Domain: huawei.com
Stories and comments across the archive that link to huawei.com.
Stories · 10
-
Microsoft: Windows 10 Devices Open To 'Full Compromise' From Huawei PC Driver (zdnet.com)
According to ZDNet, researchers at Microsoft have discovered a buggy Huawei utility that could have given attackers a cheap way to undermine the security of the Windows kernel. From the report: Microsoft has now detailed how it found a severe local privilege escalation flaw in the Huawei PCManager driver software for its MateBook line of Windows 10 laptops. Thanks to Microsoft's work, the Chinese tech giant patched the flaw in January. As Microsoft researchers explain, third-party kernel drivers are becoming more attractive to attackers as a side-door to attacking the kernel without having to overcome its protections using an expensive zero-day kernel exploit in Windows. The flaw in Huawei's software was detected by new kernel sensors that were implemented in the Windows 10 October 2018 Update, aka version 1809.
The kernel sensors are meant to address the difficulty of detecting malicious code running in the kernel and are designed to detect user-space asynchronous procedure call (APC) code injection from the kernel. Microsoft Defender ATP anti-malware uses these sensors to detect actions caused by kernel code that may inject code into user-mode. Huawei's PCManager triggered Defender ATP alerts on multiple Windows 10 devices, prompting Microsoft to launch an investigation. [...] The investigation led the researcher to the executable MateBookService.exe. Due to a flaw in Huawei's 'watchdog' mechanism for HwOs2Ec10x64.sys, an attacker is able to create a malicious instance of MateBookService.exe to gain elevated privileges. The flaw can be used to make code running with low privileges read and write to other processes or to kernel space, leading to a "full machine compromise." Long-time Slashdot reader shanen writes: Though the story features Huawei, there doesn't seem to be anything specific to that company there. Just innuendo that you can't trust Chinese companies, eh? "Don't throw your computer into that Chinese briar patch!" Anyway, the sordid reality is that Microsoft is the root of all evils in the Windows platform. If increasing security had been half as important as maximizing profits, then we'd be in a much better world today. All complicated software is buggy, but adding complexity for no good reason is just begging for more problems. Here's a crazy solution approach: Any OS feature that isn't used by a LARGE majority of the users should be REMOVED from the OS. Maybe that isn't strong enough. Maybe the OS should be strictly limited to what absolutely needs to be there. Guard those eggs carefully! -
Apple, Huawei Both Claim First 7nm Smartphone Chips (ieee.org)
When Apple unveiled the iPhone Xs and Xs Max earlier today, it said they will contain the A12 Bionic chip -- the first smartphone processor to be made using 7nm manufacturing technology. But, as IEEE Spectrum points out, Huawei made the same claim late last month when it unveiled the Kirin 980 system on a chip. From the report: Apple's new A12 Bionic is made up of four CPU cores, six GPU cores, and an 8-core "neural engine" to handle machine learning tasks. According to Apple, the neural engine can perform 5 trillion operations per second -- an eight-fold boost -- and consumes one-tenth the energy of its previous incarnation. Of the GPU cores, two are designed for performance and are 15 percent faster than their predecessors. The other four are built for efficiency, with a 50 percent improvement on that metric. The system can decide which combination of the three types of cores will run a task most efficiently.
Huawei's chip, the Kirin 980, was unveiled at the IFA 2018 in Berlin on 31 August. It packs 6.9 billion transistors onto a one-square-centimeter chip. The company says it's the first chip to use processors based on Arm's Cortex-A76, which is 75 percent more powerful and 58 percent more efficient compared to its predecessors the A73 and A75. It has 8 cores, two big, high-performance ones based on the A76, two middle-performance ones that are also A76s, and four smaller, high-efficiency cores based on a Cortex-A55 design. The system runs on a variation of Arm's big.LITTLE architecture, in which immediate, intensive workloads are handled by the big processors while sustained background tasks are the job of the little ones. Kirin 980's GPU component is called the Mali-G76, and it offers a 46 percent performance boost and a 178 percent efficiency improvement from the previous generation. The chip also has a dual-core neural processing unit that more than doubles the number of images it can recognize to 4,500 images per minute. Apple will be the first to bring the 7nm chip in volume to market, as Huawei is expected to to start shipping its Mate 20 series phone (with the 7nm chip) a month or two later. Qualcomm also announced late last month that it's begun sampling its 7nm next-gen Snapdragon SoC. As IEEE Spectrum notes, the real winner is TSMC, which is making all three processors. -
Bluetooth Security Flaw Could Let Nearby Attacker Grab Your Private Data (zdnet.com)
A recently discovered bug in many Bluetooth firmware and OS drivers could allow an attacker within about 30 meters to capture and decrypt data shared between Bluetooth-paired devices. Researchers at the Israel Institute of Technology discovered the flaw, which was flagged today by Carnegie Mellon University CERT. It affects Bluetooth's Secure Simple Pairing and Low Energy Secure Connections. ZDNet reports: As the CERT notification explains, the vulnerability is caused by some vendors' Bluetooth implementations not properly validating the cryptographic key exchange when Bluetooth devices are pairing. The flaw slipped into the Bluetooth key exchange implementation which uses the elliptic-curve Diffie-Hellman (ECDH) key exchange to establish a secure connection over an insecure channel. This may allow a nearby but remote attacker to inject a a bogus public key to determine the session key during the public-private key exchange. They could then conduct a man-in-the-middle attack and "passively intercept and decrypt all device messages, and/or forge and inject malicious messages." Thankfully, patches are on the way. "Intel recommended users upgrade to the latest support driver and to check with vendors if they have provided one in their respective updates," reports ZDNet. "Dell has released a new driver for the Qualcomm driver it uses while Lenovo's update is for the flaw in Intel software. LG and Huawei have referenced fixes for CVE-2018-5383 in their respective July updates for mobile devices." It is not yet known if Android, Google, or the Linux kernel are affected. Apple has released a patch for the flaw earlier this month. -
Pop-Up Cameras Could Soon Be a Mobile Trend (techcrunch.com)
An anonymous reader quotes a report from TechCrunch: There's an interesting concept making its way around Mobile World Congress. Two gadgets offer cameras hidden until activated, which offer a fresh take on design and additional privacy. Vivo built a camera into a smartphone concept that's on a little sliding tray and Huawei will soon offer a MacBook Pro clone that features a camera hidden under a door above the keyboard. This could be a glimpse of the future of mobile design. Cameras have long been embedded in laptops and smartphones much to the chagrin of privacy experts. Some users cover up these cameras with tape or slim gadgets to ensure nefarious players do not remotely activate the cameras. Others, like HP, have started to build in shutters to give the user more control. Both DIY and built-in options require substantial screen bezels, which the industry is quickly racing to eliminate.
With shrinking bezels, gadget makers have to look for new solutions like the iPhone X notch. Others still, like Vivo and Huawei, are look at more elegant solutions than carving out a bit of the screen. For Huawei, this means using a false key within the keyboard to house a hidden camera. Press the key and it pops up like a trapdoor. We tried it out and though the housing is clever, the placement makes for awkward photos -- just make sure you trim those nose hairs before starting your conference call. Vivo has a similar take to Huawei though the camera is embedded on a sliding tray that pops-up out of the top of the phone. -
World's First 5G Field Trial Delivers Speeds of 3.6Gbps Using Sub-6GHz
Mark.JUK writes: Global Chinese ICT firm Huawei and Japanese mobile giant NTT DOCOMO today claim to have conducted the world's first large-scale field trial of future 5th generation (5G) mobile broadband technology, which was able to deliver a peak speed of 3.6Gbps (Gigabits per second). Previous trials have used significantly higher frequency bands (e.g. 20-80GHz), which struggle with coverage and penetration through physical objects. By comparison Huawei's network operates in the sub-6GHz frequency band and made use of several new technologies, such as Multi-User MIMO (concurrent connectivity of 24 user devices in the macro-cell environment), Sparse Code Multiple Access (SCMA) and Filtered OFDM (F-OFDM). Assuming all goes well then Huawei hopes to begin a proper pilot in 2018, with interoperability testing being completed during 2019 and then a commercial launch to follow in 2020. But of course they're not the only team trying to develop a 5G solution. -
Huawei, Proximus Demo 1Tb/sec Optical Network Transmission
Amanda Parker writes: Proximus and Huawei have demonstrated speeds of 1 Terabit per second (Tbps) in an optical trial. The speed, which equates to the transmission of 33 HD films in a second, is the first outcome of the partnership between the two companies which was formed in January. The trial was conducted over a 1,040 kilometre fibre link using an advanced 'Flexgrid' infrastructure with Huawei's Optical Switch Node OSN 9800 platform. -
Huawei Successfully Tests New 802.11ax WiFi Standard At 10.53Gbps
Mark.JUK (1222360) writes "Chinese ICT developer Huawei has confirmed that it was able to achieve a record transmission data rate of 10.53Gbps on 5GHz frequency bands in laboratory trials of their new 802.11ax WiFi (WLAN) wireless networking standard. The testing, which was conducted at Huawei's campus in Shenzhen, used a mix of MIMO-OFDA, intelligence spectrum allocation, interference coordination and hybrid access to achieve the result and the new technology could hit the market during 2018." -
BT To Test Huawei 1Gbps Broadband Over Copper
judgecorp writes "BT is testing a different fiber broadband topology FTTdp (Fiber to the distribution point) and G.FAST, which could give 1Gbps broadband speeds at its research site Adastral Park in Britain. FTTdp pushes the network fiber closer to the user's premises than FTTC (Fiber to the Cabinet). In many cases this is less than 250m, a distance at which it's possible to get 1Gbps over the copper phone network using G.FAST, a new variation of VDSL broadband ." -
Is China Wiring Africa For Surveillance?
Daniel_Stuckey writes "Huawei has invested billions of dollars in Africa over the last two decades, providing affordable cell phones, internet access, and telecommunications networks to the continent. Over the last few months Huawei has closed major deals in Africa to get more areas on the grid. The company says it's bridging the digital divide, but others suspect it's wiring the continent for surveillance." -
Mount Everest Gets 4G Connectivity
hypnosec writes "Huawei, in collaboration with China Mobile, has successfully deployed 4G services on Mount Everest, about 5,200 meters above sea level. Announcing the development, Huawei revealed that work was completed last month and users can now access 4G services like streaming live HD videos from the base camp on the mountain."