UK security experts admit same risks exist with all foreign telecoms, as Huawei is approved for EU and beyond

[Delicieuxz]

Recently, it was reported that the UK was allowing Huawei to develop up to 35% of the UK's non-core 5G infrastructure. Some have questioned why the UK would allow an alleged security threat to develop any amount of its potentially-exploitable technology infrastructure. But security experts say the issue isn't specific to Huawei and the same risk can come from any 5G supplier, and so diversifying to mitigate dependency is a calculated tactic.

 

UK security experts finally admit Huawei is not the only security concern

Quote

The risk of focusing too explicitly on one area, vendor or technology is a lack of attention elsewhere, but here, the National Cyber Security Centre seem to have finally admitted it’s not all about Huawei.

 

This is the precarious position the UK is in. Many in the industry are focusing on the threat of Huawei due to indirect links to the Chinese Government, and seemingly not taking into consideration of the risks elsewhere. Huawei should be considered a risk when we are discussing critical infrastructure, but so should Nokia, Ericsson, Cisco and any other technology vendor.

 

To date, most discussions have focused on whether exposure to Huawei or Chinese companies should be limited, but the real key to these discussions should be how to mitigate risk irrelevant as to where is comes from.

 

“In other words, if this sort of disruption is possible via Huawei, then it’s possible in all sorts of other ways too that should also be of grave concern,” said Ciaran Martin, CEO of the NSCS. “And it means we’ve built the networks the wrong way. The technical job of the NCSC is to make sure they are built in the right way.”

 

While it was reported widely that UK had approved Huawei for development of their 5G, what wasn't as widely reported is that Huawei has also recently been receiving approval or support for their involvement in 5G development in the EU and India.

 

The European Commission's issued guidance on 5G roll-out did not ban Huawei but suggested that “high-risk” suppliers should be subject to “relevant restrictions”.

 

EU defies US’ calls to ban Huawei, granting Chinese tech firm limited role in 5G rollout

 

Some specific countries in the EU have voiced support for Huawei, including Italy and Germany - with Germany pointing out late last year that Germany didn't move to ban US tech companies after revelations that the NSA was spying on their Chancellor's private communications.

 

Huawei should not be banned from 5G deployment in Italy – economic development minister

‘We did not boycott US firms during NSA scandal’: German minister defends move to include Huawei in country’s 5G network

NSA tapped German Chancellery for decades, WikiLeaks claims

 

And last December, Huawei was named as the 5G supplier of choice for O2's German infrastructure development.

 

Mobile provider O2 chooses Huawei to build its German 5G network

 

Huawei has also been given the go-ahead to commence 5G trials in India, which is the second-biggest mobile market in the world after China.

 

‘We have full confidence in Modi’s govt’: Huawei thanks New Delhi after being cleared for 5G trials

 

 

 

It seems to me that most of the noise about Huawei's 5G comes from the US, while other countries are not nearly as polarized in their estimations of where the potential risks are.

 

The US is no stranger to employing FUD to try to muscle its competitors out of influence and benefit, be it economic, technological, or geopolitical, while trying to move the US into a position of greater influence and benefit. In fact, from what I've seen, it's a routine tactic of the US.

 

And so, when I hear the US decrying countries for considering or approving Huawei 5G, I can't but see it as self-serving hypocrisy considering that, according to leaked CIA documents branded by WikiLeaks as the Vault 7 documents, and also according to the information released in various public scandals, and the public statements by NSA whistleblower Snowden over the previous few years, the US state has hacked, backdoored, or infected:

 

- most-all software
- most-all cellphones
- most-all routers
- the government offices of many of its closest allies (for example, the NSA was eavesdropping on Germany's Chancellor for decades - and maybe still is)
- a large number of the biggest harddrive manufacturers: Russian researchers expose breakthrough U.S. spying program

 

And considering that the US state is responsible for Total Information Awareness, PRISM, XKeyscore, DARPA's Lifelog (AKA Facebook), and funds the NATO propaganda branch called Atlantic Council that oversees Facebook's content regulation, and that thousands of US tech companies swap data with the US state, while all US (and I think Canadian) internet traffic passes through NSA surveillance hubs that are spread across the US state. I also think of the fact that the US state intercepts and bugs server shipments before they reach their destinations, and that  the US state pays tech companies to put backdoors into their hardware and software for the US state to exploit.

 

And then there's Snowden comment NSA workers intercept and share people's sexts messages around the NSA offices.

 

Edit: And now this:

On 2/14/2020 at 10:01 AM, Delicieuxz said:

Ironically, the US government's new charges against Huawei are heavily undermined by a major new scandal of not just mere allegations, but new factual revelations that the US government itself has been intensely spying, using hijacked tech, on over 120 countries, including its closest allies and rivals alike, for decades:

 

How the CIA used Crypto AG encryption devices to spy on countries for decades

 

Basically, the CIA, together with Germany's intelligence agency, BND, covertly purchased a Swedish cryptography company that supplied their machines to countries around the world, and had uncensored backdoor access to all the messages sent though the company's machines. The US and Germany were spying on all the most intimate communications of those countries' governments, militaries, and probably many corporations for decades. Though Germany ducked out of the project in the 1990s, the US continued to operate it on its own allegedly until 2018.

 

...

 

Crypto CIA spy op revelations makes us see US’ Huawei objections in a new light

 

So, when I hear US complaints about other countries approving Huawei 5G, I can't help but strongly suspect it's because the US doesn't want a potential competitor to its own spying and that the US is resenting not being able to set up more of its own covert spying technology in other countries.

[Fasauceome]

13 minutes ago, Delicieuxz said:

It seems to me that most of the noise about Huawei's 5G comes from the US, while other countries are not nearly as polarized in their estimations of what where the potential risks are.

 

but...but...muh China...

 

honestly I don't care what country rolls out 5G first, as long as I can actually make out people's voices when I get a phone call. Enough bandwidth for intelligible voices is worth it at just about any cost.

[desertcomputer]

35 minutes ago, gabrielcarvfer said:

Their products work, prices are fine, researchers are awesome, but their image is pretty bad due to the lack of transparency.

The whole story of being controlled by their own employees fund is an obvious scam.

If Huawei really wanted to convince people they're not such a big threat, they should open up the company.

Selling equity shares and receiving regular external audits requested by minority shareholders is a good way of improving their image.

 

P.S.: As the OP said, a ton of US companies proven time and time again that they're just as bad or worse than a company ran by an authoritarian government. It's a shame shareholders won't kick the boards after those episodes, regulators won't punish them, cases are settled with bare minimum damage to the culprits, while everything ends up being forgotten. (e.g. Equifax leak)

 

If only we could trust our government to not do shady shit.

[Brooksie359]

This topic is very political and will probably be locked. That being said I think the reason why people are afraid of China's link to Huawei is because china has been know to steal ip and do so without much recourse options for the holders of the ip because of China's ip laws being super biased. 

[Salv8 (sam)]

at times i wish that the human race never existed...

a man can dream...

for now, i pray to my god to punish my race for their sins:

 

[Fnige]

21 hours ago, desertcomputer said:

If only we could trust our government to not do shady shit.

When pigs fly

[spartaman64]

i remember in an interview the president of huawei said that huawei has been under a microscope since day 1 and if they had put any spyware or spy chip in their products they would not have survived a single day. i imagine theres probably some CIA lab somewhere going through every huawei product with a fine comb and at this point i havent seen the US government offer at evidence of such so i think its more political than actual security concerns.

[FakeCIA]

https://gizmodo.com/new-huawei-indictment-by-u-s-government-includes-rico-1841674124

 

Huawei responded to allegations that it is running a "criminal enterprise," as compared to the previous charges of privacy infringement, corporate espionage, and tax evasion. They also claim that these charges are without merit.

 

My opinion: Due to Huawei's connection to the Communist party in China and the way companies work over there under the control of the government, the idea that there is spying going on is a very real idea, but "innocent until proven guilty" is my motto.

[FakeCIA]

15 minutes ago, Lauren Harper said:

https://gizmodo.com/new-huawei-indictment-by-u-s-government-includes-rico-1841674124

 

Huawei responded to allegations that it is running a "criminal enterprise," as compared to the previous charges of privacy infringement, corporate espionage, and tax evasion. They also claim that these charges are without merit.

 

My opinion: Due to Huawei's connection to the Communist party in China and the way companies work over there under the control over the government, the idea that there is spying going on is a very real idea, but "innocent until proven guilty" is my motto.

Correction: Not tax evasion (though that could be happening too), but sanction evasion when interacting with Iran and other Middle Eastern countries.

[FakeCIA]

Prosecutors claim that Huawei is working with Iran and North Korea

[Delicieuxz]

3 hours ago, Lauren Harper said:

https://gizmodo.com/new-huawei-indictment-by-u-s-government-includes-rico-1841674124

 

Huawei responded to allegations that it is running a "criminal enterprise," as compared to the previous charges of privacy infringement, corporate espionage, and tax evasion. They also claim that these charges are without merit.

 

My opinion: Due to Huawei's connection to the Communist party in China and the way companies work over there under the control of the government, the idea that there is spying going on is a very real idea, but "innocent until proven guilty" is my motto.

 

No matter how many allegations (charges) the US makes and how serious they are, they are still allegations and not evidence or proof.

 

The US government has been coming at Huawei from many angles, with a goal being to cut-off the company from as many markets as possible, particularly concerning Huawei's 5G. But, as illustrated in the OP, it hasn't worked so far: Despite the US' accusations and criminal charges, Huawei continues to be approved to keep developing their technology around the world, including in some of the US' closest partner countries.

 

Once Huawei's 5G is developed it'll probably be too late for the US to do anything about it, and the US government's existing charges against Huawei might take years to be concluded in court. One move the US government can still try is to ratchet up the number and seriousness of its charges against Huawei, with the tactic being that it doesn't matter whether they're true or not (from the perspective of the goal of the US government) because if the mere allegations influence other countries to not allow Huawei 5G development, then somebody else will develop 5G in those places and by the time the accusations are found to be meritless (if they are) it will be too late for Huawei to still have 5G presence in those countries.

 

If, from the perspective of the US government, the goal of the charges is simply to prevent Huawei 5G from being constructed in as many countries as possible, then it doesn't matter whether the accusations are true or not, it only matters if they result in other countries choosing to have somebody else develop 5G for them while Huawei fights the charges in court.

 

 

Ironically, the US government's new charges against Huawei are heavily undermined by a major new scandal of not just mere allegations, but new factual revelations that the US government itself has been intensely spying, using hijacked tech, on over 120 countries, including its closest allies and rivals alike, for decades:

 

How the CIA used Crypto AG encryption devices to spy on countries for decades

 

Basically, the CIA, together with Germany's intelligence agency, BND, covertly purchased a Swedish cryptography company that supplied their machines to countries around the world, and had uncensored backdoor access to all the messages sent though the company's machines. The US and Germany were spying on all the most intimate communications of those countries' governments, militaries, and probably many corporations for decades. Though Germany ducked out of the project in the 1990s, the US continued to operate it on its own allegedly until 2018.

 

I used the phrase "self-serving hypocrisy" in the OP to describe the US government's accusations against Huawei, and it appears that I hit the nail on the head.

 

Crypto CIA spy op revelations makes us see US’ Huawei objections in a new light

[FakeCIA]

When it comes to spying, I'll definitely agree that it may be necessary in this post-9/11 world, but when it comes to China spying on me, I'll actively reject their authority, especially if they use Huawei to do it. I'm not a fan of spying on any event, but I do agree that surveillance in a reasonable and sound manner is required for the general safety of all. Snowden touched on this a little bit in his most recent interview a couple weeks ago.

[Xiee]

2 hours ago, Lauren Harper said:

Prosecutors claim that Huawei is working with Iran and North Korea

Hasn't it been known for a while that Huawei does the phone infrastructure in Iran? I mean they do get most of their oil from them after all.

[FakeCIA]

1 hour ago, Xiee said:

Hasn't it been known for a while that Huawei does the phone infrastructure in Iran? I mean they do get most of their oil from them after all.

Huawei was Iran's primary infrastructure source during the Bush administration or one of. After further crackdown on al'Qaeda during the end of his term, Huawei basically said F that and moved out of the Middle East unofficially at the beginning of Obama's second year. They left alot of their infrastructure behind which is one of the causes for tension, as radicalist groups like ISIS have taken control of it according to rumors in the intelligence community. Those are just rumors though, but they do make sense given the nature of how groups like ISIS operate. I wouldn't go and say that Huawei is intentionally working with terror groups, but it is an idea that is floating around, but not one I fully support. As for the oil, well that's another thing entirely.

[Curufinwe_wins]

9 minutes ago, Lauren Harper said:

Snip

(Adding to this)

 

Plus we know (literal recent confirmation with project Minerva) that the CIA clandestinely owns and operates telecom/security firms and sells compromised software/hardware to even our European allies (along with obvious countries like Iran and the like whenever we can).

 

So it really is a real risk for any country to deploy technology from firms outside their control and the diversification argument is a strong one if you, like the UK, cannot afford to prop up a company to develop and manufacture the required infrastructure directly. The US sort of can, but will inevitably be relying on factories from other countries, but this is exactly why every country from the US to Iran to China to Russia is working to isolate their technology from foreign companies as the lines between sovereign states and corporations blur ever more.

 

(For the record, I don't actually think the ban makes sense, but it's understandable, at least in principle. The very fact that we have delayed this supposedly massively important separation 4 times now shows how much it doesn't make sense in practice.)

[FakeCIA]

1 minute ago, Curufinwe_wins said:

(Adding to this)

 

Plus we know (literal recent confirmation with project Minerva) that the CIA clandestinely owns and operates telecom/security firms and sells compromised software/hardware to even our European allies (along with obvious countries like Iran and the like whenever we can).

 

So it really is a real risk for any country to deploy technology from firms outside their control and the diversification argument is a strong one if you, like the UK, cannot afford to prop up a company to develop and manufacture the required infrastructure directly. The US sort of can, but will inevitably be relying on factories from other countries, but this is exactly why every country from the US to Iran to China to Russia is working to isolate their technology from foreign companies as the lines between sovereign states and corporations blur ever more.

 

(For the record, I don't actually think the ban makes sense, but it's understandable, at least in principle. The very fact that we have delayed this supposedly massively important separation 4 times now shows how much it doesn't make sense in practice.)

To add further to this, while I support the United States as a citizen, I do not support unreasonable and aggressive actions taken by the current administration or past. As for tech being made outside the United States, I am on either side of that argument. On one end, it improves international trade and cooperation so you get something like the International Space Station. On the other end, it opens up national security risks regardless of the countries involved. As for Project Minerva, it is certainly not on the same level as MK-Ultra, but I would consider it completely unnecessary and far too aggressive of a movement to continue.

[Curufinwe_wins]

8 minutes ago, Lauren Harper said:

To add further to this, while I support the United States as a citizen, I do not support unreasonable and aggressive actions taken by the current administration or past. As for tech being made outside the United States, I am on either side of that argument. On one end, it improves international trade and cooperation so you get something like the International Space Station. On the other end, it opens up national security risks regardless of the countries involved. As for Project Minerva, it is certainly not on the same level as MK-Ultra, but I would consider it completely unnecessary and far too aggressive of a movement to continue.

Yep. Even as a US citizen. Building compromised systems intentionally is bad for everyone. Its bad for governments and citizens. It is impossible to build backdoors that are not abusable by other actors. And every point of entry gives more opportunities for the real weakest link (humans) to muk things up and be themselves socially engineered/bypassed for unsecure operation.

[FakeCIA]

This is an interview with Edward Snowden relating to this subject. It aired Sep 20 2019.

[jagdtigger]

On 2/7/2020 at 4:23 PM, spartaman64 said:

so i think its more political

Yep, if something is not to their liking they will do everything in their power to make it disappear, same tactic was used against VW(just think, how many other car manufacturers where fined as heavily, at at all.....)

[greenmax]

Who did Huawei bribe to get into the EU?

[Delicious Cake]

Intel's campus in Israel is one of their most important R&D facilities. They've been a key/primary group in the design of pretty much every Intel CPU since the conroe days.

 

The IDF is well known for planting its former and "former" cyberwarfare soldiers into tech firms. Well, not so much 'planting', as it doesn't even qualify as an open secret at this point and is just standard practice by them now.

[AngryBeaver]

I personally have to agree with the actions taken against Huawei. I once had a really old phone by them... then one night I looked over and it turned into a mini terminator and well RIP my dog sparky. They aren't only spying on us they are also sending over destroy bots! 

[vorticalbox]

I have a firewall on my phone that notifies me when an app tries to connect to the Internet, last phone was an s8 this one a p30 Pro and the s8 called home multiple times more than the p30 does 

[greenmax]

Government is stupid

 

Don't trust them!

 

Don't trust any government!

 

As they are stupid!

 

 

What "UK Security Experts" are we talking about?

Hope they arent governemnt.

[FakeCIA]

3 minutes ago, greenmax said:

Government is stupid

 

Don't trust them!

 

Don't trust any government!

 

As they are stupid!

 

 

What "UK Security Experts" are we talking about?

Hope they arent governemnt.

Paranoid much?