Canada Set To Ban Chinese Tech Giant Huawei From 5G Network 70
Canada is planning to ban Huawei from working on Canada's fifth-generation networks. CBC.ca reports: The move puts Canada in line with key intelligence allies like the United States which have expressed concerns about the national security implications of giving the Chinese tech giant access to key infrastructure. [...] Critics have warned that Huawei's participation in Canada's 5G networks could give the company an inside look at how, when and where Canadians use internet-connected devices -- and that the Chinese government could force the company to hand over that personal information. China's National Intelligence Law says Chinese organizations and citizens must support, assist and co-operate with state intelligence work. [...] Huawei insists it is a fiercely independent company that does not engage in espionage for anyone, including Beijing.
Huawei already supplies some Canadian telecommunications firms with 4G equipment. As Global News has reported, telecommunication companies spent hundreds of millions of dollars on Huawei equipment while the federal government's review of 5G was ongoing -- although that number has waned over the years. It's not clear whether Ottawa's decision to bar Huawei from 5G will require those companies to rip out existing Huawei equipment, or whether compensation would be provided.
Huawei already supplies some Canadian telecommunications firms with 4G equipment. As Global News has reported, telecommunication companies spent hundreds of millions of dollars on Huawei equipment while the federal government's review of 5G was ongoing -- although that number has waned over the years. It's not clear whether Ottawa's decision to bar Huawei from 5G will require those companies to rip out existing Huawei equipment, or whether compensation would be provided.
Re: (Score:2)
Care to explain your reasoning on that?
I mean, are you suggesting that you think that Huawei has a rightful place in a democratic country like Canada, or what?
Re: (Score:2)
It's AC = Annoying Cunt (in the British sense). What permeable form of reason are you hoping for?
Re: (Score:2)
Re: (Score:2)
Just the ACK.
Re: (Score:2)
It's not unreasonable that a nation would put its own self-interests or its own security ahead of the interests of international commerce.
Western protectionism (Score:1, Interesting)
It's not Canada's fault. They need to do what the US tells them. And the US is scared of competition from China.
Re: (Score:3, Insightful)
its not competition when they steal all your shit and make clones of it using slave labor
Re: (Score:1)
Also the Chinese state are engaged in crimes against humanity, expansionism generally hostile behavior to the people of the world, especially their own. Anyone who lets them onto a communications network is insane. The article mentions everyone is required to cooperate with state intelligence but it neglects to mention the s
Re: (Score:2)
wow, you are a good little lapdog, maybe pooh-bear will let you out of your apartment today to collect some rations
Re: (Score:1)
Trust (Score:1)
Re:Trust (Score:4, Insightful)
You mean like CSCO, the NSA, CIA, DHS and the Russians. /s
Whether Huawei has engaged in any spying is still up in the air, but all those listed have been shown to have spied on Americans.
Re: (Score:3)
Re: (Score:1)
Re:Trust (Score:5, Insightful)
Unfortunately Nortel went bankrupt so now we have a choice between possibly being spied on by the Chinese or definitely being spied on by the Americans. Americans win because they're closer and we need to sell stuff to them.
Re: (Score:1)
Re: (Score:2)
Guilty of too much success? (Score:3, Interesting)
I better start with the disclaimer: I bought a lot of Huawei devices and was consistently satisfied with the value received. Yeah, the support was lousy, but that's just today's norm and the value was consistently good.
Do I trust Huawei? Not really, but I don't really trust any corporate cancer. I somewhat trust the security experts who investigate these things, and on that count I trust them to investigate any big (or too big) company. But mostly I trust the market in this kind of situation. Huawei has too much to lose if it gets caught cheating the customers.
But what about past sins? Especially IP theft. Sorry, but I think all of the big "winners" are just about equally guilty. The main difference is victors' justice, usually lubricated with bribes to politicians to remove those little legal "stigmas". If the corporation gets big enough, it can't possibly be doing anything that is too illegal. Doesn't matter which countries the professional politicians claim they are working for, because the truth these days is that they're always working for themselves. (Maybe that guy in Singapore qualifies as an exception? And some of the Aussies, Danes, and Kiwis seem unusually okay?)
So I mostly feel like Huawei got targeted for being too successful. But my policy is to stay out of such disturbed and muddy waters, so no more Huawei devices for me. The biggest problem for me is that the same thing could happen to any other brand I get too fond of for the same reasons... Less likely for American corporate cancers, but strong evidence that they are even less trustworthy and more abusive of my personal information, at least based on any evidence I've seen directed at Huawei.
Re: (Score:3)
I suspect you're absolutely right, but maybe not quite in the obvious way. Every device Huawei sells is one that doesn't have an American back door in it.
Re:Guilty of too much success? (Score:5, Interesting)
Funny way to put it, but I predict the moderators won't laugh. I actually think the security experts have to look at these things sideways. Remember the American back doors could be detected by the Chinese (or European) security experts, and that could damage the reputation of the American companies. Therefore I'm pretty sure that the modern back doors are cleverly disguised.
Two obvious approaches come to my mind. One is via plausible deniability via hardware features that just happen to support malware attacks. The malware would never ship with the devices, but could be installed later into the targets using those features. I think the update mechanism plus volatile memory would be the keys to these approaches. The update mechanism would need to probe its environment looking for network changes that indicate new investigations and the volatile memory would hold the attack code so the code would disappear when they investigators got too close.
The less obvious approach is better, but tougher work. It would be based on the source code revealing bugs and zero-day exploits that the manufacturers themselves haven't detected. If I was investigating for that angle, I would actually focus on the movement of people, but only in the direction from the company into the government. Moving people the other way would be too obvious and would create counter-security vulnerabilities around the coworkers of the former employees of the government. The main problem here is the risk that the other side's spies get copies of the same source code. You can't prove the negative that they don't have those copies. (But I'm quite confident the American and Chinese governments have copies of "their" companies' source code.)
Re: (Score:2)
I don't know... perhaps the Chinese propaganda farms will fight the American sock puppets. Maybe the Russian trolls will be the tie breaking mods? Slashdot moderation is often more interesting than the stories.
American companies have been caught putting backdoors in their products, and US intelligence officials have at times discussed it fairly openly. I suppose maybe they don't care if they get caught? Or maybe the Chinese are better at being sneaky?
Re: (Score:2)
The last bit is scary, but most of the stuff I've read indicates that the Chinese are focusing on defense rather than offense for the coming cyber wars.
Re: (Score:2)
Re: (Score:2)
I don't think that's generally true, though there are cases where it happens. In particular, if the investigators can get access to the source code then they can often do a forensic analysis and a well-designed backdoor will tend to look like such.
Re: (Score:2)
Re: (Score:2)
When I say well-designed back door, I'm thinking of something that provides desired functionality for the malware, while you seem to be thinking of anything that can be exploited. My basic position on your category is that mistakes of those kinds are going to exist in every complicated piece of software. The easiest way to find the "typos" that can be exploited is actually to study the test cases to find out where the test coverage gaps are, and then study the code that "covers" or "fits into" those gaps. (
Re: (Score:2)
Re: (Score:2)
We still seem to be failing to communicate, but did you consider my later clarification? As I could reword it for this context, there is a large space of problems that can be created by mistakes in the source code, but the mistakes have many effects. I would say they must be at least slightly harmful to quality as mistakes in the first place, but the "useful" bad ones are still rare. (It's also hard to pin most of them in the trivial way we've been discussing. Most of the "interesting" mistakes these days i
Re: (Score:2)
Re: (Score:2)
NAK
Re: (Score:2)
Actually I better clarify a bit. If it looks like a random typo but it actually provides privilege escalation for arbitrary code, then it looks like the blind watchmaker has been there... I've never trusted coincidences.
Re: (Score:2)
...or Guilty of too much Independence? (Score:2)
Re: (Score:2)
Hmm... That sounds more like a conflict between the marketing people and the techies. The salespeople really want to be able to claim there aren't any back doors in there... Yes, I think you'd have to be pretty gullible to believe them, but if Huawei put them in and foreigners know about their existence, then the Chinese are sure that we inscrutable foreigners would leak that the back doors exist.
Re: (Score:3, Interesting)
Huawei was targeted because they became an existential threat to many Western tech companies. Huawei developed much of the core technology for 5G and the latest Wifi standards, which means they get paid royalties by implementers and also got at least a couple of years head start on building compatible equipment.
The trend will continue as Huawei pumps money into R&D, so naturally the West looked at ways to cut the Huawei R&D budget.
As for accusations of IP theft, the only one that seems to have any a
Re: (Score:2)
Basically the ACK, though I disagree with the "existential threat" claim. Strong competition should be an incentive to try harder. It's the crooked rules of the Borked-monopoly game that make everything into an existential threat because each #1 is expected to utterly destroy each new #2.
But I miss Nokia from before MS destroyed it. I still regard Finland as mostly harmless.
Re: Vassal state (Score:4, Insightful)
When has Canada not been somebody's vassal?
Re: (Score:2)
You are confusing vassal with ally.
If Canada could have foreseen the fallout that would happen from detaining Meng, it is a hundred percent certain that Canadian authorities would not have acted as hastily as they did and Meng would have made her connecting flight to depart Canada before the RCMP could apprehend her.
Once detained, since at least part of what she was accused of (in this case, wire fraud) was against the law in Canada, despite the fact that the law was not broken on Canadian soil, rule o
Good - Huawei isn't a real company (Score:1)
Huawei is a foreign intelligence agency masquerading as a business, and they are under no pressure to EVER make money.
Their only job is to get a footprint that they can use as leverage and for intelligence.
Re:Good - Huawei isn't a real company (Score:5, Informative)
Huawei is a foreign intelligence agency masquerading as a business, and they are under no pressure to EVER make money.
Please.... Of course Huawei is a company driven by the overriding goal of making money. I am certain they care little of spying because doing so comes at the cost of losing trust and sales. I could see them spying if they were behind the technology curve and needed to play catch-up - but that is simply not the case. So spying results in little to gain and much to loose.
But then there is the catch. Huawei is a Chinese company that operates in China. Not only that but they owe much of their success to the support of the Chinese government. So at any time the Chinese government could ask them to spy and they would be obligated both politically and legally to do as requested.
And this is the basic problem associated with doing business with a Chinese company. They can not be trusted because they can all be directed by the Chinese government. The difference between a Chinese company and an American one is that at least the American one can say "no" to such requests. For example, Apple not wanting to provide a backdoor to their encryption. Of course American companies can also say "yes" and, if shown enough cash, probably will. But this is still a far cry from what goes on in China.
Re: (Score:3)
So at any time the Chinese government could ask them to spy and they would be obligated both politically and legally to do as requested.
Lucky for your one of your government lackies has sorted this out for your intelligence teams.
https://fee.org/articles/australia-s-unprecedented-encryption-law-is-a-threat-to-global-privacy/
The Australian government has passed a new piece of legislation that, at its core, permits government enforcement agencies to force businesses to hand over user info and data even though it’s protected by cryptography. If firms don't have the power to intercept encrypted data for authorities, they will be forced to create tools to allow law enforcement or government to have access to their users’ data.
If it's illegal to do something locally, they'll ask one of the 5eye team to do it for them.
Re: (Score:2)
But then there is the catch. Huawei is a Chinese company that operates in China. Not only that but they owe much of their success to the support of the Chinese government. So at any time the Chinese government could ask them to spy and they would be obligated both politically and legally to do as requested.
How is that any different to Western companies? They all lobby extensively for subsidies and favourable laws, tying them to the government. The government often supports their efforts to sell products overseas, or to get their products made mandatory or part of international standards.
Then you have things like National Security Letters and the fact that all the major tech companies respond to LEA requests, with the scope of them only limited by a few lawsuits.
A company I used to work for has the US governme
Re: (Score:2)
A company I used to work for has the US government trying to steal our technology, and was busy setting up a subsidiary in California because apparently there is a rule that the US government can't compete with US companies or something like that. I'm not picking on the US, this kind of thing happens everywhere, which is my point.
This is the 3rd time I have read someone mention something like this(in a few years), about US gov not allowed to spy if you got a local subsidiary.
Is there any link with actual info on this? Or is this just a rumour?
Re: (Score:2)
They didn't spy on us, they just bought the product and then tried to build their own clone of it. From what I remember the rule is that the government can't compete with private companies, i.e. if someone makes the thing they need they can't set up a department to make their own one, they have to just buy it. But it only applies to US companies, not foreign ones.
It was in California if memory serves, I thought it was a national rule but it might have been California specific.
Re: (Score:2)
If there is such a rule, I don't think it will be California specific, since it sounds like a federal rule. Can state governments make rules that Federal orgnisations like the FBI have to follow?
Not been to America, so don't know how it works.
Hopefully Canada is ready for retaliation (Score:2)
You can't trust the Chinese... (Score:2)
Re: (Score:2)
Reply (Score:1)
Evidence, please (Score:2)
I'd like to see clear evidence of nefarious behavior by these Chinese companies. Evidence was presented of Russia's plans to invade Ukraine, which raised trust in government motives. Why not here?
Look, I would not be surprised that China is behaving badly, but I have a hard time believing bland statements by the US and its Canadian and other satraps.
Oh, and please convince us that the replacements are better. Perhaps open-source your code?
Trust, but verify.