Slashdot Mirror

← Back to Stories (view on slashdot.org)

Huawei Using NSA Scandal To Turn Tables On Accusations of Spying

Posted by timothy on from the innocent-whistling dept.

Nerval's Lobster writes "Huawei Technologies, the Chinese telecom giant banned from selling to U.S. government agencies due to its alleged ties to Chinese intelligence services, is trying to turn the tables on its accusers by offering itself as a safe haven for customers concerned that the NSA has compromised their own IT vendors. 'We have never been asked to provide access to our technology, or provide any data or information on any citizen or organization to any Government, or their agencies,' Huawei Deputy Chairman Ken Hu said in the introduction to a 52-page white paper on cybersecurity published Oct. 18. Huawei was banned from selling to U.S. government entities and faced barriers to civilian sales following a 2012 report from the U.S. House of Representatives that concluded Huawei's management had not been forthcoming enough to convince committee members to disregard charges it had given Chinese intelligence services backdoors into its secure systems and allowed Chinese intelligence agents to pose as Huawei employees. But the company promises to create test centers where governments and customers can test its products and inspect its services as part of an 'open, transparent and sincere' approach to questions about its alleged ties, according to a statement in the white paper from Huawei CEO Ren Zhengfei. Can Huawei actually gain more customers by playing off the Snowden scandal?"

29 of 183 comments (clear)

  1. It's not mutually exclusive. by Anonymous Coward · · Score: 3, Interesting

    The bigger a nationally sponsored corporation becomes, the more obviously it becomes an asset. It's like choosing between corrupt police and the mob.

    Just because the NSA spies doesn't prove Huawei doesn't. This line of reasoning is guaranteed to fool a few morons and nobody else.

    1. Re:It's not mutually exclusive. by AliasMarlowe · · Score: 3, Insightful

      The bigger a nationally sponsored corporation becomes, the more obviously it becomes an asset. It's like choosing between corrupt police and the mob.

      Just because the NSA spies doesn't prove Huawei doesn't. This line of reasoning is guaranteed to fool a few morons and nobody else.

      Unfortunately, it leaves those morons with a semi-conscious or unconscious choice between being spied on by A (and possibly others) and being spied on by B (and possibly others). The wise person, on the other hand, merely faces a conscious choice between being spied on by A (and possibly others) and being spied on by B (and possibly others).

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    2. Re:It's not mutually exclusive. by johanw · · Score: 4, Insightful

      Nope, but assuming both spy, whose spying would you care the most? As a home user, the Chinese government has no interest in me. I have no contacts with the Dalai Lama. The US government probably has, since I'm hurting their sponsors by downloading the latest movies.

    3. Re:It's not mutually exclusive. by Opportunist · · Score: 5, Insightful

      Well of course it does not. But one thing is at least certain, the chance that Huawei hands over everything and everything you give them to the US government is lower than Google doing the same. In return, your chance to be betrayed by Google when it comes to keeping secrets from China is higher.

      In other words, you can essentially choose between the Chinese government knowing everything about you or the US government doing so.

      And now ponder which country your country is more likely to hand you over to.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    4. Re:It's not mutually exclusive. by gbjbaanb · · Score: 3, Insightful

      I think i can guarantee that Huawei does not hand over anything to the US government, as the US refuses to use their kit :)

      Maybe, and this could be a bit of anti-conspiracy theory here, that the reason the US refuses to use their kit is not because of the usual financial protectionism, nor of some vague bull about sending all your packets to china, but simply because they do not send any packets anywhere - even to the NSA, hence the reason they are banned from use. :)

    5. Re:It's not mutually exclusive. by AliasMarlowe · · Score: 3, Insightful

      Nope, but assuming both spy, whose spying would you care the most? As a home user, the Chinese government has no interest in me. I have no contacts with the Dalai Lama. The US government probably has, since I'm hurting their sponsors by downloading the latest movies.

      This analysis is probably breaks down somewhat for persons of particular interest - their data would be traded. For instance, China might trade your downloading history and identity to the US in return for some dirt on activities of one of the Dalai Lama's acolytes. Neither of these has much direct value to the spy who has it, but it has rather more value to the other. The analysis breaks down more generally for monitored persons in third countries. For instance, if one is in France or Egypt or Brazil, one's data is of interest to both of these protagonists, mostly for trade to third parties in return for other data.

      No spying at all (or no sharing of such data with other agencies) would be preferable for most of us.

      --
      Those who can make you believe absurdities can make you commit atrocities. - Voltaire
    6. Re:It's not mutually exclusive. by FriendlyLurker · · Score: 2

      The US government probably has, since I'm hurting their sponsors by downloading the latest movies.

      Exactly. Or perhaps your upset with trillion dollar bailouts to the banks while more and more of the middle class slip into poverty so you decide to democratically voice your concerns - only to be picked up the spy dragnet and harassed, fired, put on no-fly and do-not-employ list's (yes, all these things have already happened to key OWS leaders). How long before your crime may be as simple as expressing your dissatisfaction with our ruling elite on forums such as Slashdots. Going by current trends, I would be surprised if it is not already happening.

      Spying by your own goverment is the much greater threat.

    7. Re:It's not mutually exclusive. by contrapunctus · · Score: 3, Insightful

      One of the reasons I like slashdot is that I learn stuff that has nothing to do with the topic.
      I did not know about startpage.com, thank you!

    8. Re:It's not mutually exclusive. by ebno-10db · · Score: 4, Funny

      That's an extremely paranoid, borderline tin foil hat, conspiracy theory. Given recent information that has helped people determine the veracity of such wild eyed ideas, there's a very good chance you're right.

    9. Re:It's not mutually exclusive. by WindBourne · · Score: 3, Insightful

      EVERY honest nation would protest, and every nation that went along with it would simply be lying.

      --
      I prefer the "u" in honour as it seems to be missing these days.
    10. Re:It's not mutually exclusive. by bickerdyke · · Score: 3, Insightful

      Just because the NSA spies doesn't prove Huawei doesn't..

      Well, yes.

      buuut one of them has been caught doing so....

      --
      bickerdyke
    11. Re:It's not mutually exclusive. by ebno-10db · · Score: 2

      you might consider the idea of moving to China

      The GP isn't saying that the Chinese government is better than the US government. As an American, no matter how critical I am of the US government, I think such ideas are absurd. All the GP is saying is that China doesn't really care about Joe Average American. Why should they? Some powerful or influential people, those with access to important classified or proprietary information, sure, but not Joe Average.

    12. Re:It's not mutually exclusive. by cbhacking · · Score: 2

      Nobody in their right mind uses Huawei kit, because it will cheerfully send packets to anybody who asks. DEFCON 20 had an eye-opening presentation on exactly how shitty their code was, at least on their networking equipment. The upshot? There's no need for a government backdoor when the code quality is so abysmal. A pair of hackers were able to find laughably easy (think 80s- or early 90s-grade vulnerabilities, things like strcpy into small buffers and such) remote exploits and the devices have no exploit mitigations or privilege separation, so anybody who wanted to could root them with ease. Huawei didn't even have a system in place for taking reports of security issues; they just didn't care.

      The government stuff is irrelevant. If you use Huawei, the Chinese can spy on you, the NSA can spy on you, the Papua New Guineans can spy on you, I can spy on you, and I'm pretty sure my cat is smart enough it could spy on you. Their security is that abysmal.

      --
      There's no place I could be, since I've found Serenity...
    13. Re:It's not mutually exclusive. by Znork · · Score: 2

      Um, yes, NSA is engaged in industrial espionage as well. At least Petrobras has been suggested as a target as well as the known ECHELON incidents. Most likely they're just better at hiding it as they tap directly in to the infrastructure rather than engaging in directed intrusions as often.

      And frankly, even as a US corporation I'd say there's cause to worry unless you're the one cosying up with the NSA or your trade secrets might just end up with your competitors who happen to be pals with the right brass.

  2. Bizarro world by Opportunist · · Score: 5, Interesting

    Imagine you had told someone 25 years ago that China offers you a safe haven from being spied on by the US and possible repercussions because of it...

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:Bizarro world by ifiwereasculptor · · Score: 2

      If you lived on a latin american country, that statement would simply make sense at any point in time.

  3. Did Huawei Rebuff the NSA? by bill_mcgonigle · · Score: 5, Interesting

    There was a Snowden brief a short while ago that showed that one of the major switch vendors had given NSA a direct backdoor into their products. One of the people covering that story said something like, "I can't tell you that it's Cisco, but it's Cisco". The real problem with this situation is that we really don't know which of these things is true.

    Back when the USG banned the use of Huawei products, most people assumed that it meant that there was spying functionality in it that had been discovered. However, in light of Bull Run, it's definitely worth asking if what might have happened is that they refused to install spying technology and the USG report was meant as a way to discredit the company and prevent its market penetration.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
    1. Re:Did Huawei Rebuff the NSA? by Tom · · Score: 2

      Back when the USG banned the use of Huawei products, most people assumed that it meant that there was spying functionality in it that had been discovered.

      Uh, no? Over here in Europe, a lot of people assumed it meant the US vendors had had a nice chat with their government, complaining about the cheaper competition and promising campaign contributions.

      Not that we weren't afraid of chinese backdoors. I was in the telco industry back then and the discussions were fierce and not exactly short about whether or not to use their stuff. But the US banning them just as they were gaining market share like crazy? That was such an obvious protectionist move.

      --
      Assorted stuff I do sometimes: Lemuria.org
  4. Doubtful Tactic by Anonymous Coward · · Score: 4, Insightful

    I'm an I.T. manager for a non-western company that has non-western defense contracts, one of those sort of conglomerates that does every activity under the sun. I doubt their ploy will actually work, we don't trust the US or the Chinese. It's a matter of "pick your poison". Still, anyone foolish enough to buy Huawei (Their firmware universally sucks, from modems to enterprise/service-level network and backhaul equipment) might be foolish enough to believe they're safer. In reality though, you're more at risk from the security exploits from Huawei's lazy half-assed programmers. I fear their coders more than any possible shadowy relationships.

    1. Re:Doubtful Tactic by ebno-10db · · Score: 3, Interesting

      we don't trust the US or the Chinese

      Don't blame you. As an American, I also don't trust either.

      you're more at risk from the security exploits from Huawei's lazy half-assed programmers

      At least when you find a backdoor in Cisco products, you know it was meant to be a backdoor.

      As an American I'd like to believe the Huawei programmers are incompetent. OTOH it would be very clever to disguise a backdoor as a bug, or turn a bug into a backdoor. Hold it, Microsoft/NSA has already used the latter approach. Damn Chinese just copy our ideas.

    2. Re:Doubtful Tactic by EmperorArthur · · Score: 2

      DEFCON 20: Hacking Redacted Routers

      Huawei has so many bugs that I don't buy anything other than incompetence.
      I've linked to the conclusion of that video so you can see a nice list of how bad they are.

      --
      So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera
  5. drivers by gbjbaanb · · Score: 4, Insightful

    Dear Huawei chairman,

    open source all of your drivers and firmware, then we'll be forced to agree that your equipment is safe for use.

    1. Re:drivers by Flytrap · · Score: 4, Funny

      Dear gbjbaanb,

      We will gladly do so... as soon as you also ask the following competitors to do the same:
      - Juniper Networks
      - Cisco
      - 3Com
      - Teledata Networks
      - Netgear
      - Alcatel-Lucent
      - :

      After all, the back doors we have in our switches are the same back doors we inherited from their code when we stole it a few years ago.

    2. Re:drivers by Tom · · Score: 3, Insightful

      Nonsense, and dangerous nonsense at that.

      First, having the source code doesn't tell you the binary running on the device was actually built from the source code you have in your hands.

      Second, even if you validate the build chain, you don't know what the compiler, linker and other parts of the toolchain have inserted. This is really, really old knowledge, we're talking at least 30 years.

      Third, even if you are sure about the software, you still don't know if there's trickery in the hardware.

      You're certainly better off if you have the source code, but don't ever think that alone solves anything.

      --
      Assorted stuff I do sometimes: Lemuria.org
  6. Of course by mbone · · Score: 4, Insightful

    Can Huawei actually gain more customers by playing off the Snowden scandal?"

    Of course they can. In fact, I suspect they already have.

    One of the Cisco et al. selling points was "you can trust us with your data, can you trust Huawei ?" Now that is gone. Loosing a selling point like that, in a competitive market, means that sales will go to the companies it was directed against.

  7. Bias and negative wording by Reliable+Windmill · · Score: 2

    You shouldn't be asking "Can Huawei actually gain more customers by playing off the Snowden scandal?", but rather if American vendors can keep their customers in light of the NSA scandal.

    --
    Signature intentionally left blank.
  8. Re:Prepare for Slashdotters... by WindBourne · · Score: 2, Interesting

    wow. Just wow.
    You HAVE to live in either America or Europe. You obviously have no knowledge about Asia.
    Why do you think that vietnam is cuddlying up with USA these days? Why do you think that EVERY ASIAN NATION except China, North Korea, and sometimes Russia wants USA in on meetings for those areas?
    What do they know that an ignorant person like you does not know?

    Perhaps they know that China has invaded ALL of asia over and over. Perhaps they know that China threatens just about all of them NOW, and says that they want control of areas that was not theirs in a minimum of 100 years and in some cases, over a 1000.
    Perhaps they are watching China put DIVERSIONARY dams on the headwaters that go to south east asia, as well as lower asia (i.e. India).
    Perhaps it is the economic warfare that is being conducted while they manipulate their money against the other nations.

    --
    I prefer the "u" in honour as it seems to be missing these days.
  9. Re:I trust China more than the USA. by ebno-10db · · Score: 3, Interesting

    Banned from USA, on instant-arrest watchlist at every airport, etc. You used to be cool USA. I actually used to respect NSA. Not now. There is doing things "illegally" within reason, then there is just straight-up abusive levels of illegality that they are presently doing. Now that China are finally growing up, I actually respect them far more.

    Why? Because at least they never claimed to be the land of the free? However bad the US is, China is worse (or if not, they're working on the tech). It's just that I hold my own country to a higher standard.

    People think China is potentially some bastion of openness because it's better than when Mao ran the show. That's a pretty low bar. And heck, the Tiananmen square massacre was 24 years ago. They've changed so much - might as well be talking about the Qin dynasty, right?

    If only they got that whole censorship nonsense away.

    If only the Chinese government wasn't the Chinese government.

    China would benefit hugely by opening up more since they are a huge influence in many markets.

    The same is true of the US, and we've actually had experience doing that. It's just that things have been retrograde for the last decade or so.

  10. Re:maybe Huawei was banned because by Carewolf · · Score: 3, Funny

    Perhaps, but I still count on the saying: "A thief thinks every man steals".

    The US assumes there are backdoors in Chinese equipment because they themselves put backdoors in all American equipment.