Huawei To US Government: Please Investigate Us
from the nothing-to-hide dept
Interesting strategy from China's telco networking giant Huawei in dealing with security fears from the US government: it's asking the US government to do a full investigation of the company to satisfy itself that there's nothing questionable going on. Obviously part of the idea is a PR move, to show that the company has nothing to hide, but it's pretty rare to see a company so openly ask a government to investigate it. I guess it's Huawei's attempt to call the US government's grandstanding bluff.Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: china, investigation, us
Companies: huwei
Reader Comments
Subscribe: RSS
View by: Time | Thread
China: "Trust us!!"
US:(in an uncommonly wise decision)"Umm... No... We asked security people and they ALL said it was a bad idea."
China:"Then come check us out... see how we don't do anything bad"
China to themselves:"Thats right... check us out once... and approve our hardware for your system critical infrastructure... which the Internet has now become.. then we'll insert backdoors into hardware we sell you later that we can use to spy, sabotage, etc. on you..."
As an aside... All they would have to do is use DRM techniques to hide "code"(instructions, but ehh...) in the hardware, and then have it start 'calling home' in 2 years. Not to equate all DRM with "Evil" China... But still imagine a hardware version of the Sony Root-kit on all the networkings switches installed at banks... or power pants...
Where your hardware is manufactured is an important issue. iPhones are only made in China... They are not approved by DoD use.. but Android phones are... Ever wonder why?
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
Hell, do you think that we don't do that with companies in the United States to make sure that there are not any backdoors?
With all due respect, it seems that you are extremely distrustful of China without realizing that they ALREADY make many consumer-level computer goods that are used as military-grade at many places.
China would NOT want the black eye from us finding out that they had put backdoors into the hardware and then have us remove all military hardware manufacturing from overseas and bring it back into the United States.
[ link to this | view in chronology ]
Re: Re: Re:
China is quickly becoming a superpower and it could be that this gesture is to lull the US somewhat.
I'm not necessarily a conspiracy theorist, but I do have to wonder what they gain from this gesture. If the trust of the US to look the other way as China works to copy all of its technology for their own benefit is anything, I'd be very wary of something like this...
[ link to this | view in chronology ]
Re: Re: Re: Re:
Yeah, if you don't know that they already are superpower, you're blind, or USian.
[ link to this | view in chronology ]
Re: Re: Re:
but Let's examine the Pentium 1 CPU Some Facts
- 273 pins
- 3.1 million transistors
Now, let's play a thought experiment...
How many pins are active on the p1? lets say 145 pins(for the sake of nice numbers) that over half of the pins aren't used for logic , and that only 128 pins are used for any type of logic/flow control.
Now.. It would take 2^(128) possible input combinations to test all possible inputs.
Now.. Remember that ICs have memory in them... (let alone complex sequential logic sequential logic)
Now.. 2^(128) different combinations to test... hmm sounds like cryptographically secure to me
Now.. You have to try hundreds.. if not thousands.. of tests for each possible combination of each of these 2^(128) possible inputs...
I'm not sure this is the way to try and test this... (Especially if they put DRM in the chip to stop you from figuring this out, which would mean you are trying to break copyright...{yeah yeah... gov't can do that, but you get my point})
If you know how to do this, in some kinda of way that isn't exponential time... Then please let me know. Normal means to test for fault tolerances in IC isn't going to work b/c we aren't looking for "bad" data, where we know how the chip is designed, we are looking for backdoor access... which can be deeply buried in non-obvious logic areas.
OHHH and do this for every chip on every device every time you buy a device.
Perhaps I'm completely wrong... and the idea that "DRM"-like hardware being inserted into ICs but I don't think so.
I have friends who live in China, I am not attacking China, hence the "evil" in my comment, sorry for omission of -sark-mark- *sigh...*
And about the question of "Hell, do you think that we don't do that with companies in the United States to make sure that there are not any backdoors?" ... Um... Have we done this for MS Windows? Have we done this for... Sony Music CDs? Have we done this for...
I somehow doubt that this is S.O.P. for electronics (NSA/DoD... MIGHT be the exception, but I doubt it)
My original point was that we shouldn't trust production of system critical infrastructure to foreigners (no matter what country they come from). Due to it being too easy to inject some extra little "logic code" into ICs.(that doesn't even have to be on every device, one in a hundred is good enough for "bad" purposes)
[ link to this | view in chronology ]
Re:
From a less theoretical point of view, check out the Underhanded C contest: http://underhanded.xcott.com/ It's a contest to demonstrate how you can write code that is _meant_ to be audited, yet still do the opposite of what it seems to do. I've been in the business for a while, and it still impressed the hell out of me.
So - auditing can help, but it doesn't cut the muster. And, as has been pointed out, auditing today doesn't mean a lack of naughtiness tomorrow. Of course, sticking with US manufacturers doesn't mean that there aren't backdoors either...
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Huawei lead are jerks
Since chinese govenrment gives a lot of money to Huawei, they dictate the Huawei strategy. This is of course to compete and take th eUS out of business, and in particular weaken Us military superiority by stressing the US economy by selling Huawei equipment in the US.
Huawei does espionage, and they are hard to discover. They reverse engineer everything they can to compete.So why should US goverment trust them? There is no way we should. huawei treat its chinese employess in china like crap, so it is clearly doing business and keep cost low. However, chinese are very nationalistic andthey want to work for Huawei. Many Telco multinationals in china employ chinese engineers that then go to Huawei and transfer the intellectul property.
Also consider that Huawei spend little money in R&D beacuse they copy everything. Under mandate form chinese goverment, Huawei wants to dominate the world by putting out of bussines Ericsson, NSN and Alcatel-Lucent using predatory practices. They are filfhy and do not deserve US goverment trust.
In the long term it is foolinsh to let the chonese Telco equipment be sold to Verizon, AT&T an Sprint. If we have a war with China, our telecommunication infrastructure is completely compromized: wirless services (2/3/4G) and wireline services. Forget it, US carriers buying Huawei equipment is be a VERY stupid thing to do.
[ link to this | view in chronology ]
huawei makes junk
I have worked for T-Mobile for 6 years and the huawei hardware has been the worst I have ever seen. Letting them build anything that is part of critical infrastructure is a HUGE mistake.
[ link to this | view in chronology ]
Seen my share of "Quality Control Audits' over the years...
[ link to this | view in chronology ]