Slashdot Mirror

← Back to Stories (view on slashdot.org)

S. Korea Diverts Network From Huawei Networks

Posted by timothy on from the but-the-marines-are-always-saying-huawei dept.

An anonymous reader writes with this excerpt from The Verge: "The South Korean government has decided to route sensitive data away from networks operated by Huawei, amid longstanding fears from the U.S. that the Chinese company's infrastructure could be used to spy on communications. As the Wall Street Journal reports, the U.S. had been urging its South Korean allies to route government communications away from Huawei networks, claiming that the infrastructure could be used to spy on communications with American military bases there. As a result, Huawei equipment will not be used at any American military base in South Korea. The Obama administration denies playing a role in the decision, and South Korean officials have not commented. The Journal reports that the White House made a point of keeping the talks private because it didn't want to be seen as meddling in its ally's business affairs."

20 of 76 comments (clear)

  1. Who cares by boorack · · Score: 3, Informative

    Thank tho Snowden we now know that Cisco is even worse in that regard. So the only thing one can choose is who will be sucking one's data - US or China. There best way to keep networks safe is to roll one's own equipment (eg. PC-based with OpenBSD or something, sourced from local vendor) but it has its own limitations.

    1. Re:Who cares by jones_supa · · Score: 2

      It might still be the best way (of various choices which are all bad in some way).

    2. Re:Who cares by Zontar+The+Mindless · · Score: 3, Funny

      While communicating with the US, choose Cisco. While communicating with China, choose Huawei.

      Do it the other way round. That'll keep everybody extremely honest.

      --
      Il n'y a pas de Planet B.
    3. Re:Who cares by wonkey_monkey · · Score: 4, Interesting

      Thank tho Snowden we now know that Cisco is even worse in that regard.

      Do we? Really?

      --
      systemd is Roko's Basilisk.
    4. Re:Who cares by gmuslera · · Score: 2

      Worse than that. The one putting backdoors in Huawei networking gear is the NSA itself.

  2. This is silly by phantomfive · · Score: 2

    If you want to keep your data secure over a network, encrypt it (and trust the other side). That's the only way.

    This is silly stuff for the US to be worrying about. We should be generous with our friends in things that matter little, so when it comes to things that do matter, they will have confidence that we are negotiating in good faith. Why would you want to use protectionism to defend Verizon and Qualcomm? Really?

    --
    "First they came for the slanderers and i said nothing."
    1. Re:This is silly by Mashiki · · Score: 2

      Well normally I'd agree, except I've lived in the region for a bit. Some other /.er's could probably explain better if they're more recent live-ins', but usually when the governments in the region do something like this it has more to do with industrial espionage and fear of direct, or indirect attacks against national interests. Or that there's interest in "gaining" people by kidnapping. China, who uses N.Korea as a proxy to attack it's neighbors will happily disavow everything. And there's a very long history of people who've disappeared in S.Korea and Japan showing up in both countries as either sex slaves, concubines to the leadership, or forced into research positions/universities.

      --
      Om, nomnomnom...
    2. Re:This is silly by evilviper · · Score: 2

      One-time pads are extremely cumbersome, and the "distribution system" of which you speak is inherently highly vulnerable to things like interception, whether of the high or low-tech sort.

      How would you propose to integrate OTPs with IPSec VPNs for instance? It's a very hard problem that you're treating like a minor detail...

      --
      Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
    3. Re:This is silly by phantomfive · · Score: 2

      There are publicly known vulnerabilities in any crypto you care to name.

      SHA-2 and SHA-3 are still good.

      And acting like it's oh-so-very simple to manage gigabytes of OTPs every day, and feeding it into the low-level protocols never designed for such a thing, won't make it true.

      OTP would be easy to integrate into any low level encryption. That's not the problem; the problem is making sure the pad is secure. If it gets stolen, your encryption is over. Have you seen how many algorithms openSSL already integrates, for example? You probably don't know what you are talking about. Gigabytes are easy to transfer, do you know the size of hard drives these days?

      Also, you should go read a book about cryptography. It will make you knowledgable.

      And let's not forget that I mentioned FOUR different things that were utterly and undeniably wrong with your ridiculous stance on this issue. Yet you haven't argued with any of the other three show-stopping issues.

      Yeap. You're having too much trouble understanding the first point, getting through all four of them would take forever. :) Furthermore, you fail at a basic principle of good thinking: you should try to find flaws in ideas you agree with, not in ideas you disagree with. That's basic science; as soon as you have a hypothesis, attack it to test it. You are failing to do that, I can tell by the style of your arguments.

      IF you change and do that, it will make you smarter.

      --
      "First they came for the slanderers and i said nothing."
  3. Re:Use Cisco instead... by satuon · · Score: 2

    The US is an ally to South Korea, and since that equipment will be used to communicate to the American military bases anyway, I don't see why they need to worry if the NSA can spy on it.

  4. Translation: by xiando · · Score: 2

    The US government is using it's infrastructure and networks to spy on everyone so it naturally assumes that China is going this as well.

    --
    9/11: Never forget it was a false-flag operation
  5. Re:Use Cisco instead... by obarthelemy · · Score: 2

    because the US are not restricting themselves to military spying. Political, economic and LOVEINT spying of "allies" are par for the game, too.

    --
    The Cloud - because you don't care if your apps and data are up in the air.
  6. That is silly by dbIII · · Score: 2

    China, who uses N.Korea as a proxy to attack it's neighbors

    After Chinese involvement in an attempted coup a couple of decades back they haven't gotten on very well. Of course nobody else will even talk to N.K. , let alone trade with a serious markup on everything.

    The kidnapping etc has certainly been linked to N.K. on multiple occasions - but to China? I've never heard of that one so please provide an example.

    I'm not defending China, merely pointing out that N.K. should take the blame for their own actions instead of using a stupid "Chinese puppet" conspiracy theory. I know some Chinese from just over the border who may have relatives in N.K. but they have no way of finding out if they are alive or dead. Their attitude, and it doesn't seem to be uncommon, is the best solution is to wait until the wind is blowing the right way and nuke the place. That's just one example of the strong feelings and how it's a different country.

  7. Huawei sux... actually... by ImOuttaHere · · Score: 2

    For anyone closely following China and their state-sponsored intellectual property theft activities, this comes as no surprise. The only thing I would change in the opening paragraph is "...infrastructure could be used to spy on communications... to ...infrastructure is used to spy on communications...

    China's IP theft, how it happens, Hauwei's involvement, Chinese Liberation Army battalions devoted to network disruption and IP theft, US three letter agency involvement in trying to help US corporations protect themselves, is all open, public knowledge. Saying things like CISCO is worse is only avoiding the real and serious issues of western business competitiveness and military capabilities by posing a straw-man that, while the argument might feel good, is completely and utterly false. Do some research before claiming "we're no better than they are", please.

  8. Re:Use Cisco instead... by jonwil · · Score: 3, Interesting

    Maybe the REAL reason that the US and its allies hate Huawei is because unlike Cisco or Juniper or HP or Ericsson or whoever, they cant put backdoors in the Huawei gear.

  9. Re: Use Cisco instead... by chill · · Score: 4, Informative

    Uh, no. You just read the *headlines* on Snowden articles and not the details, didn't you?

    Backdooring Cisco or Juniper equipment required physical access or someone to upload a Trojan firmware.

    Huawei has a *remote upgrade* feature that allows remote firmware programming. They are very..."user" friendly.

    --
    Learning HOW to think is more important than learning WHAT to think.
  10. US trying to make allies chose to use US made gear by Sigurd_Fafnersbane · · Score: 2

    According to Snowden, NSA use vulnerabilities in both Huawei, Cisco and other manufacturers gear to spy on traffic but if the vulnerabilities in Cisco, Juniper and others are planted there by NSA they might suspect that other parties have bigger difficulties spying on Cisco gear. Most likely though it is more a question on wanting to favour American industry like when NSA did industrial espionage against Brazilian, German or other countries companies and share data with US companies.

  11. Cisco? by Anonymous Coward · · Score: 2, Informative

    Thank tho Snowden we now know that Cisco is even worse in that regard.

    [citation needed]

    In what way? I am not aware of any backdoors being reported from the Snowden documents. I've seen Chinese media say that Cisco helped the NSA, but not any reports from Greenwald et al:

    http://news.yahoo.com/chinese-media-snowden-says-cisco-090020241.html

    There are reports of exploits against Cisco equipment by the NSA, but they've also attacked Juniper, Huawei, and many other vendors. So again: [citation needed].

    So while I'm not a fan of Cisco gear for other reasons (primarily budget/value proposition), from a security POV there shouldn't be much of an issue AFAICT.

  12. Re: Use Cisco instead... by EmperorArthur · · Score: 4, Informative

    Huawei firmware is not known for its quality. It has so many nasty bugs and security holes, the remote firmware programming interface is just a safer way to do it.

    Cisco and Juniper are much better (at least their boxes crash or do idiotic things a lot less than Huawei boxes), but still not anywhere close to safe enough for the job, as one can easily check by hunting for C and J firmware exploits in several sites.

    I always point to this video when people ask what my big deal with Huawei is. The takeaway, they found early 1990s bugs and security everywhere, including all memory being world accessible and mapped read, write, execute. That means you just need an exploit, no privilege escalation necessary. Also, not only are these exploits easy to find, Huawei doesn't publish CVEs or changelogs for their new firmware. Combine that with most debugging features only being available in Chinese.... Yeah, I'll pass.

    http://www.youtube.com/watch?v...

    --
    So lets pretend that we've just completed writing this code, as opposed to having just completed sabotaging it -Altera
  13. Re: Funny, ha ha ha by HiThere · · Score: 2

    The extra layers are so that it's not immediately obvious which messages are encoded with the one-time pad version. That can be important information, and delaying it's recognition can be an important plus. (And only a few messages should really require a one-time pad. For most a lighter level of security should suffice.)

    --

    I think we've pushed this "anyone can grow up to be president" thing too far.