Slashdot Mirror
Europe Should Be Afraid of Huawei, EU Tech Official Says (reuters.com)
The European Union should be worried about Huawei and other Chinese technology companies because of the risk they pose to the bloc's industry and security, the EU's technology commissioner said on Friday. From a report: "Do we have to be worried about Huawei or other Chinese companies? Yes, I think we have to be worried about those companies," Andrus Ansip told a news conference in Brussels, days after a top executive at Chinese tech giant Huawei was arrested in Canada as part of an investigation into alleged bank fraud.
Huawei, which generated $93 billion in revenue last year and is seen as a national champion in China, faces intense scrutiny from many Western nations over its ties to the Chinese government, driven by concerns it could be used by Beijing for spying. Ansip said he was concerned because Chinese technology companies were required to cooperate with Chinese intelligence services, such as on "mandatory back doors" to allow access to encrypted data.
He also said those companies produce chips that could be used "to get our secrets." "As normal, ordinary people we have to be afraid," he said, adding he did not have enough information about the recent arrest in Canada.
Huawei, which generated $93 billion in revenue last year and is seen as a national champion in China, faces intense scrutiny from many Western nations over its ties to the Chinese government, driven by concerns it could be used by Beijing for spying. Ansip said he was concerned because Chinese technology companies were required to cooperate with Chinese intelligence services, such as on "mandatory back doors" to allow access to encrypted data.
He also said those companies produce chips that could be used "to get our secrets." "As normal, ordinary people we have to be afraid," he said, adding he did not have enough information about the recent arrest in Canada.
Perhaps their concerns lead them to do the opposite of what they ought to do. Kind of like a dine and dash seems like a good idea at the time until the cops are at your door.
this could easily be rewritten
"Huawei, which generated $93 billion in revenue last year and is seen as a national champion in China, faces intense scrutiny from many Western nations over its ties to the Chinese government, driven by concerns it could be used by Beijing for spying. Ansip said he was concerned because Chinese technology companies were required to cooperate with Chinese intelligence services, such as on "mandatory back doors" to allow access to encrypted data. "
to
"Apple, which generated $233 billion in revenue last year and is seen as a national champion in US, faces intense scrutiny from many nations over its orders from the US government, driven by concerns it could be used for spying. Ansip said he was concerned because US technology companies were being forced in FISA courts to cooperate with FBI investigations, such as on "mandatory back doors" to allow access to encrypted data."
Calvin:Do you believe in the devil? Hobbes:I'm not sure man needs the help.
im getting a little tired of these dog whistles because while it is concerning that China and/or Russia may be spying on us these same people have no problem with google or facebook spying on us!
Lets clean up our own house before we go throwing stones at others.
Oh noes not the yellow peril all over again. Reds under the bed, cue generic ranting...
Well actually I agree. And I spent a number of years actually examining the insides of Huawei kit for security evaluation. What Huawei are, are masters of shifting the blame, making "accidental" firmware features that shouldn't be on kit when its discovered, and calling racist on every single person who has the audacity to actually out flaws.
Plus they get all of their larger corporate customers tied into a non disclosure agreement on flaws, and fix security issues that the customer refuses to deploy with quietly with no mention in the release notes. So you will *never* hear of a really bad flaw unless its found by a independent researcher (which I was not) because their hands are tied. And independent's don't usually buy in enterprise class hardware for their personal labs.
I also used to deal with other major vendors, and yes, some of them were equally as bad at disclosing & avoiding actually fixing something they could "manage" their way out of doing, but none of them ever tried to get me fired as a racist for finding flaws. Some were great, you found something, they fixed it and you had the fix/release in a day/week, and they used to offer to attribute the finding (which I couldn't accept, because I also had a NDA and no publicity clause).
Of course, so say random guy on slashdot. But...
This story isn't really about "normal people", which typically refers to an average citizen. Those have nothing that Chinese intelligence would want. It's the same reason why we "normal people" are relatively safe against the likes of NSA too. We have nothing NSA wants.
It's the corporations that are engaged in competition with China, and state structures that need to be worried. They actually have things Chinese intelligence wants. But that doesn't sound as scary to the "normal people" unfortunately, because they often have trouble connecting "myself" to "my state" and "large corporations in my state that directly affect my livelihood".
But they aren't worried about hordes of "immigrant" dedicated to destroying their cultures and replacing it with a death cult?
Not sure whether to mod this "troll" or answer it as a serious question. Guess I'll take it seriously and reply anonymously.
If you actually paid attention to the news, and which parties are taking power in Europe, you would know that in fact Europe is very worried about immigrants, and what they will do to their culture. Your post is wrong from the very first words.
Why is "immigrant" in quotes, by the way?
In general, the immigrants that Europeans are worried about are refugees. They aren't "dedicated to destroying their cultures" nor are they in "a death cult". They are dedicated to trying to find a place to live where they don't get shot and bombed and don't starve to death.
The "death cult" shit is your paranoia being stoked by right-wing fear factories.
Yep, it's always "EVIL" when it's the other side spying. Now if they had total control themselves, they wouldn't cry "wolf" like this, but they'd shut up about it and tell the denizens to go back to their normal lives and live it as if nothing was afoot.
Truth is - we need open source processors and alternatives, so we have an alternative to big corporations that can be forced to make decisions based on the powers that be.
What this world is coming to - is for you and me to decide.
How about simply reality. YES, you should be very much worried about all foreign supplied technology in your countries infrastructure. It basically places you hostage to that other countries control of the companies that supply you that technology. It can be backed doored in all sorts of ways, to intercept data, to censor data, to shut down the transmission of data, YES, it is extremely risky to place the control of your countries infrastructure in the hands of other countries governments via their control of the companies supplying the technology.
Who would I trust the least, well, you know the easy answer would be the USA but in reality Saudi Arabia and Israel would be fucking worse, and a bunch of other corrupt countries but to be honest I would trust China ahead of the USA, quite a ways ahead. Other countries should really stop using code or electronics coming out of the US, it is way more back doored than most would believe, oh yeah, multiple back doors.
Chaos - everything, everywhere, everywhen
Precisely. It is american companies we should fear instead
That is a false dichotomy. You can fear China and also fear American companies. It's a "whataboutery" argument: saying we should fear American companies in no way cancels out the fact that we might want to avoid Chinese products with built-in back.
But second, these are two completely different fears. Basically, American companies want to know everything about you so they can sell you advertisements. That's fundamentally different from China, in which the government to control everything.
Really. The Chinese government is not the good guys here.
The app want to know my web history, bookmarks and installed apps.
I think I'll return it even though it's cheaper.
Also bought their semi-broken tablet, I have no idea how that spy or whatever it will be fixed (breaks apps + shit antenna) may return that too.
S3 32 GB 3999 SEK
Vs
Mediapad M5 64 GB 3333 SEK.
Scale AH100? 290 SEK Vs Nokia Body+ for 590ish or beuer bf700/750 for 400-500ish or possibly Amazon but I live in Scandinavia.
But so far Apple has resisted the mandatory decrypting and back doors.
https://appleinsider.com/articles/18/05/02/apple-other-tech-companies-continue-to-resist-encryption-backdoor-proposals-by-fbi-us-doj
https://www.theguardian.com/technology/2016/feb/19/apple-fbi-privacy-encryption-fight-san-bernardino-shooting-syed-farook-iphone
https://www.imore.com/why-apple-was-right-resist-government-demands-back-door-ios
https://www.washingtonpost.com/world/national-security/us-wants-apple-to-help-unlock-iphone-used-by-san-bernardino-shooter/2016/02/16/69b903ee-d4d9-11e5-9823-02b905009f99_story.htm
http://www.geoffreylandis.com
But my government will demand access to that data or grab it anyway so there really isn't.
So far, as far as my daily life is concerned, the chinese government minds their own business, whereas others try again and again to push their own draconian take on some laws on foreign countries, such as infinite length copyright.
That's whataboutery.
We know that Russia and China are spying.
Replying "but what about X? What about Y?" doesn't mean that Russia and China aren't spying, or that we shouldn't worry about it: it is only an attempt to change the subject.
https://rationalwiki.org/wiki/Whataboutism
If you look how Chinese companies are structured, by their law, a Chinese official has to be on the board, and has the ultimate decision authority. It is equivalent to having someone from the NSA, CIA, DHS, or DEA be the deciding person on a US company's board in every decision made. Yes people argue, but US companies can give the middle finger to the government. Not so in China where attempts to do so will have people and their families send off somewhere to be "re-educated".
Even a foreign company doing business on Chinese soil cannot do so unless a Chinese counterpart (and thus the PRC) owns 51% of the venture.
So, yes, China is a threat, as anything Huawei gets, the Chinese government gets, and that info can be easily sold. They may not hurt you or your family, but they can find someone who can.
Over the years we have learned that many US high tech products (processors, motherboards, USB devices,...) contain backdoors, and US developped cryptographic algorithms are deliberately weakened. Now the Echelon states warn EU that China does the same. Smokescreen to the EU ?
OK, so we get the occasional nutcase from North Africa intent on suicide for religious reasons, but they kill less people a year than a single home grown, god fearing, gun toting nutcase in America.
The European Telecommunications Standards Institute (ETSI) just came up with eTLS, a version of TLS1.3 that can be decrypted by middleboxes because it uses static keys instead of ephemeral keys from a DH key exchange. This eTLS version is to be used so that companies can decrypt TLS connections to inspect for viruses, information leaks, etc., but also so that data inspection requirements of law enforcement can be fulfilled. American companies are subject to American spy agencies and can be forced to implement backdoors that they cannot tell any of their customers about. The existence of National Security Letters leave not a shred more trust in these companies' products than the reign of the Chinese government over Huawei leaves in their products. Nobody's warning about using Erricson, Nokia, Alcatel, Juniper or Cisco in our networks. These are companies which are beholden to "the good guys", right? They are not more secure, but we can tell them to give us backdoor access. We cannot tell Huawei to open a network for us. I think that's the actual reason behind those warnings. Nobody is trustworthy. The difference is who will cooperate with us.
Well, only a problem between Europe, Asia and the USofA. At least Australia will be safe, right? Right?
Don't fight for your country, if your country does not fight for you.
both of whom have been caught multiple times inserting backdoors and spyware into their equipment? No? Seems he's being paid off.
And the fact still remains: it has never been proven that Huawei has inserted backdoors in their telecom equipment. Only accusations, but no proof whatsoever.
Let's be honest here, China doesnt give a flying fuck about *my* secrets, and frankly I'd rather the Chinese or Russians had a backdoor to my data than my own fucking government, Duh.
Funny how the government(s) here dont like backdoors in their *own* shit, but want to mandatory install them in *everyone else's* shit.
Yeah, little trouble ginning up sympathy here for anyone other than joe and jane consumer, who get fucked either way.
The U.S. government is not perfect but I think a great deal not as bad as the Chinese government, in so many ways. And China has been particularly aggressive in its spying, using technology and human assets in the United States and Europe. Chinese aggression against its weaker neighbors is legendary, pushing them around in the the South China sea and other places -- even Chinese fishermen boarding other nation's boats and attacking them with clubs.
Furthermore, the "disappearances" of people in all regions but particularly minority regions has been vast and relentless for decades. Chinese denials of shooting Tibetans crossing the border on foot toward Nepal, for example, was shut down after European mountain climbers video recorded it. China has led the world and the predominant supplier of human organs. The company that builds its "death mobiles" was bragging about growing production demand for them, about 5 years ago when production rates were 1000 per year. Those bodies exhibits, each holding around 200 bodies, in various cities around the U.S. simultaneously were interestingly stocked with Chinese youth, roughly in their 20's (almost exclusively). And of course, there are the camps with millions of minorities for re-education. How many Tibetan monks taken have every been seen again? At one time, over 8,000 were taken never to be seen again.
Our country (the United States) has all kinds of problems but I really think we need to not lose perspective.
US is wanting the Huawei executive for sanctions evasion.
Viable alternatives to Huawei on operator level are really either NSN or Ericsson. Both are EU based manufacturers so supply is not really the problem.
There are no atheists when recovering from tape backup.
The big concern is that if you are a tech business and use Huawei products in your infrastructure at some point a Chinese competitor of yours will end up with your trade secrets.
If you look how Chinese companies are structured, by their law, a Chinese official has to be on the board, and has the ultimate decision authority. It is equivalent to having someone from the NSA, CIA, DHS, or DEA be the deciding person on a US company's board in every decision made.
Wait until the new Congress gets rolling. This is exactly what’s about to happen.
Egads... The things totalitarian states can get away with.
https://gizmodo.com/5151377/ch...
Even a foreign company doing business on Chinese soil cannot do so unless a Chinese counterpart (and thus the PRC) owns 51% of the venture.
That is a flat-out lie. You are fake news.
http://www.china-briefing.com/news/setting-up-a-wholly-foreign-owned-enterprise-in-china/
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Basically, I assume that all smartphones of about all brands allegedly became eavesdropping devices. So here are some simple ideas:
If one wants to talk about something meaningful it would be a good idea to go outdoors, say running in a park or woods, without smartphones.
Carry a smartphone in a backpack, in a zipped pocket, in order to reduce sensitivity of the microphone (an electromagnetic radiation).
Use text messages instead of phone-calls, not to keep it in a jacket pocket all the time.
At home or at office keep the phone on a remote windowsill.
Why afraid of them? Their CFO just got arrested.
.. and refuses to give us our key/code to unlock it.
Fuck 'em.
A government is a body of people notably ungoverned - AC
...I worked in the mobile industry for years, for many cellular manufacturers, programming mobile devices, and testing them for on-boarding with the carriers. The one thing that seemed to be a standard across the board with most Chinese manufacturers, I won't name names due to non-disclosure agreements, is that location services was turned on in the EPROM whether it was off in the UI or not. So, Chinese devices failed location services tests almost every time, and the carrier would send the device back. The "bug" would be fixed, tested with QXDM or other diagnostic tools, and then submitted as fixed. Then when the next version of software was put out the "bug" would be back, and it would have to be fixed again. This was never the case with Japanese, Korean, or American manufacturers...only the Chinese manufacturers. For this reason I won't buy cellular devices manufactured in China. If I turn my location services off I want them off period! If they are doing that with LBS think what they are probably doing with the rest of the data on your device. Credit Card info, Banking info, personal data, etc. nothing is safe...or as safe as it can be in this world.
The USA is 64th in the world in frequency of mass shootings per capita.
I don't think it's really a problem, it's something that the US has said without ANY evidence. I'm more worried about hardware from an US company as there has been enough evidence to show they had inserted backdoors for the NSA and other US 'intelligent' agencies..
US technology companies were being forced in FISA courts to cooperate with FBI investigations, such as on "mandatory back doors" to allow access to encrypted data."
Is there an actual link to this happening, or is this just more apples-to oranges fearmongering?
Both.
The FBI wanted a backdoor, and Apple fought it.
https://gizmodo.com/why-you-sh...
Successfully, that time-- the FBI withdrew, and said they'd find a different way to crack the phone.
http://www.geoffreylandis.com
If you look how Chinese companies are structured, by their law, a Chinese official has to be on the board, and has the ultimate decision authority. It is equivalent to having someone from the NSA, CIA, DHS, or DEA be the deciding person on a US company's board in every decision made. Yes people argue, but US companies can give the middle finger to the government. Not so in China where attempts to do so will have people and their families send off somewhere to be "re-educated".
Even a foreign company doing business on Chinese soil cannot do so unless a Chinese counterpart (and thus the PRC) owns 51% of the venture.
So, yes, China is a threat, as anything Huawei gets, the Chinese government gets, and that info can be easily sold. They may not hurt you or your family, but they can find someone who can.
Sounds like FUD.
No way is any of this even logistically possible.
How is this any different when US companies receive secret FISA warrants?
In US it is the other way around. The US officials have to have corporate people in the council, and they have the ultimate decision authority.
gear from Western nations. That includes the chips/electronics.
I prefer the "u" in honour as it seems to be missing these days.
Australia just passed a law requiring companies to comply with law enforcement requests to introduce a way around end-to-end encryption.. they can attempt to force companies overseas like Apple and Facebook to provide tools to get around this encryption...
https://www.abc.net.au/news/science/2018-12-07/encryption-bill-australian-technology-industry-fuming-mad/10589962?section=politics
So whilst China might be a concern, you can add Australia to the list of countries who's tech sector is compromised by it's Government and whose software will by law have to have some form of backdoor built in.
We have an huge dependency on US products... and US has killswitch on many of them...
Countless iPhone/iPads that can be remotely locked by Apple
Army's planes like the F-35 which "phone home" continuously and can be remote-disabled
Microsoft that can remote disable any computer by saying that "the key has been used for pirate distribution"
HDMI peripherals that can be revokec by the HDCP
and so on...
Reliance on US device is very dangerous... should one day US decide to go against us...
Truth is - we need open source processors...
Actually, processors/MCUs themselves aren't much of an issue as far as backdoors goes. The issue isn't hardware, it's always software.
With desktops/servers the problem is that AMD/Intel have an underlying control system that cannot be disabled. AMD PSP is less of a threat but Intel ME is a HUGE threat.
With "smart" phones the problem is a lack of an open source baseband processor for cellular phones, aka a cellular modem. The software stack to get on a cell network with a minimum of 3G GSM is enormous because it has so many layers. The current way around this is isolating the baseband processor but that comes with negative consequences as power systems are tightly integrated in cell phones for a good reason.
Anons need not reply. Questions end with a question mark.
Actually, government & commercial are additive in both countries, not mutually exclusive.
China: companies officially beholden to CCP, AND they want to know everything about you to sell you more stuff (though both are largely indifferent to you unless you're either a threat to the CCP *or* a potential consumer in China)
US: companies can be compelled to secretly do the federal government's bidding (upon the relevant law enforcement agency or intelligence agency getting a court order), and they want to know everything about you (regardless of where you are) so they can sell you stuff.
To be honest, China worries me less. China's government wants to exercise total control over people in China, but doesn't give much of a shit about anyone else. The US's government wants to exercise jurisdiction over everyone on earth, and has the de-facto power to at least indirectly impose it upon a large plurality of earth's inhabitants.
"Wants to" + "sort of able to" is FAR more dangerous than "Indifferent to" + "generally incapable of (unless you're Chinese)"
But so far Apple has resisted the mandatory decrypting and back doors.
Or so they say.... how do you think they stay in business?
A comment on other comments. CN requiring govt officials on their boards.... er, Dropbox anyone? But many of us use that without a whimper.
And now pretend you're on slashdot and actually understand mathematics and concept of relative vs absolute numbers.
What is the percentage of people that have access to the kind of information China would want out of total of workforce?
Exactly. Normal people have nothing to fear here. NatSec people don't give a fuck about your porn tastes or how much credit card debt you have unless you're one of the specific few that actually has relevant access.
As for "but if we conduct bank theft en masse" sure, you can pop the nuclear option and make NatSec community involved in your bank fraud. There's a reason why it's not done. China has NatSec community just like any other major state in the world. First, they'd have you quietly shot for suggesting such a tremendous waste of resources and throwing such powerful cards for such little gain. Second, diplomatic core would join them in the same demand.
Do you know what happens to people in states like China when those two communities think that you're acting against their interests? Yes, that is the reason why your scenario is not going to happen.
Not going to bother with your dumb dirt throwing, but I'll just point out that there's literally a campaign going on right now in China, and has been ongoing for a few years of Chinese government executing people on mainstream TV.