Slashdot Mirror
FBI, CIA, and NSA: Don't Use Huawei Phones (cnbc.com)
The heads of six top U.S. intelligence agencies told the Senate Intelligence Committee on Tuesday they would not advise Americans to use products or services from Chinese smartphone maker Huawei. "The six -- including the heads of the CIA, FBI, NSA and the director of national intelligence -- first expressed their distrust of Apple-rival Huawei and fellow Chinese telecom company ZTE in reference to public servants and state agencies," reports CNBC. From the report: "We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks," FBI Director Chris Wray testified. "That provides the capacity to exert pressure or control over our telecommunications infrastructure," Wray said. "It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage."
In a response, Huawei said that it "poses no greater cybersecurity risk than any ICT vendor." A spokesman said in a statement: "Huawei is aware of a range of U.S. government activities seemingly aimed at inhibiting Huawei's business in the U.S. market. Huawei is trusted by governments and customers in 170 countries worldwide and poses no greater cybersecurity risk than any ICT vendor, sharing as we do common global supply chains and production capabilities."
In a response, Huawei said that it "poses no greater cybersecurity risk than any ICT vendor." A spokesman said in a statement: "Huawei is aware of a range of U.S. government activities seemingly aimed at inhibiting Huawei's business in the U.S. market. Huawei is trusted by governments and customers in 170 countries worldwide and poses no greater cybersecurity risk than any ICT vendor, sharing as we do common global supply chains and production capabilities."
Huawei competes with the likes of Samsung, LG, Motorola and all other Android phones. Apple really has no rival as they control the entire garden within their walls.
--- Keep the choice with the user..
Immigration shouldn't use Chinese phones as they go after Mexican illegals on the order of our Russian controlled president.
They are simply bypassing adding a barrier of entry which would be illegal by pretending they are a security risk. That could backfire a lot though, because so far only the US was caught with the hand in the malware cookie jar, and massively intercepting comms. That could turn around and bite the US in the ass, why trust anything including new computer plateform when it is spied upon NSA, subpoenaed even if server are not physically in the US, and most probably bugged to hell by the NSA ? Huawei was never caught red handed. The US and NSA was. By using this tactic , the US may remind OTHER countries who was the one governement which was caught doing what they pretend Huawei is doing....
We've begged this company to allow backdoors in their products and they have refused, so please don't use their products, m'kay!
'"We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power inside our telecommunications networks," FBI Director Chris Wray testified'.
I wonder if Mr Wray would care to state exactly what "our values" are. I suspect the reason why politicians (and make no mistake, the FBI Director is a politician first, last and foremost) never list "our values" is either because they have forgotten what they are supposed to be, or because they are afraid listeners would burst out laughing.
Democracy? The USA was never meant to be a democracy - quite the contrary - and it is now definitely a plutocracy.
Freedom? That depends, doesn't it - whose freedom to do what to whom?
Freedom of speech? "It is by the goodness of God that in our country we have those three unspeakably precious things: freedom of speech, freedom of conscience, and the prudence never to practice either of them". - Mark Twain, Pudd'nhead Wilson's New Calendar, Ch. XX
Freedom of assembly? Not anywhere near where any politicians are having a meeting, or anywhere the armed forces say you can't go.
A free market? Everything is rigged, starting with interest rates and including the stock and bond markets.
I could go on but I don't want to bore anyone.
I am sure that there are many other solipsists out there.
Honestly, the Chinese government has no power or authority over me, so if that government took my data I'd mind a whole lot less than if it was my own government.
I'm not really sure what the risk level is here for the average person while using a product from Huawei, it just doesn't seem any more significant than using Google, Facebook, Apple, or other tech company products that already surveil the hell out of you.
By their logic we shouldn't be buying Lenovo, Motorola, Apple (Foxconn), or any of over a hundred other Chinese OEM's devices. The excuse that Apple controls the OS isn't even a solid argument as the firmware is still in the hands of the OEM and susceptible to tampering. There's something else pushing this narrative. Be interesting to find out what it is.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
Apple phones are still manufactured by a Chinese company. For that matter, how are these one line of Huawei phones different from literally every other phone manufactured in China to be sold worldwide, including in the US?
What is special about this particular line of phones that they're not telling us?
Also, of course, if Americans are not to use Chinese devices in case the Chinese government spies on them - who (outside the USA) is going to want to use American devices?
We know for sure that the US government systematically spies on Americans, and if they spy on Americans they certainly wouldn't baulk at spying on foreigners.
So, goodbye all Apple sales to China, Russia, India, Europe, Africa, South America...
I am sure that there are many other solipsists out there.
I don't get this stance. Virtually *everything* used in North America comes from China. Even precious American darlings like Apple make all their stuff in China and ship it over.
If the US gov't is so worried about Chinese influence, maybe they shouldn't have allowed the overwhelming majority of it's manufacturing capacity to be moved overseas?
*sniff sniff*, smells like bullshit.
Isn't such agencies should come up with solid proof first, before accusing anyone? Or they became oligarch/multinationals mercenary - like law enforcement agencies in Putin Russia?
What if China cut, in retaliation, and in their traditions - much more harsh way, Apple? 1/4-1/3 of profit gone? (and other countries might enjoy following trend)
That the products from one country has more back doors than those from another country.
Yes the hand of the state is deeply involved with corporate enterprises in China.
But that does not preclude things such as NSL (National Security Letters) and indirect influence via government purchases and tax breaks, which also pressure companies in other countries to install back doors or just implement weak/crippled security.
Look at the security mess with Intel ME and AMD PSP. Not to mention Microsoft Windows 10, and what they did to backdoor Skype.
Personally, I would be willing to pay double for computing products with reasonable performance and capabilities, that could be independently validated to have decent security and privacy, free of deliberate back doors.
Is there a reason to single them out? Are their denials insufficiently vehement?
“He’s not deformed, he’s just drunk!”
Most people in their late 40s and 50s, which is how old you need to be to bubble up to the top in just about any large organization, came of age in the late 80s and early 90s when China was a backwater, Russia was a third-world country, and all the cutting-edge good stuff was being manufactured by companies like IBM in places like Lexington, Kentucky.
For much of the late 90s and 2000s, and even into today, that continued to be true for most (if not all) military electronics. A lot of laws and regulations that defense contractors and government labs follow are still written like that's the reality for all of tech. To an extent, that sustains a small advanced electronics echosystem here.
Problem is, that stopped being true for consumer electronics a long time ago, and more advanced and backend equipment is following in those footsteps, because guess what: twenty years of growth in making cheap shit over there pumps money and builds up expertise and a manufacturing echosystem over there. At the expense of the one here, I might add. The guys sounding the alarm in TFA are just realizing the scope of the problem because it's coming to get them where they live: government IT security by way of trusted suppliers.
It's not hypocrisy. It's just government stupidity by way of institutional inertia and obliviousness to the market environment.
FBI, CIA, NSA: Encryption bad! Spying good! Privacy bad!
They almost got it right. I'll fix it.
"We're deeply concerned about the risks of allowing any company or entity that is beholden to ANY government, as NONE OF THEM share our values, to gain positions of power inside our telecommunications networks," FBI Director Chris Wray should have testified. "That provides the capacity to exert pressure or control over our telecommunications infrastructure," Wray should have said. "It provides the capacity to maliciously modify or steal information. And it provides the capacity to conduct undetected espionage that is currently only OK for Uncle Sam and his secret courts"
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
You do know Foxconn is Taiwanese. They aren't exactly keen on being subservient to the Chinese government.
First: Start making these devices in the USA, then I might buy one. As a a member of the manufacturing sector, location of production matters to me. I don't care about where the engineers work, that doesn't help me at all. As far as I'm concerned "designed in Cupertino" or whatnot has precisely zero value to me. Heck, I'd rather see "designed in Zhensong, made in USA" on the packaging. I don't see these engineers clamoring to bring manufacturing back to the USA, so why should I care about the plight of those engineers? In fact, most of them thought it was just dandy when our (and my) manufacturing jobs got moved overseas (and not robotics now too) because they could save 15 cents. Well, I say outsource the engineering, so I can save 15 cents too, and hey, just like they said to me, "that's not my concern".
Second: If it's all physically produced in China, it's pretty much the same risk anyways. Do you honestly think Chinese companies couldn't try to slip in a back door during the manufacture? Please! Given my first statement, if I have to buy Chinese made goods, I'll buy the ones that cost less.
I read "they have unbreakable encryption and the foreign company behind them isn't easy to coerce into letting us have our way".
Do you have ESP?
I'm going to be off-topic and pedantic here.
> Russia was a third-world country
The definition of second world was "the USSR and its allies".
First world is NATO (US and allies).
Third world is countries not aligned with either major power, often because they weren't significant enough to make a big difference anyway, so they weren't courted by either the US or USSR.
The summary talks about advising Americans against using Huawei phones, but then quotes telecommunications infrastructure. These are two very different applications with very different risk profiles.
For the average American an American made device likely poses a higher risk than that made under the influence of a foreign power.
For a nation's infrastructure the influence of a foreign actor posts a higher risk than in-sourcing as much as possible. And that would make America consistent with other countries. Australia has also banned Huawei from bidding on government contracts. They make some decent budget phones though.
"We're deeply concerned about the risks of allowing any company or entity that is beholden to foreign governments that don't share our values to gain positions of power ..."
It little behooves the best of us to comment on the rest of us.
That's because most Cisco equipment had plentiful backdoors, unenforced password barriers/complexities, and holes like a screen door.... that is, those that didn't have a quick trip to the NSA on their way to offshore clientele. Look up the CVEs. They're frightening. Do you think these were stupid programmers?
As shown above, the USA is great at playing this game, to the denials of other phone vendors whose phones are said to be totally secure, but are in fact sieves.
---- Teach Peace. It's Cheaper Than War.
> the firmware is still in the hands of the OEM and susceptible to tampering The physical phone is in your hands right now. Try to tamper with the firmware and see what happens.
Almost all the chips and the internet of things can be made into spyware. So essentially we need to ban all Chinese made chips and software and routers and devices ...
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
US officially operates under a One China policy, where Beijing is recognized, but Taiwan isn't. And China considers Taiwan to be an autonomous region, like Hong Kong and Macau. And Foxconn is operating in China, so are subject to the laws and practices of China. One should assume that Foxconn is a Chinese company.
Though, I have no idea why Huawei is targeted. They have no official ties to the China government, and, unlike Cisco, have never put in a backdoor for government control. I'd be much more worried about American companies. The government has requested backdoors publicly, and privately, and there have been some confirmed and found. It does not matter that they are intended for US operatives only, once they are in, they can be compromised by others.
I guess it's just plain racism. China bad. America good.
Learn to love Alaska
You do know Foxconn is Taiwanese. They aren't exactly keen on being subservient to the Chinese government.
Taiwan is China. They think they are the One True China. The other Chinese think THEY are the One True China. One is PRC, the other is ROC. In both cases, "C" stands for "China".
Though, I have no idea why Huawei is targeted. They have no official ties to the China government, and, unlike Cisco, have never put in a backdoor for government control.
Ding ding ding. The NSA wants a back door that they control in every phone.
You do know Foxconn is Taiwanese. They aren't exactly keen on being subservient to the Chinese government.
Foxconn may be Taiwan-based, but Apple iPhones are assembles at their factories in mainland China.
I imagine that Foxconn is at the mercy of the PRC government for permission to do anything: e.g. build factories, employ people, etc.
Nokia is a Finnish company. But do keep going about how Oriental companies are worse than Chevrolet, Exxon and Altira for having "stupid names".
"Wait. Something's happening. It's opening up! My God, it's full of apricots!"
Not Cold War , but fear.
Americans love to live in fear, Reds under the beds, Injuns, terrorists, blacks, Mexicans , Muslims, its does not matter much which, so long as you can be scared because scared people are more willing to let someone else do the thinking for them, even when they have to give up rights of freedom, free speech, travel, etc etc its all able to be taken away "to make America safe".
Though, I have no idea why Huawei is targeted.
Because they have been caught installing spyware in the firmware.
http://www.news18.com/news/tech/xiaomi-lenovo-huawei-smartphones-found-pre-installed-with-spyware-1087415.html
Their response was "oh, that wasn't us, it was somebody else."
I guess it depends on who you're afraid of. Depending on my activities and discussion I might feel safer with the Chinese government having my information than the NSA.
This isn't an either or situation... It's one or both... Still, it's your call...
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Cisco doesn't intentionally put in back doors. It has been documented that the NSA intercepts networking device shipments from all manufactures destined to foreign countries. They implant surveillance code, repackage the equipment with their factory seal and send it on its way.
... don't give contractors and entry-level peeps the keys to the fucking gate re: Manning, Snowden, Winter, et al.
It little behooves the best of us to comment on the rest of us.
Honestly, at this point, I'd assume that this is because the NSA hasn't figured out how to get Huawei to break device encryption for them.
I mean, in this day and age, telling me that NSA, FBI, and CIA all agree that I shouldn't use something means that it's probably the best choice I could make.
China bad. America good.
I ordered a BLU phone last time. Dunno if it is ultimately made by the same guys or not, but I believe an earlier version had questionable software.
The bottom line is, the phone is only for personal email and phone calls, none of which I need to keep secure from China. They can hack all they want, but the most they would find work related is a request to enter sick time.
Now I see no reason to assume an American product is safe, whether the cause be carelessness or deliberate back doors. Instead in this case, if the NSA engineered the back door, well your phone contents might be part of some vast database. (I'd be unsurprised if it wasn't anyway, possibly through google servers.)
Perhaps I'm too cynical, but I'm not really seeing a security advantage that matters with the American cell phone makers. (Reliability is another matter altogether.)
Now, if I was running a tech business or supplying business phones, then I have to worry about Chinese hacking, and Huawei (or BLU) may be a very bad idea then.
Personally, if I wanted security, I'd want to be able to re-flash the hardware with something with a known pedigree. (I.E. stock android would be a start.) That isn't a complete guarantee, but it is closer. I think a problem there is your not going to get approval to just change the software on something with a software defined radio. Networks may not want to let you use their spectrum either. Of course just software doesn't prevent hardware level tricks, but it does make tricks that rely on a combination harder.
I guess the government pressured Verizon and AT&T to drop plans for selling this phone. Our loss. Maybe Apple and Foxcon are responsible. I realize AT&T is hoping for the approval of the merger. Now I guess I should not renew my Kaspersky antivirus and throw away all cellphones except for my Samsung (which may be made in China too).
I don't think "liberal" administrations are any less given to spying or centralization of power than are "conservative" administrations. They just spend a bit more on the below median income citizen. You can say this is good or bad, and there are reasonable arguments either way, but neither is "small government" or "get the government off the backs of the people" or any of the similar slogans that have been used in past campaigns. They only tend to lie about how they'll do that when they get power again when they're out of power.
So there's no reason to be surprised that Obama's administration was caught spying...except, of course, that they shouldn't have been caught.
I think we've pushed this "anyone can grow up to be president" thing too far.
Fear as a tool for psychological manipulation is not limited to Americans. It is useful on all humans regardless of culture or nationality as history has shown.
There is, on the other hand, plenty of reasons why peace and prosperity should not be taken for granted. There are also plenty of reasons for not succumbing to the gaslighting by proponents of cultural egalitarianism and 'free trade', with the intended result being the further enrichment of the already wealthy. There are reasons to fear when people remain ignorant and apathetic to the actions of those supposedly representing them.
is that because they can't surveil them?
Though, I have no idea why Huawei is targeted. They have no official ties to the China government, and, unlike Cisco, have never put in a backdoor for government control.
Ding ding ding. The NSA wants a back door that they control in every phone.
Precisely. The NSA already has endless backdoors for US vendors like Apple and Google (Android), what they're saying here is "please hold off buying Huawei gear until our TAO division has a catalogue of backdoors for them as well".
It's pretty rich that a set of government entities notorious for illegally backdooring (NSA) and intercepting (FBI via Stingrays) phones is warning people about another country's phone security.
Did you just wake up from a coma?
https://www.infoworld.com/article/2608141/internet-privacy/snowden--the-nsa-planted-backdoors-in-cisco-products.html
https://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/
https://www.wired.com/2013/09/nsa-router-hacking/
Use a Mac burger!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
Well, "official ties". A few years ago Huawei received a long-term 20 billion USD loan from a government-owned Chinese bank. Shortly thereafter they started undercutting producers of enterprise networking equipment (border gateways, etc...) like Cisco and Alcatel by offering their stuff for free with only a modest support contract. The equivalent box Cisco cost around 1.5 million euros per year. I was working for a small ISP in western Europe and of course the management went for the Huawei offer. I think it's quite reasonable to suspect that Huawei are working on behalf of some of the Chinese intelligence agencies.
... no one should use products or services from Microsoft, Apple, Intel, Google, Facebook, ...
This recommendation smacks of good old protectionism, and if the US want to play it that way I'm sure other countries will follow suit.
"By the way if anyone here is in advertising or marketing... kill yourself." -- Bill Hicks
The irony here. The FBI would love to have a backdoor to encryption on Apple devices - and keeps pressuring them to do it.
But watch out for those Chinese guys. We can't trust them.
So Huawei was cheaper. So they must be evil. Your logic leap seems devoid of logic.
Learn to love Alaska
Lev Andropov: "Components? American components, Russian components, ALL MADE IN TAIWAN!"
Uh, they do know that all phones, not just Huawei are made in China right? If they are determined to install malicious stuff they have the physical contact to enable them to do so presumably to any brand of phone. Unless of course someone from Apple or others do deep inspection audits of the phones when they arrive in America... (no they are not)