US Nuclear Lab Removes Chinese Tech

Rambo Tribble writes "Reuters reports that Los Almos National Laboratory has removed switches produced by Chinese firm H3C, which once had ties to Huawei. This appears to be a step taken to placate a nervous Congress, rather in response to any detected security issues. From the article: 'Switches are used to manage data traffic on computer networks. The exact number of Chinese-made switches installed at Los Alamos, how or when they were acquired, and whether they were placed in sensitive systems or pose any security risks, remains unclear. The laboratory - where the first atomic bomb was designed - is responsible for maintaining America's arsenal of nuclear weapons. A spokesman for the Los Alamos lab referred inquiries to the Department of Energy's National Nuclear Security Administration, or NNSA, which declined to comment.'"

What's the replacement going to be?

[wvmarle]

If they don't want made-in-China equipment, what are the alternatives? I don't think that doing without is much of an option.

Re:What's the replacement going to be?

[sjames]

Cisco is made in China. They just charge Made in America prices and pocket the difference.

Re:What's the replacement going to be?

Good thought, but check out the GarrettCom backdoor that was discovered by a curious researcher in 2012:

http://www.us-cert.gov/control_systems/pdf/ICSA-12-243-01.pdf

Looks like in some cases the 'american company' is worse! And why did it take this researcher named in the advisory to dicsover it? Why didn't any of the major corporations or government agencies who rely on this equipment discover it?

Re:What's the replacement going to be?

[kelemvor4]

Cisco switches are manufactured in China since 2011 per this press release: http://newsroom.cisco.com/press-release-content?articleId=442243

Re:Trusted Foundry

[Shoten]

They will most likely be replaced with equipment provided by vendors who are on the U.S. military's "Trusted Foundry" schedule. It doesn't matter if half the chips in those "Trusted Foundry" switches are manufactured in China - as a result of careful research, you can be "reasonably" sure they don't contain backdoors or malicious code.

"Reasonably."

There's another factor in this. A company like Huawei (founded by former members of the PRA, specifically ones from their cyber warfare capability) or H3C (owned by HP as a subsidiary, but otherwise entirely Chinese, top-to-bottom) can easily be argued to have interests that align with China. Cisco, on the other hand, is an American-founded company with American management.

If a Chinese national in China puts some nastiness into a switch/router/espresso machine that is then deployed in a sensitive location in the USA, well, it'll make a stink, but nobody will be all THAT shocked either, as the people behind it will be acting in their own nation's interests. Furthermore, they do not have the same market position in the West, and thus have less to lose economically. But if Cisco does this, they are really in deep trouble. I guarantee that the upper and middle management would have to prove their lack of knowledge of it. And that's a losing proposition right there: either you can't prove you knew about/controlled it (in which case you are now on the hook for espionage and other nasty things) or you successfully prove that you have no real control over your own products. At that point, you've proven either that you will screw your own customers AND countrymen, or that you really have no way of keeping your underlings from doing the same. So Cisco has an enormous incentive to make sure that no hanky-panky goes on at their manufacturing facilities, wherever they may be.