Slashdot Mirror
FBI, CIA, and NSA: Don't Use Huawei Phones (cnbc.com)
The heads of six top U.S. intelligence agencies told the Senate Intelligence Committee on Tuesday they would not advise Americans to use products or services from Chinese smartphone maker Huawei. "The six -- including the heads of the CIA, FBI, NSA and the director of national intelligence -- first expressed their distrust of Apple-rival Huawei and fellow Chinese telecom company ZTE in reference to public servants and state agencies," reports CNBC. From the report: "We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks," FBI Director Chris Wray testified. "That provides the capacity to exert pressure or control over our telecommunications infrastructure," Wray said. "It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage."
In a response, Huawei said that it "poses no greater cybersecurity risk than any ICT vendor." A spokesman said in a statement: "Huawei is aware of a range of U.S. government activities seemingly aimed at inhibiting Huawei's business in the U.S. market. Huawei is trusted by governments and customers in 170 countries worldwide and poses no greater cybersecurity risk than any ICT vendor, sharing as we do common global supply chains and production capabilities."
In a response, Huawei said that it "poses no greater cybersecurity risk than any ICT vendor." A spokesman said in a statement: "Huawei is aware of a range of U.S. government activities seemingly aimed at inhibiting Huawei's business in the U.S. market. Huawei is trusted by governments and customers in 170 countries worldwide and poses no greater cybersecurity risk than any ICT vendor, sharing as we do common global supply chains and production capabilities."
What are the boundaries here?
Huawei competes with the likes of Samsung, LG, Motorola and all other Android phones. Apple really has no rival as they control the entire garden within their walls.
--- Keep the choice with the user..
Immigration shouldn't use Chinese phones as they go after Mexican illegals on the order of our Russian controlled president.
They are simply bypassing adding a barrier of entry which would be illegal by pretending they are a security risk. That could backfire a lot though, because so far only the US was caught with the hand in the malware cookie jar, and massively intercepting comms. That could turn around and bite the US in the ass, why trust anything including new computer plateform when it is spied upon NSA, subpoenaed even if server are not physically in the US, and most probably bugged to hell by the NSA ? Huawei was never caught red handed. The US and NSA was. By using this tactic , the US may remind OTHER countries who was the one governement which was caught doing what they pretend Huawei is doing....
We've begged this company to allow backdoors in their products and they have refused, so please don't use their products, m'kay!
'"We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks," FBI Director Chris Wray testified'.
I wonder if Mr Wray would care to state exactly what "our values" are. I suspect the reason why politicians (and make no mistake, the FBI Director is a politician first, last and foremost) never list "our values" is either because they have forgotten what they are supposed to be, or because they are afraid listeners would burst out laughing.
Democracy? The USA was never meant to be a democracy - quite the contrary - and it is now definitely a plutocracy.
Freedom? That depends, doesn't it - whose freedom to do what to whom?
Freedom of speech? "It is by the goodness of God that in our country we have those three unspeakably precious things: freedom of speech, freedom of conscience, and the prudence never to practice either of them". - Mark Twain, Pudd'nhead Wilson's New Calendar, Ch. XX
Freedom of assembly? Not anywhere near where any politicians are having a meeting, or anywhere the armed forces say you can't go.
A free market? Everything is rigged, starting with interest rates and including the stock and bond markets.
I could go on but I don't want to bore anyone.
I am sure that there are many other solipsists out there.
Honestly, the Chinese government has no power or authority over me, so if that government took my data I'd mind a whole lot less than if it was my own government.
I'm not really sure what the risk level is here for the average person while using a product from Huawei, it just doesn't seem any more significant than using Google, Facebook, Apple, or other tech company products that already surveil the hell out of you.
By their logic we shouldn't be buying Lenovo, Motorola, Apple (Foxconn), or any of over a hundred other Chinese OEM's devices. The excuse that Apple controls the OS isn't even a solid argument as the firmware is still in the hands of the OEM and susceptible to tampering. There's something else pushing this narrative. Be interesting to find out what it is.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
I guess it depends on who you're afraid of. Depending on my activities and discussion I might feel safer with the Chinese government having my information than the NSA.
I'm not clear on the motivation here. Is it "We don't trust the Chinese government, and it's plausible that they could be pulling shenanigans" or "We have proof of shenanigans, and we're sounding the alarm!"?
Apple phones are still manufactured by a Chinese company. For that matter, how are these one line of Huawei phones different from literally every other phone manufactured in China to be sold worldwide, including in the US?
What is special about this particular line of phones that they're not telling us?
Apple really has no rival as they control the entire garden within their walls.
you do know that radio waves pass through walls, yes?
Also, of course, if Americans are not to use Chinese devices in case the Chinese government spies on them - who (outside the USA) is going to want to use American devices?
We know for sure that the US government systematically spies on Americans, and if they spy on Americans they certainly wouldn't baulk at spying on foreigners.
So, goodbye all Apple sales to China, Russia, India, Europe, Africa, South America...
I am sure that there are many other solipsists out there.
Nobody bought Daewoo cause they had a stupid name. Same with Huawei.
Sony and Panasonic and Honda and Nokia have no problem because their names are passable in English.
Hyundai is an exception somehow.
From the nation that spies on NATO allies.
Even the liberal Obama administration was caught spying on Germany media and key government officials.
Face it, this cold war bullshit is in our red American blood.
I don't get this stance. Virtually *everything* used in North America comes from China. Even precious American darlings like Apple make all their stuff in China and ship it over.
If the US gov't is so worried about Chinese influence, maybe they shouldn't have allowed the overwhelming majority of it's manufacturing capacity to be moved overseas?
*sniff sniff*, smells like bullshit.
Isn't such agencies should come up with solid proof first, before accusing anyone? Or they became oligarch/multinationals mercenary - like law enforcement agencies in Putin Russia?
What if China cut, in retaliation, and in their traditions - much more harsh way, Apple? 1/4-1/3 of profit gone? (and other countries might enjoy following trend)
That the products from one country has more back doors than those from another country.
Yes the hand of the state is deeply involved with corporate enterprises in China.
But that does not preclude things such as NSL (National Security Letters) and indirect influence via government purchases and tax breaks, which also pressure companies in other countries to install back doors or just implement weak/crippled security.
Look at the security mess with Intel ME and AMD PSP. Not to mention Microsoft Windows 10, and what they did to backdoor Skype.
Personally, I would be willing to pay double for computing products with reasonable performance and capabilities, that could be independently validated to have decent security and privacy, free of deliberate back doors.
Is there a reason to single them out? Are their denials insufficiently vehement?
“He’s not deformed, he’s just drunk!”
Most people in their late 40s and 50s, which is how old you need to be to bubble up to the top in just about any large organization, came of age in the late 80s and early 90s when China was a backwater, Russia was a third-world country, and all the cutting-edge good stuff was being manufactured by companies like IBM in places like Lexington, Kentucky.
For much of the late 90s and 2000s, and even into today, that continued to be true for most (if not all) military electronics. A lot of laws and regulations that defense contractors and government labs follow are still written like that's the reality for all of tech. To an extent, that sustains a small advanced electronics echosystem here.
Problem is, that stopped being true for consumer electronics a long time ago, and more advanced and backend equipment is following in those footsteps, because guess what: twenty years of growth in making cheap shit over there pumps money and builds up expertise and a manufacturing echosystem over there. At the expense of the one here, I might add. The guys sounding the alarm in TFA are just realizing the scope of the problem because it's coming to get them where they live: government IT security by way of trusted suppliers.
It's not hypocrisy. It's just government stupidity by way of institutional inertia and obliviousness to the market environment.
FBI, CIA, NSA: Encryption bad! Spying good! Privacy bad!
They almost got it right. I'll fix it.
"We're deeply concerned about the risks of allowing any company or entity that is beholden to ANY government, as NONE OF THEM share our values, to gain positions of power inside our telecommunications networks," FBI Director Chris Wray should have testified. "That provides the capacity to exert pressure or control over our telecommunications infrastructure," Wray should have said. "It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage that is currently only OK for Uncle Sam and his secret courts"
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
Should non-US governments use US products?
Like, Microsoft Windows or Google Android?
They are well known to send telemetry and usage data to the maker.
Should every country use only its own electronics, devices, software and services?
Should open source come to the rescue?
Or will transparency initiatives like Microsoft GSP (government security / transparency program) help?
"We cannot spy on you as easily if you use Chinese Phones".
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
First: Start making these devices in the USA, then I might buy one. As a a member of the manufacturing sector, location of production matters to me. I don't care about where the engineers work, that doesn't help me at all. As far as I'm concerned "designed in Cupertino" or whatnot has precisely zero value to me. Heck, I'd rather see "designed in Zhensong, made in USA" on the packaging. I don't see these engineers clamoring to bring manufacturing back to the USA, so why should I care about the plight of those engineers? In fact, most of them thought it was just dandy when our (and my) manufacturing jobs got moved overseas (and not robotics now too) because they could save 15 cents. Well, I say outsource the engineering, so I can save 15 cents too, and hey, just like they said to me, "that's not my concern".
Second: If it's all physically produced in China, it's pretty much the same risk anyways. Do you honestly think Chinese companies couldn't try to slip in a back door during the manufacture? Please! Given my first statement, if I have to buy Chinese made goods, I'll buy the ones that cost less.
I don't particularly think ZTE or Huawei pose any greater risk that the United States government, American companies like Intel, Apple, and Google. The reality is all these companies and countries are doing things that aren't in our communal interests. If we are to expect privacy and security in our communications everybody needs to release a complete set of source code from the very firmware that runs in the CPU to the keyboard controllers to the software that runs on the top of the operating system. We know where these companies are hiding backdoors because we've been finding them for years. From Intel's password=empty string "bug" that let anybody in to the spyware that shipped on *EVERY SINGLE* Android phone. The same can be seen in router firmware. The backdoors and security vulnerabilities are being placed in proprietary components where there are fewer eyes upon which can examine them.
Mr Pot: "Hey, Mr Kettle. YOU'RE BLACK!"
Fuck me sideways, even Orwell would be shitting himself.
OK. You got me this time Slashdot. Since the Deep State doesn't want me to buy a Huawei phone, my next phone will be a Huawei.
I read "they have unbreakable encryption and the foreign company behind them isn't easy to coerce into letting us have our way".
Do you have ESP?
The iphone is certainly made in China, as are many other computers, tablets and phones.
Interestingly, Blackberry always refused to make phones in China - they were made in Canada, Mexico and other countries.
Of course, no one cares about security...
I'm going to be off-topic and pedantic here.
> Russia was a third-world country
The definition of second world was "the USSR and its allies".
First world is NATO (US and allies).
Third world is countries not aligned with either major power, often because they weren't significant enough to make a big difference anyway, so they weren't courted by either the US or USSR.
The summary talks about advising Americans against using Huawei phones, but then quotes telecommunications infrastructure. These are two very different applications with very different risk profiles.
For the average American an American made device likely poses a higher risk than that made under the influence of a foreign power.
For a nation's infrastructure the influence of a foreign actor posts a higher risk than in-sourcing as much as possible. And that would make America consistent with other countries. Australia has also banned Huawei from bidding on government contracts. They make some decent budget phones though.
"We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power ..."
It little behooves the best of us to comment on the rest of us.
They said the same about Huawei when they started selling switching gear against Cisco a decade or so ago.
I went from huwai to xaomi. So solid
> the firmware is still in the hands of the OEM and susceptible to tampering The physical phone is in your hands right now. Try to tamper with the firmware and see what happens.
Almost all the chips and the internet of things can be made into spyware. So essentially we need to ban all Chinese made chips and software and routers and devices ...
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
That sounds like a ringing endorsement to me.
I have lived in China for the last 5 years. This countryâ(TM)s society does not even have a pretense to respect human rightsï¼OEdemocracy, freedom of speech and does not believe in equality of human beings. They also have a population 5 times that of the US and are likely to easily become the first global no democratic superpower in a century. If people think that global domination by a government like that is not any more dangerous than the current situation they are being naive beyond belief.
Huawei phones are usually reasonably priced, and decent hardware. On top of that they generally all have easily unlocked bootloaders and decent development community support, so there are lots of custom rooms and software out there. If you really don't trust the software on the phone you have open source options.
Sounds like there may be good deals coming up on Huawei phones, maybe about time to buy a new phone.
Though, I have no idea why Huawei is targeted.
Because they have been caught installing spyware in the firmware.
http://www.news18.com/news/tech/xiaomi-lenovo-huawei-smartphones-found-pre-installed-with-spyware-1087415.html
Their response was "oh, that wasn't us, it was somebody else."
... don't give contractors and entry-level peeps the keys to the fucking gate re: Manning, Snowden, Winter, et al.
It little behooves the best of us to comment on the rest of us.
Honestly, at this point, I'd assume that this is because the NSA hasn't figured out how to get Huawei to break device encryption for them.
I mean, in this day and age, telling me that NSA, FBI, and CIA all agree that I shouldn't use something means that it's probably the best choice I could make.
I guess the government pressured Verizon and AT&T to drop plans for selling this phone. Our loss. Maybe Apple and Foxcon are responsible. I realize AT&T is hoping for the approval of the merger. Now I guess I should not renew my Kaspersky antivirus and throw away all cellphones except for my Samsung (which may be made in China too).
I'd rather have China steal my data than Apple, Google, Twitter and the worst of the lot - Facebook.
is that because they can't surveil them?
https://www.theverge.com/2017/...
A few years ago, Apple agreed to give the NSA a remote backdoor into all their products in exchange for some public lies about how secure they are. Since then, every US government agency has been actively pushing Apple products, because they know they can get into them with minimal effort, while most other brands need to be brute-forced.
The Chinese government has basically done the same with Xiaomi and Huawei. Oh, and Apple.
è il bue che dice cornuto all'asino ("that's the pot calling the kettle black").
What china is doing is fine, because they are putting barrier indescrimainately to all countries, usa included. Wto rules are so that you can have barrier high or lower if you do it for everybody similarly (or are in a common area like eu nafta etc...). So china is ok. The us otoh if it dies that to specific product to orotect theur own , targeting countries, woukd be in breach.
Use a Mac burger!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Absolutely. I'd be extremely wary of any "thing" "sharing" FBI's, CIA's and NSA's "values"!
and use android or apple. because those send your data to those agencies, unlike huwaei
I'd rather my phone was backdoored by our enemies than by my own government. I'm a lot less likely to suffer persecution for anything our geopolitical adversaries discover.
China can never use parallel construction to convict people in Western jurisdictions. And I don't own any Imaginary Property they can steal.
... no one should use products or services from Microsoft, Apple, Intel, Google, Facebook, ...
This recommendation smacks of good old protectionism, and if the US want to play it that way I'm sure other countries will follow suit.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
The question to ask when buying a new phone is, "Do I want a foreign government spying on me or do I want my own government spying on me?"
Even with a horrid regime in China, I still consider my own government to be the worse of them all.
What the hell is China or Russia going to do to me???? Send me more cheap products and hot hookers?
Other agencies that don't hold our values? Who's we, white man? You mean the values of the US Government spying on US citizens without a warrant? Of beating up US reporters? Of spraying pepper spray into the faces of US citizens who protest the Rich White Takeover of the country? Of providing $2billion each day to the Pentagon for the purposes of dropping bombs on and gunning down countless brown skinned people in other countries? Of allowing our infrastructure to fall apart because it is only used by poorer people? Of allowing our school systems to collapse and fail because stupid people pose no threat to the higher educated Rich White People? Of the intentional continued slavery and wholesale murder of black citizens? Of the gentrification and enslavement of Hispanic citizens? Of the subjugation and brutalization of women? You mean those values?
The irony here. The FBI would love to have a backdoor to encryption on Apple devices - and keeps pressuring them to do it.
But watch out for those Chinese guys. We can't trust them.
and give all your data to American companies instead. This has nothing to do with the phones being supposedly insecure, it's all about fighting for market segment. If it comes out of the mouth of American agencies, treat it as a lie.
It's simply a way of avoid competition.
I remember the 2013 ban on T-Platform computers (a Russia-based company). Similar story.
Why draw the line at the 90's and not the 80's? The rise of the microchip and home computers occurred in the 80's. The computerization of industries also started in the 70's and 80's.
Conservatives: Reagan '81-'89, H. W. Bush 89'-'93, W. Bush '01-'09. Trump '17-present
Liberals: Clinton '91-'01, Obama '09-'17
That's 21 years for Conservatives, and 16 for liberals.
Reagan lead us into unemployment, deficit spending, income inequality and grew the size of the federal government.
Duh, if you use a Chinese phone, then it is so much harder for the CIA, NSA, and FBI to spy on you.
Lev Andropov: "Components? American components, Russian components, ALL MADE IN TAIWAN!"
Uh, they do know that all phones, not just Huawei are made in China right? If they are determined to install malicious stuff they have the physical contact to enable them to do so presumably to any brand of phone. Unless of course someone from Apple or others do deep inspection audits of the phones when they arrive in America... (no they are not)
The baseband firmware in everything since android took over and in many of the pre-android phones is either SoC manufacturer signed, or OEM signed.
Meaning the cellular modem itself, unless isolated from the smartphone CPU *AND* power controlled either *BY* the smartphone CPU (which means a lot of chip real-estate powered up and thus battery drain in addition to seperate chip costs to implement) or a physical switch, is already completely pwn3d, whether you are worried about the NSA, the FSB, the Chinese, Mossad, or some other real or percieved bogeyman.
There has yet to be a commercially successful (ideally well documented if not open hardware) cell phone design in the past decade that allows full cellular modem kill, ensures isolation of cellular modem to deter compromise of the core user-facing operating system, its storage, its secure keyring implementation, or ensure its ability to function as a computer in spite of a remote kill signal being sent to the modem.
Our hardware has become dangerously compromised, but the quantity of people considering it a problem apparently would fit in Rhode Island, or a similiarly small region, because the financial/intellectual momentum hasn't been there to develop even a short run certified device that meets all these qualifications. The closest devices that have gotten to market all used PowerVR SGX GPUs and other seriously compromised/closed components, which defeated the original intent of the devices to begin with... and even those devices happened 5-10 years ago.
Nobody knows better than the FBI, NSA, and CIA how easy it is for a government to cooperate with phone companies in their country to be complicit in spying on citizens.
And nobody knows better than the FBI, CIA, and NSA how much power and control it brings to the government.
Of exporting "unsecured" routers which was already documented on Slashdot. It's no surprise they would not be trusted and should not be.
It's nice to see the FBI doing what they should be doing instead of doing nothing about deranged teens threatening schools or chasing down peepee gate.
Huawei did corporate espionage on a major Canadian telecoms company named Nortel, when the Canadian government bought the old Nortel building (After Huawei ripped off all their RND and got it to market first) for the new DND headquarters they had to essentially gut the building and rebuild from the framework up.... Huawei left so many bugs behind in the building it delayed the project to convert it into essentially our Canadian version of the Pentagon.
Source: I helped rip out cubicles in the Nortel building a couple winters ago, a lot of people got laid off and left their overhead cabinets locked and filled with 100-200lb of books and papers. The teardown was massive and took months, it was a ghost office (8000-10,000 workstations across multiple floors and buildings) some cubicles still had their CRT displays and 90s computers.
I will never trust a Huawei phone, ever.