • by Ramze ( 640788 )

      The US intelligence community doesn't have backdoors into all phones. They have backdoors into the phone carriers for certain, though. AT&T, etc have fiber optic runs to spy closets where audio is recorded and speech-to-text tools are used to help search for key words. Snowden wasn't even the first to know about it. I remember when Shia Labeouf talked about it during an interview where he worked with the feds to prepare for a movie. He mentioned government spying, and the feds played him back a recordin

      • The reason it was recent is that Huawei is pretty new. Their market position was developed instantly, because they're part of the Chinese government.

        Your comments about the US intelligence access at the network level are important to understanding this though.

        The US government can spy on things just fine if you have a Huawei phone. So it isn't about that.

        And it seems basically reasonable that it is a security risk for a foreign power with very very very different laws and civics to be in a position to disru

    • I wonder if this is a factor in their efforts to make if very hard to root their phones.
  • by bogaboga ( 793279 ) on Monday December 31, 2018 @06:50AM (#57883200)

    I set it's a bunch of "possibilities"...

    "Could be"..."Could" and so on...

    Chinese firms will ship tech to countries in defiance of a US trade embargo.

    Why should foreign entity obey US law is I may ask?

    . Huawei isn't as immune to Chinese government influence as it claims to be

    Let's remember we have the NSA that has done more or less the same, even in defiance of US law...

    • Re: (Score:2, Informative)

      by Anonymous Coward

      Chinese firms will ship tech to countries in defiance of a US trade embargo.

      Why should foreign entity obey US law is I may ask?

      They don't have to obey US law. However, the US is within its rights to say that it will not allow US trade with a firm that breaks its embargo. These days almost every non-trivial item has components that are built/designed/licenced by US firms. So you can trade with, e.g. Iran, but your firm will no longer be able to get supplies of US components, software, equipment, etc. and the US will refuse to trade with you or any of your suppliers. Which pretty much means you're screwed if you trade with a country

  • by dnaumov ( 453672 ) on Monday December 31, 2018 @07:13AM (#57883232)

    Huawei / Chinese meddling is not in any way more or less suspect than Cisco / US meddling. Everybody is a suspect. Why would/should it be otherwise?

    • Actually it is different. With Huawei we all instinctively know this to be the case because... China. With Cisco we've already seen proof.

    • Well, Ivan, see, it is like this; if you're smart enough not to trust anybody, then you should prefer equipment made by companies who are under the same type of government system that you are.

      Americans and Europeans have mostly compatible civics, and so if the Europeans do something really naughty to me, they risk being punished by their own government. Same in reverse; if an American company does something really naughty to Europeans, they'll get in trouble.

      If a Chinese, or Russian, company does something

  • by Anonymous Coward on Monday December 31, 2018 @07:24AM (#57883262)

    1. There could be "poison" in Chinese food.
    2. ... That even close inspections miss.
    3. Chinese waiters could be used for snooping.
    4. The rollout of Chinese restaurants will make everything worse.
    5. Chinese restaurants will ship food to countries in defiance of a US trade embargo.
    6. P.F. Changs isn't as immune to Chinese government influence as it claims to be.

    • This is why most Americans already switched to Thai food.

      Which is why Thai restaurants stock chopsticks. In Thailand, chopsticks are only used to eat Chinese food. But they know their American customers are switching away from Chinese food, so they stock the chopsticks.

  • by Dunbal ( 464142 ) * on Monday December 31, 2018 @07:31AM (#57883286)

    "could"

    There could be all that stuff in products from other countries, too. Heck, even American products could have these things. Maybe America should just stop trading with everyone and jump incestuously in bed with itself, and hope its own manufacturers are completely honest and transparent, just as they have turned out to be so far in history...

    Could indeed... Or maybe you should do it the old fashioned way, and actually find the person guilty before executing them.

  • by DaMattster ( 977781 ) on Monday December 31, 2018 @07:32AM (#57883292)
    Probably the best way to keep your network security is to neither use Chinese nor US Branded equipment. Instead, employ a little do it yourself mentality. I built my own and it's powered by OpenBSD. Still no guarantee but it's a lot more secure than all of the shitty stuff out there.
    • I presume you are using a processor without speculative execution?

      Without open software AND hardware, it's all just wishful thinking.

  • by Artem S. Tashkinov ( 764309 ) on Monday December 31, 2018 @07:55AM (#57883356) Homepage
    When you think about it, nowadays you cannot trust any high-tech gadget/piece of equipment unless you 100% control each step of its development and production which is quite expensive and complicated for companies/governments however if you are an end user you have to treat everything as compromised by default and work from there. You might feel quite unnerving and powerless but that's what it is.
  • Somebody discovered a small plate at Donald Trump's hip. According to it, was produced by Huawei.
  • by jellomizer ( 103300 ) on Monday December 31, 2018 @08:35AM (#57883464)

    There seems to be a lack of interest in actually testing systems to see if the meet national security guidelines. Believe it or not these things are not black-boxes if people open up the cases, put them in Faraday cages. Monitor what its out put it, and traffic to see where things go, what ports are open....
    You can take the chips off the board and be sure they are doing what the specs say they should be doing.
    In case of Flash software, you can demand the source review it, and compile it at your country and flash it onto a device.

    I know policy makers don't want to use specialists because they are these crazy egg heads who think they know it all, and will often go against their best instincts. But for national security, you probably should trust those people who have studied this stuff and understand the going on. Vs saying it it too technical let ban it.

  • by Daralantan ( 5305713 ) on Monday December 31, 2018 @08:43AM (#57883482)
    Why are 1 and 2 the same reason broken up into two? And 4 doesn't really have anything to do with Huawei.
  • Commies! (Cold War feelings...)
    • What a relief, since we all know there was no danger at all during the Cold War, and nothing bad happened to anybody. [/s]

  • We already know from the Snowden leaks that the US government has the capabilities to do most of the things on that list for network gear from the likes of Cisco, HP, Juniper and other US manufacturers. And given how much more power the Chinese have over Chinese companies and their employees (unlike the US, the Chinese government has no problems telling people "do what we want or your family will be executed") its logical to assume China can do everything the US can and more.

    That said, what the hell are gov

  • Since Huawei makes so much telecom equipment it makes a kind of sense to be leery of that, but why all the attention given to the phones? There are dozens of other Chinese phone makers, and none of those are mentioned.
  • The main fear is that Chinese equipment lacks NSA backdoors.
  • From the article: "In its defense, Huawei can point to the fact that no security researchers have found back doors in its products. âoeThereâ(TM)s all this concern, but thereâ(TM)s never been a smoking gun,â says Paul Triolo of the Eurasia Group. While thatâ(TM)s true, it wonâ(TM)t change the view of the US, which is stepping up its efforts to persuade its allies to keep Huawei out of all their networks."

    I don't want to defend Huawei, I couldn't care less, however, this whol
  • by BrendaEM ( 871664 ) on Monday December 31, 2018 @10:46AM (#57883996) Homepage
    I am not making excuses for Huawei, and we shouldn't make them for Microsoft, either. A few months ago, my computer was one of the many that de-authorized by Microsoft because of the bug in their servers, only for a day, but Windows 10 appears to have a kill switch.
    • All software-as-a-service has an inherent "kill-switch" type of functionality, even when not intended.

      Why would an OS-as-a-service be an exception?

  • And none of the accusations has been proved, whereas with american made hardware it has already been proved to contain killswitches and backdoors.. So stop pointing fingers to others if you do it yourself even worse..
  • ... to push for a secure phone architecture. Isolate the baseband h/w from the memory and CPU in a phone. I don't trust Chinese, American or Swedish networks. Treat your cellular provider like the suspect WiFi in a coffee shop.

  • The underlying problem remains: average people in the US and China have been painstakingly prepared to accept as a given that their personal information has no real value. So when they learn about this kind of grotesque invasion of privacy, their usual response is to shrug and say something like, "Who cares? The government has better things to do than check out my porn collection". That's a dangerously naive view, but it is a popular one.

    It means arguments about how one side's communications tech is jus

  • When you basically export your company's entire business overseas.

    Especially to a hostile nation...

  • You raving lunatics who say this are the same types who supported the Nazis and Hitler's Third Reich!!!! Forced organ harvesing of political prisoners and religious prisoners, disappeared human rights attorneys and pro-democracy activists, etc., etc., ad nauseum. "China isn't perfect . . ." Are you completely insane??? http://www.filmsforfreedom.com... [filmsforfreedom.com]

"All the people are so happy now, their heads are caving in. I'm glad they are a snowman with protective rubber skin" -- They Might Be Giants

Working...