Slashdot Mirror

← Back to Stories (view on slashdot.org)

Germany Refuses To Ban Huawei, Citing Lack of Real Evidence (phys.org)

Posted by BeauHD on from the show-me-the-evidence dept.

hackingbear writes: Germany's IT watchdog has expressed skepticism about calls for a boycott of Chinese telecoms giant Huawei, saying it has seen no evidence the firm could use its equipment to spy for Beijing, news weekly Spiegel reported. "For such serious decisions like a ban, you need proof," the head of Germany's Federal Office for Information Security (BSI), Arne Schoenbohm, told Spiegel, adding that his agency had no such evidence. The U.S. has been pressuring German authorities for months to drop Huawei, according to people familiar with the matter, but the Germans have asked for more specific evidence to demonstrate the security threat. German authorities and telecom executives have yet to turn up any evidence of security problems with Chinese equipment vendors, according to a person familiar with the matter.

Separately, at a (secret lobster-themed) meeting in Canada in July 2018, espionage chiefs from Australia, Canada, New Zealand, the U.K. and the U.S. -- all signatories to a treaty on signals intelligence, and often referred to as the "Five Eyes" -- agreed to do their best to contain the global growth of Chinese telecom (vendor) Huawei, the Australian Financial Review reported (paywalled). On the other hand, documents leaked by WikiLeaks and Snowden claimed that the NSA, the leader of the Five Eyes, tapped German Chancellery for decades and bugged routers made by Cisco, the leading American networking equipment vendor.

15 of 127 comments (clear)

  1. Canadian meeting by bigwill666 · · Score: 2

    Was the meeting in Canada a secret? Or was the lobster theme the secret? And also, what is a lobster themed meeting anyway?

  2. And why not? by beep54 · · Score: 4, Insightful

    While using any foreign tech does have an element of risk, asking for some proof does not seem out of line.

    1. Re: And why not? by saider · · Score: 5, Insightful

      The Five Eyes are concerned, not because the Chinese might spy, but because the Chinese equipment does not enable *them* to spy.

      --


      Remember, You are unique...just like everyone else.
    2. Re:And why not? by Harlequin80 · · Score: 4, Informative

      Hahahahahahahahhahahahhahah.

      Oh god please tell me you aren't serious!

      The US got caught monitoring Angela Merkel's phone and you call the Germans crappy allies!

    3. Re:And why not? by AHuxley · · Score: 3, Interesting

      The BND is always happy to work with the NSA and GCHQ. When it was for West German. Now as Germany.
      The German esprit de corps in its elite mil/police units is with always the USA, not with any random German gov/mil.
      The CIA and NSA always looked after generations of post ww2 German staff to a much better standard than any West German and later German gov/mil did.

      Why? Most West German gov and parts of the West German mil spied for East Germany, the Soviet Union.
      So the NSA always ensured its "Germans" after WW2 stayed totally loyal to the USA, not any "West" and later "German" political system.
      Any "German" gov can pass "laws", the BND will always respond to the NSA and GCHQ first.

      The same goes for most of the other clandestine German gov units.
      The USA worked on building loyalty to the USA in the German mil for decades. Starting in West Germany and now in Germany.

      --
      Domestic spying is now "Benign Information Gathering"
    4. Re:And why not? by AmiMoJo · · Score: 4, Interesting

      Huawei has spent a lot of money on independent code audits, and allows certain people to view the source code themselves (mainly government orgs and very large customers). What has Cisco done, other than get hit with literally hundreds of critical vulnerabilities, often backdoor accounts and hard coded passwords?

      At least Huawei are trying. We know for a fact that the NSA targets Cisco gear and they have done very little about it.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  3. It's a network design question. by Sique · · Score: 5, Interesting
    What would happen if you route the traffic through your network in a way that it always goes from a Huawei to a Cisco and from a Cisco to a Huawei? Will now the NSA know what the Chinese are spying at, and the Chinese get all the INTEL NSA is looking for?

    Or will the Huawei block all steganographically embedded traffic to the NSA, while the Cisco deflects all secret traffic to the Chinese Ministry of State Security?

    What a conundrum!

    --
    .sig: Sique *sigh*
  4. It is about the future - not right now. by willy_me · · Score: 5, Interesting

    The problem that Huawei potentially brings is that the Chinese government could force them to embed spying functions into future firmware updates. Such a move would be difficult to counter once a country is highly reliant on Huawei for providing cell services. I am not suggesting that Huawei wants to so - but the Chinese government could easily dictate that they do so. In most other countries such requests would be challenged in court. For example, like how Apple refused to unlock a shooters iPhone a couple of years back. In China, we would never even know.

    1. Re:It is about the future - not right now. by AmiMoJo · · Score: 2

      We know for a fact that the US already does that. The NSA intercepts Cisco gear being shipped, installs its own malware under the OS so that it survives updates and is very hard to detect, and then sends it on to the victim. No courts involved, we only found out thanks to Snowden.

      Maybe we should be buying NEC network gear. Maybe the Japanese government has it's hooks in it, but at least they seem fairly benign.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  5. Indeed. Should demand source code by aberglas · · Score: 4, Insightful

    We should be demanding source code for all of our telecom gear, regardless of where it is made. And to be able to build from that source.

    Nobody will be understand the Chinese source, but at least it makes it possible to prove hacks after they have been found.

  6. Re:Nice one by bill_mcgonigle · · Score: 5, Interesting

    The NSA doesn't care about Chinese spying. They care about people using network gear they can't get a foothold in.

    There are dozens of Snowden files on these topics.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  7. Germany defies the USA? by alexo · · Score: 4, Insightful

    Angela Merkel should avoid connection flights via Toronto.
    Just saying.

  8. sure it does by johnjones · · Score: 2

    the Chinese equipment supports interception the same way other equipment makers do

    the problem is the network operators dont know how and when it might be enabled without them asking and with much of the SDN equipment the opportunity to detect it is reduced...

    everyone spy's on each other, its the very nature of the security posture that the world has adopted

  9. Re:Huawei Tablet by Aighearach · · Score: 2

    Right, but tablets aren't phones, they're just portable computers. Portable computers don't normally have any right to know any information about their user.

  10. Re:Nice one by serviscope_minor · · Score: 2

    The NSA doesn't care about Chinese spying.

    Since when? Espionage is definitely better when only you have it. Caring about foreign entities spying is literally half of their job.

    They care about people using network gear they can't get a foothold in.

    Doubtful. They've always been able to lean on the peering providers so they can tap the big fat pipes regardless of who's routers are in use.

    --
    SJW n. One who posts facts.