India Bars ZTE, Huawei, Others From Sensitive Government Projects

hypnosec writes "The Indian Government has decided it won't be using telecom equipment from international vendors, and has barred all such foreign companies from participating in the US$3.8 billion National Optical Fiber Network (NOFN) project — a project aimed at bringing high-speed Internet connectivity to the rural areas of India. The DoT has decided that it will be going ahead with 100 per cent domestic sourcing and has released a list of certified GPON suppliers. This decision comes after the research wing of the ministry, C-DoT, advised the telecom department to bar Chinese companies like ZTE and Huawei, keeping in line with a similar decision by the U.S. In an internal memo, the research body advised the department that both these Chinese companies are a security threat to the telecom world."

Re:Tinfoil Hats?

[green1]

I can understand the paranoia over buying equipment supplied by a company known to be tight with a foreign power you don't always get along with. But I also really wish someone would show some proof of something close to a security threat in one of these products before the whole world goes crazy about "OMG the Spies!!!"
There is tons of hardware by these companies available all over the world, and so far (to my knowledge) nobody has ever found any evidence of a back door, or any spying capability in any of it. And honestly, I don't see any reason to think that those companies are any more likely than any other company in the world to do that.

Re:Tinfoil Hats?

[rahvin112]

The top three owners of ZTE are all members of the PLA. All three are high ranking officers. One of them is also believed to be a high ranking member of the Chinese equivalent of the CIA.

These men claim that their PLA association is past history and not relevant but they are all still ranking officers in the PLA. Maybe just maybe their ownership is related to the corruption of the PLA and communist party in general and that there is no real connection. The problem is that even if there is no involvement now, the PLA could direct intervention and backdoored firmwares.

I'd be surprised at any government stupid enough to put in place telecom equipment from a company owned by the military of a sovereign nation. You're probably at risk with any non native produced equipment BUT that risk goes up enormously if that foreign company is owned not only by the government of a foreign nation but the military of that nation.

Re:Tinfoil Hats?

[epyT-R]

No, it's not racism. It's a legitimate concern, but it doesn't just apply to the chinese. Who's to say that Cisco/nortel/juniper et al don't also have backdoors in their firmware? Frankly, no western country has a right to bitch about chinese government abuse of civil liberties and police state paranoia when they themselves are doing the same things. I'm surprised the indian government isn't choosing to distrust western closed hardware as well. They should.

This is yet another reason why closed software sucks. There's no way to audit what's running on the hardware.

Re:if you can do the work at home, do it

[Zontar+The+Mindless]

I rather like the idea of interdependence growing to the point where countries simply can't afford to have wars with one another, myself.

Re:if you can do the work at home, do it

[iserlohn]

This was exactly the same argument made on the eve of WWI, that the world economy was too interdependent for war to be waged between the major powers. What happened afterwards is history.

My own take is that the nuclear deterrent is much more potent than any economic deterrent.

Re:Tinfoil Hats?

[Mike+Frett]

Did you forget about NSAKEY_?. Microsoft apparently took great lengths to shush that since you can't remember. There is no telling what Government backdoors are in Microsoft Windows since Indians and Chinese both help write code for it. There was also (and still is) an unknown hole in IE in 2010 that allowed Chinese hackers to steal Data from Google, Adobe and others. The question was: Was it really unknown, or intentionally put there?. Who knows, not us.

Then there is the Hardware backdoor from China, using the ASIC chip in US Military components. It's not a theory or a maybe, it's all fact. If you can't personally see the code for all this Software and Hardware, nobody should use it. But of course, we know that's not possible except with Open Source.

Re:Tinfoil Hats?

[azalin]

That's probably the reason those are excluded as well. While the summary focuses on the Chinese, it also states that no foreign suppliers will be involved.