UPDATE 2 - Czech National Security Agency - Huawei, ZTE are a security threat

[Amazonsucks]

30 minutes ago, leadeater said:

You're criticizing China for not allowing use of western equipment due to their political reasons

No im not. I pointed out that they have been doing it for years already... I think its a smart move on their part. Its what any country with common sense should do.

 

30 minutes ago, leadeater said:

How does this make it better than what China does?

 

It doesnt make it better and it doesnt matter at all. I think its right for nations engaged in active cyber campaigns against each other not to use infrastructure equipment from each other.

 

30 minutes ago, leadeater said:

If there were documented real security risks with the equipment you think that 1.) The license for sale would be revoked 2.) All equipment be removed or required to be removed from such sensitive networks.

You also would think that dual citizenship MPs who work for the Chinese government wouldn't still be serving in parlaiment but here we are.

 

And this video brings up the problem with Huawei as well.

Australia and the US have recently exposed such influence as well so your country isnt alone.

 

But when it comes to the credibility of which country's intelligence agencies to trust, the one being considered for removal from the 5 eyes because of Chinese infiltration probably isnt one of the ones i would trust.

[leadeater]

1 minute ago, Amazonsucks said:

You also would think that dual citizenship MPs who work for the Chinese government wouldn't still be serving in parlaiment but here we are. Australia and the US have recently exposed such influence as well so your country isnt alone.

What does this have to do with the certification for sale of the equipment, that has nothing to do with politicians and they have no influence over it and it's the entire Five Eyes coalition that has certified their sale and verified the equipment is not a security risk.

 

I can understand not allowing the use of the equipment or at least not allowing Huawei to be involved with installing the equipment in critical infrastructure based on national security risks in dealing with the company and it's employees but don't ruin the credibility of the reasoning by trying to state security risks with the equipment when your own security agencies are still certifying the equipment as safe to use and has no security issues found.

 

And like I said before, an individual state/government deciding to block them I don't really care about nor am that particularly interested in but I have a problem when they go around using their influence to get them banned in other countries which impacts existing ongoing projects in those countries. If you want to be paranoid go be paranoid, leave us out of it.

[Amazonsucks]

11 minutes ago, leadeater said:

If you want to be paranoid go be paranoid, leave us out of it.

Did you say the same thing about the NSA after the Snowden leaks? A lot of people seem to forget those until they want to make a "well the US does it too!" argument.

 

11 minutes ago, leadeater said:

like I said before, an individual state/government deciding to block them I don't really care about nor am that particularly interested in 

 

Except lots of countries are banning the use of Huawei and ZTE in critical infrastructure, not just one.

 

Isnt that what half of the outrage is?

 

11 minutes ago, leadeater said:

your own security agencies are still certifying the equipment as safe to use

 

And our government also prohibits their use in certain areas, which prompts similar Huawei defense threads like this one to spring up. The intelligence agencies probably wouldnt disclose something like "well our intelligence agencies spied on Huawei and found this out" now would they?

[leadeater]

29 minutes ago, Amazonsucks said:

Except lots of countries are banning the use of Huawei and ZTE in critical infrastructure, not just one.

Yea and done so at the behest of the US and Five Eyes, not independent uninfluenced reasoning based on evidence that the equipment poses a security risk. Like I said if you want to be paranoid confine it to yourselves.

 

29 minutes ago, Amazonsucks said:

The intelligence agencies probably wouldnt disclose something like "well our intelligence agencies spied on Huawei and found this out" now would they?

They would if it meant the equipment was compromised and required that they not be used.

 

Neither was Hauwei actually banned here or blocked completely for critical infrastructure, GCSB didn't allow a sale to be authorized for Spark to use Hauwei in their 5G upgrade. This doesn't actually mean they are banned or were banned, "Huawei banned" just makes a better headline.

 

Huawei is still being used in the same critical infrastructure the GCSB blocked the Spark sale.

 

Spoiler

Quote

But Huawei, which is one of the world's largest technology companies with revenues of US$93 billion and 180,000 employees, is already deeply embedded with many New Zealand telcos.

 

Spark has used Huawei equipment to upgrade its 3G and 4G network. Huawei supplied and even partly-financed 2degrees' mobile network.

 

In 2015, Huawei also provided the technology for Vodafone's $22 million cable broadband upgrades in Wellington and Christchurch.

 

Chorus, too, buys a small amount of Huawei equipment for its rural networks.

 

Last year, Huawei founder and chief executive Ren Zhengfei met with then prime minister Bill English in Wellington and said it would spend $400 million in New Zealand over the next five years, including on a (yet to be confirmed) cloud computing data centre and a research lab hosted by Victoria University.

 

Ren chose to give his first ever media interview in New Zealand, where he discussed – through a translator – his decision in 1978 to join the Communist Party and made the claim that Huawei's relations with the Chinese government were no different to those that might exist between a New Zealand firm and the New Zealand government.

 

Quote

The New Zealand government currently manages the perceived issues associated with Huawei in part by drawing on the expertise of Britain's security service to help check its equipment, Huawei New Zealand deputy chief executive Andrew Bowater revealed this month.

 

"New Zealanders can have a lot of confidence that every major piece of work we do in New Zealand goes through independent evaluation in the UK through the cybersecurity evaluation centre there, which we haven't really acknowledged publicly before, he said.

 

"Everything we do goes through that evaluation centre which has oversight from [British spy agency] GCHQ and they feed that through to the GCSB."

Huawei realised it had to "go above and beyond because we are headquartered in China", he added.

 

Indeed the BBC reported on Thursday that New Zealand's Huawei "ban" raised questions about why the UK appears less concerned about use of the Chinese company's technology.

 

But if Huawei is entrenched in New Zealand and the GCSB has only identified a "risk" rather than any actual dubious activity by the company what has changed?

 

Quote

A part of the answer might be in the changed nature of 5G networks.

 

Mobile networks are no longer just about phone calls and text messages. 5G networks are expected to help control everything from self-driving electric cars to smart sensors built into city infrastructure.

 

That means they may control more critical infrastructure, but it also means 5G networks are being designed so they can handle different types of network traffic that have different characteristics in different ways through a technique commonly called network slicing.

 

That necessitates incorporating intelligence that was once confined to the core of mobile networks into the access network itself. That intelligence is achieved through software in the cellsites that could be subject to new vulnerabilities.

 

Spark and Huawei had been running a trial to isolate the access equipment that could be supplied by Huawei from the equipment that provided that intelligence, but it is perhaps questionable how completely achievable that separation could be.

 

Older generations of mobile network technology are also commonly being used to control "internet of things" devices though.

 

Many of the country's electric meters are managed via Vodafone over aging 2G network, for instance, so the particular sensitives specific to 5G technology could be overblown.

 

Quote

This raises the question of whether the rejection was just intended as a "shot across the bows" to Huawei and a nod in the direction of New Zealand's Five Eyes security partners the United States and Australia – or something much more serious that could put New Zealand's relations with Beijing under strain.

 

Spark could try to "prevent or mitigate" the risk the GCSB had identified, it noted.

 

If Spark did that, then the GCSB would then have to decide whether to refer the matter to the Minister responsible for the GCSB, Andrew Little, who would then have to make a decision on broader criteria including the impact any ban on Huawei could have on competition and innovation.

 

The feeling from Spark appears to be that it framed its original procurement request in a way that had the best chance of getting approval from the GCSB, so the rejection may indeed mark the end of the road.

 

Its proposal did involve Huawei employees installing the radio access network equipment, spokesman Andrew Pirie says.

https://www.stuff.co.nz/business/industries/108950894/nzs-big-call-on-huawei--politics-best-explains-5g-ban

 

Further reading if you're interested.

https://www.stuff.co.nz/business/108940155/gcsb-declines-huawei-proposal

 

[Amazonsucks]

1 minute ago, leadeater said:

Yea and done so at the behest of the US and Five Eyes, not independent uninfluenced reasoning based on evidence that the equipment poses a security risk. Like I said if you want to be paranoid confine it to yourselves.

Youre not a New Zealand citizen? You havent been kicked out of the alliance yet...

 

Youre also basically saying "well theres no real proof that the US is pressuring allies to ban Huawei and ZTE but the US is definitely guilty until proven innocent." Where's the proof that its just some campaign to hurt Huawei and not based on real national security intel?

 

4 minutes ago, leadeater said:

They would if it meant the equipment was compromised and required that they not be used.

 

It would cause a huge scandal though and could be used against the US and its allies in trade negotiations, so no they probably wouldnt disclose how they got the info or what info they have if it revealed how they got it by default...

[leadeater]

50 minutes ago, Amazonsucks said:

But when it comes to the credibility of which country's intelligence agencies to trust, the one being considered for removal from the 5 eyes because of Chinese infiltration probably isnt one of the ones i would trust.

That's not a thing, https://www.stuff.co.nz/national/105139649/former-us-official-dismisses-fear-of-new-zealand-forced-out-of-five-eyes-over-china-ties

[leadeater]

12 minutes ago, Amazonsucks said:

Youre also basically saying "well theres no real proof that the US is pressuring allies to ban Huawei and ZTE but the US is definitely guilty until proven innocent." 

Yes there is proof, I've already posted it earlier in another similar topic.

 

Anyway I'm done discussing this, I know I'm not going to change your views nor are you going to agree with anything I say or information I provided and further discussion is just leading you to post things that are actually against the CS and further from the the actual topic.

[straight_stewie]

1 hour ago, leadeater said:

You're criticizing China for not allowing use of western equipment due to their political reasons and yet Huawei is being barred for the same reason, not because of any document security risks with the equipment.

In defense of the opposite argument: I still think it's extremely smart for countries to use only domestic products from secure and vetted suppliers (meaning MIC suppliers or their partners/subsidiaries) for all things necessary to the countries primary infrastructures. While others may be somewhat hypocritical in that matter, I would urge all countries, including enemy nation states to my own, to do the same.

In my opinion it's just common sense.

But how Ironic is the username Amazonsucks here?

[leadeater]

1 minute ago, straight_stewie said:

In defense of the opposite argument: I still think it's extremely smart for countries to use only domestic products from secure and vetted suppliers (meaning MIC suppliers or their partners/subsidiaries) for all things necessary to the countries primary infrastructures. While others may be somewhat hypocritical in that matter, I would urge all countries, including enemy nation states to my own, to do the same.

In my opinion it's just common sense.

A country like mine doesn't have that choice though, many don't. For network and server technologies, particularly hardware wise, we only have external companies to choose from and creating a local option is simply unrealistic.

[straight_stewie]

5 minutes ago, leadeater said:

A country like mine doesn't have that choice though, many don't. For network and server technologies, particularly hardware wise, we only have external companies to choose from and creating a local option is simply unrealistic. 

Perhaps in those cases exceptions could be made for using only products from long standing and reliable allies.

That would cover virtually every country, as nearly all countries whose governments would care about such things as technologically advanced infrastructure are aligned with either the US, Russia, or China.

Generally, the MICs from aligned countries are intertwined, so it makes sense from an economic standpoint as well.

[leadeater]

6 hours ago, straight_stewie said:

Perhaps in those cases exceptions could be made for using only products from long standing and reliable allies.

That would cover virtually every country, as nearly all countries whose governments would care about such things as technologically advanced infrastructure are aligned with either the US, Russia, or China.

Generally, the MICs from aligned countries are intertwined, so it makes sense from an economic standpoint as well.

We did actually take the lead from the UK though, they have been using Huawei longer than us and the GCHQ certified all the equipment for us and that is why we are using and are allowed to use the equipment. All the equipment inspections are actually done over in the UK for us.

 

That's where the issue lies for me, the GCHQ and the Five Eyes as a whole are jointly certifying the equipment as safe so any mention of the equipment having backdoors or being able to be exploited just don't align with what the security agencies have actually found.

 

We have large trade agreements with the Aus, UK, US and China so we aren't really economically tied to a single country. Militarily we are most tied with the US and they actually configure and operate the military network here, which is separate from other networks physically and optically.

 

The point of view from other countries should really be assumed as rather different than from one's own, even from within points of view differ. One country might see China, Russia or the US as more of a threat than another or the way we deal with those threats is different. We have more at risk by restricting trade and economic ties with China than others might have and we don't have as many cards to play as the US does for example.

 

If equipment has been shown to be safe, measures can be taken to ensure national security why would you ignore a financially better option from a company who's equipment you are already using.

[captain_to_fire]

9 minutes ago, leadeater said:

We have more at risk by restricting trade and economic ties with China than others might have and we don't have as many cards to play as the US does for example.

So basically keep your friends close and your enemies closer? 

[LAwLz]

6 hours ago, straight_stewie said:

Perhaps in those cases exceptions could be made for using only products from long standing and reliable allies.

That would cover virtually every country, as nearly all countries whose governments would care about such things as technologically advanced infrastructure are aligned with either the US, Russia, or China.

Generally, the MICs from aligned countries are intertwined, so it makes sense from an economic standpoint as well. 

Sounds good in practice, but the problem once again crops up regarding availability, and what happens when someone is found to be making vulnerabilities for the infrastructure. It also becomes an issue of blanket bans where companies gets punished for being from a country whose government has done something bad, even if the company itself is clean.

 

Well, let's take Germany as an example. Not sure if you can say they have been allied with US for a long time, considering the fairly recent wars they have had, but whatever.

So Germany should only buy stuff from US companies, right? Since they have a long standing and reliable alliance. Well, the US government have been found developing, and forcing companies to compromise security in order to build in spying capabilities. Here is an article about how the NSA has secretly been wiretapping German politicians for decades. Well shit. So Germany should not buy from US companies then? There are similar reports of the US spying on politicians in other countries too I should add. Here is one about Israel for example. Here is one about France. Spain were also targeted by the US. You get the point.

 

So if we go with the logic that "we shouldn't buy from companies located in countries where they engage in cyber-warfare against us" then the US should most certainly be banned from essentially all countries in the world. And unlike the accusations made towards Huawei, we actually have the evidence out in the open against the US.

 

The problem then becomes that, there are no options left. Now that Nokia (and thus, Alcatel-Lucent) are owned by the Chinese I don't know of any network equipment manufacturing company that isn't from the US or China. Ericsson I guess, but I am not sure if they make routers and the likes.

 

 

Also, I think the national security argument is complete bullshit.

I don't know about the certification process leadeater has mentioned but it sounds reasonable that products used in these types of networks would be controlled and certified.

But I think the even bigger telling is that these bans are only on new purchases, and in the case of for example New Zealand it seems to be limited to specifically 5G stuff too. So their old switches, and the switches which the 5G equipment will be connected to, are Huawei stuff. If it really was a threat to national security, then you'd assume that they would replace their "compromised" backbone network which all the traffic will go through, but apparently not.

[leadeater]

28 minutes ago, LAwLz said:

I don't know about the certification process leadeater has mentioned but it sounds reasonable that products used in these types of networks would be controlled and certified.

The certification is actually to allow sale at all on the domestic market for the Five Eyes countries. Any tech equipment, networking and servers etc, from countries like China have to be certified for sale by one of the Fives Eyes security agencies, typically UK or US. If one of them does the required investigation and documentation then the equipment is jointly certified for all Five Eyes nations, that is pretty much why we don't do it ourselves because the UK and US already have the facilities and procedures in place to do it and we do not.

 

You can't actually just buy any switch or server from Huawei you have to get the Five Eyes certified ones, there's just too much Huawei makes to check them all and keep up that re-certification.

 

28 minutes ago, LAwLz said:

But I think the even bigger telling is that these bans are only on new purchases, and in the case of for example New Zealand it seems to be limited to specifically 5G stuff too. So their old switches, and the switches which the 5G equipment will be connected to, are Huawei stuff. If it really was a threat to national security, then you'd assume that they would replace their "compromised" backbone network which all the traffic will go through, but apparently not.

UK has a lot more Huawei equipment in critical infrastructure as far as I know. Our wired/fibre broadband network is almost all Nokia/Alcatel-Lucent and so is the original deployment of 3G and 4G(I think, them or Ericsson), Huawei equipment was later added in the expansion of the 4G network by Spark and 2Degrees is all Huawei. UK would be impacted more than us if they were mandated to remove the Huawei equipment.

 

I view the Huawei client devices as more of a threat than the network and server equipment, one of the guys at work buys Chinese phones on the China market and brings them in to NZ because they are so cheap. He has a very interesting time ripping out all the local China mandated firmware and software controls to truly wipe it and put on a stock Android install. Sure the global market version of the phones aren't like that but those are at lot easier to hide stuff in than tightly scrutinized infrastructure equipment.