Slashdot Mirror

← Back to Stories (view on slashdot.org)

Huawei Is Blocked in US, But Its Chips Power Cameras Everywhere (bloomberg.com)

Posted by msmash on from the how-about-that dept.

An anonymous reader shares a report: Pelco, a California-based security camera maker, set lofty sales targets last year for a model with sharper video resolution and other cutting-edge features. That was until Congress derailed its plans. In August, updated legislation barred the U.S. military and government from buying tech gear from firms deemed too close to authorities in China. When the bill surfaced, Pelco scrapped any thought of providing its new GPC Professional 4K camera to the U.S. government and lowered its sales goals. The reason: The device uses parts from HiSilicon, the chip division of Huawei.

[...] Most of the focus is on Huawei telecom gear that helps run communications networks all over the world. But chips from the HiSilicon unit are also sparking concern because they power about 60 percent of surveillance cameras. That means Chinese chips process video from cameras that sit in places as varied as pizzerias, offices and banks across the U.S.

49 comments

  1. Chips? GET OFF MY LAWN by Anonymous Coward · · Score: 0

    In the good old days we used Vidicons and half inch open reel tape to keep tabs on our stuff.

  2. Ridiculous. Can we block the USA too? by Anonymous Coward · · Score: 1, Insightful

    I mean yes, let's absolutely block ALL mnufacturers from China, because they spy sneakingly.

    Following that same (valid) reasoning, since the USA has more than ten times the spying budget and we havd literal proof that they spy on ALL the people, including for corporate interests or sexual/love reasons, we should ban ALL US products ten times more.

    Priorities, people!

    It's the NSA/DHS/FBI/DEA/... that are the biggest threat, if you're US-American, since they have actual power over you.

    Ban Huawei, if you are *Chinese*! Again since the Chinese government has powet over you.

    Oh wait ... this is about protecting the US *corporate government*! Not the people!
    It's about a spying monopoly ON the US-American people!

    1. Re:Ridiculous. Can we block the USA too? by Anonymous Coward · · Score: 0

      Rham the tariffs and exclusions right-up the chi.com azzwhole ... strip them bare of the USA market ... starve the Maoist shills and bitch-slap the traitorous USA biz-nazis who pimp them. Smashface the Trotsky-slut globalists. Rule is: use-it-here-make-it-here . Oh ya can't have the bling if ya don't make the thing. Nuff said.

    2. Re:Ridiculous. Can we block the USA too? by Anonymous Coward · · Score: 0

      Excellent post, comrade!

    3. Re:Ridiculous. Can we block the USA too? by Anonymous Coward · · Score: 0

      It's the NSA/DHS/FBI/DEA/... that are the biggest threat

      Only a bigoted lover of the Organge Golom would believe the conspiracy theories of Russian trolls and Julian Assflange.

  3. I hope this will unstuck diplomatic with Canada by Anonymous Coward · · Score: 0

    Since the US placed the Canada into an intolerable situation.

    1. Re:I hope this will unstuck diplomatic with Canada by Anonymous Coward · · Score: 0

      what intolerable situation? the one where canada agreed to the extradition treaty that covers that situation? the only intolerable situation was keeping that dumbass mccallum employed as long as he was after the stupidity he spouted to chinese-only media.

  4. Pizzarias? by Ol+Olsoc · · Score: 1
    So that's where the PizzaGate rumors came from!

    But seriously, if you have an Internet of Things device, it is being used to spy on you. Doesn't matter who made the chips, doesn't matter what it is doing.

    We can argue about whether that is a main or secondary purpose, but It is a spying device that you voluntarily install.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    1. Re:Pizzarias? by AmiMoJo · · Score: 1

      Someone needs to make a consumer router that has a special Internet of Shit wifi hotspot built in.

      I've got one on my own network. It can't access the internet, can't access anything that isn't local in fact. I can get at it from the main LAN though. Device isolation is turned on as well, so devices can't even talk to each other.

      I've got another one just for my smart meter. It is allowed to talk to the energy company server only, once a month, for five minutes. That appears to be adequate for them.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    2. Re:Pizzarias? by Ol+Olsoc · · Score: 1

      Someone needs to make a consumer router that has a special Internet of Shit wifi hotspot built in.

      I've got one on my own network. It can't access the internet, can't access anything that isn't local in fact. I can get at it from the main LAN though. Device isolation is turned on as well, so devices can't even talk to each other.

      I've got another one just for my smart meter. It is allowed to talk to the energy company server only, once a month, for five minutes. That appears to be adequate for them.

      It's just a pity that we have to go to that level to keep these things from reporting home. Do you use Wireshark to check on them?

      Does GB use direct to internet for smart meters? I've got one too, but it uses a Broadband over power line method of chatting with home. "Broadband" in the most lenient terms. Anyhow, I can't control it, but there isn't much it can glean on me.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    3. Re:Pizzarias? by AmiMoJo · · Score: 1

      I monitor the filewall so if they do attempt to connect out I see it. So far all devices stop when asked to. It's mostly cameras.

      Some smart meters use the cellular network or powerline comms, the one I have uses wifi. It's supposed to be better because if you change supplier you don't have to change the meter, at least in theory. Since I change supplier every year or two (you have to or you bills shoot up) that's actually kinda useful.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    4. Re:Pizzarias? by Ol+Olsoc · · Score: 1

      I monitor the filewall so if they do attempt to connect out I see it. So far all devices stop when asked to. It's mostly cameras.

      Some smart meters use the cellular network or powerline comms, the one I have uses wifi. It's supposed to be better because if you change supplier you don't have to change the meter, at least in theory. Since I change supplier every year or two (you have to or you bills shoot up) that's actually kinda useful.

      Yep, the original BPL version of smartmeters is pretty inferior to the wifi version.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  5. Dangerous chips by Anonymous Coward · · Score: 0

    ... like they will send all Angela Merkel's nude images to the NSA, trigger all WMDs in Iraq, and make you hyper paranoia if you are not already.

    1. Re:Dangerous chips by hackingbear · · Score: 1

      ... like they will send all Angela Merkel's nude images to the NSA [theguardian.com], trigger all WMDs in Iraq, and make you hyper paranoia if you are not already.

      The US is already in the state of paranoia.

    2. Re:Dangerous chips by Anonymous Coward · · Score: 0

      Canadian here, so I don't know my US geography all that well. I mean sure we had to memorize all the states and capitals as part of pre-school education, but it's been so many years now.

      Is Paranoia the state between Texas and Florida? Or is that one farther south in the Bahamas?

  6. Maybe, but not likely. by foxalopex · · Score: 1

    I'd partially question the reasoning behind this because it seems more political than science based. Although yes, a camera chip is a tad more complex than decades ago, I'm still willing to bet that if a manufacturing entity was crazy enough to insert spyware into such a chip that it would stand out like a sore thumb. You can't hide things entirely when you have scanning electron microscopes or X-ray technology. It's like asking the company constructing your house to build an actual secret passageway. A much more discrete way is to leave a lock on a window broken for example so that it doesn't look like you're making an obvious backdoor. The problem is on a chip the most likely way would be that it would leak a little EMI which would probably be only usable at extremely close range. I'm not saying this isn't impossible but it would be an impressive challenge.

    1. Re:Maybe, but not likely. by Anonymous Coward · · Score: 0

      Agree, unless the camera chip has a TCP ethernet stack builtin, seems very unlikely they could stick a hack in.

    2. Re:Maybe, but not likely. by Anonymous Coward · · Score: 0

      "A tad more complex" !?!?!?!?!?!?!?! You obviously have zero experience with any of the new SoC cameras. A lot of cameras nowadays are not just simple MiPi or CSI frame relays, they run entire operating systems and use sets of controls that do a ton more than any simple camera of old times. Could you understand whats going on inside a simple arm SoC if you looked at it under an electron microscope? No? Would you even recognize any IP blocks if you saw them? Then why assume you'd be able to do anything remotely similar with one of todays complex camera SoCs?

    3. Re:Maybe, but not likely. by gweihir · · Score: 1

      There is zero reason to compromise a camera chip. The interface is just not suitable for any kind of attack against the main system. But the whole "spying" thing is a big, fat lie anyways, purely motivated by economic arguments. As the US falls more and more behind, it turns out that it only wants to compete in an open market as long as it is ahead.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    4. Re:Maybe, but not likely. by AHuxley · · Score: 1

      CCTV in/near the gov/mil/city hall gives every face and every plate, every passengers face.
      Some voice prints too? Hows that new, low cost, fully imported IMSI-catcher working?
      Thats every US worker, officer, walk in informant, undercover gov/mil.

      --
      Domestic spying is now "Benign Information Gathering"
    5. Re:Maybe, but not likely. by tlhIngan · · Score: 5, Interesting

      There is zero reason to compromise a camera chip. The interface is just not suitable for any kind of attack against the main system. But the whole "spying" thing is a big, fat lie anyways, purely motivated by economic arguments. As the US falls more and more behind, it turns out that it only wants to compete in an open market as long as it is ahead.

      True, a camera chip is hard to compromise, but the threat is still very real. Because in China, by law (or really decree of Dictator Xi) every large company must have a Party member on board, and every company must obey the will of the Government. There are terrible consequences for not obeying. And speaking out is a sure way to get "disappeared".

      For something like a camera, OK, maybe not so much. But for something like a network switch or core router or switchgear, things get a lot more interesting, because it will have access to sensitive traffic, and there's the rub. Huawei cannot come clean about any spyware it installed on behalf of the government or even if there is spyware, because it's illegal for them to do so. So even if you ask them they will always say "no".

      Things are somewhat different in the US - the government can make demands but it can also be challenged on those demands. (This is the primary difference between "Rule of Law" - where the law is supreme, and "Rule by Law" where someone can easily mold the law as they see fit (like what China does)).

      Doesn't mean there isn't a lot of shady stuff going on, but at least in the West, that stuff generally gets exposed. The Chinese Snowden was probably killed stepping out of their building. Fact is, the west has independent judicial systems, independent government, independent press, etc. While in China, it's all state controlled - from the courts to the press.

    6. Re:Maybe, but not likely. by Anonymous Coward · · Score: 0

      Because the parent is an idiot. That's why.

    7. Re:Maybe, but not likely. by thegarbz · · Score: 1

      There is zero reason to compromise a camera chip.

      You should count the number of chips in a camera. If you get at the number 1 then you'd realise what TFA is actually talking about here and why it's a big deal.

      The interface is just not suitable for any kind of attack against the main system

      The HiSilicon parts are the complete SoC which handles *EVERYTHING*. It's suitable for every kind of attack you can think on for an IoT device.

    8. Re:Maybe, but not likely. by Anonymous Coward · · Score: 0

      "Fact is, the west has independent judicial systems, independent government, independent press, etc."

      Corporations and capitalistic interests make that untrue.

    9. Re:Maybe, but not likely. by Anonymous Coward · · Score: 0

      You can't hide things entirely when you have scanning electron microscopes or X-ray technology.

      I always put new electronic devices into my electron microscope before I use them. Who doesn't?

  7. Foreign company attacked by US-Canada government. by Anonymous Coward · · Score: 0

    Huawei is a great company that leads the world of the mobiles.

    Who wanted to attack this company? The US-Canada government.

    Why? To defeat the leader on this global market.

  8. Huawei is not a problem by gweihir · · Score: 2

    Or rather it is, but only as a commercial competitor. Those that cannot compete in fair market will often try anything. Kind of funny to see this happening in the US where the "free market" is a huge fetish. The whole "spying" thing is a big fat smokescreen.

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:Huawei is not a problem by Anonymous Coward · · Score: 0

      The USA has NEVER cared about the free market. They hand out subsidies to farmers for a start, then we get cities giving HUGE payouts to the likes of Amazon to set up business in their city, they place tariffs on imported goods, etc etc etc etc.

    2. Re:Huawei is not a problem by gweihir · · Score: 1

      True

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  9. Not simple "camera" chips. Full SoCs. by WoTG · · Score: 2

    I bought a web security cam for $15 on sale over the holidays. I can't figure out how they can retail for so cheap. It has a HiSilicon "camera" SoC. From what I saw with a quick web search, this SoC does everything in the device. Basic image capture stuff, handles whatever API the vendor app to connect to it needs, full recording to the SD card, etc. Apparently if I felt like jerry-rigging a cable, I could telnet (or SSH?) and get a (busybox?) shell. I'm sure there's enough processing in it to handle all kinds of stuff..

  10. Printers were used to compramize nettworks by aberglas · · Score: 1

    Many here will remember how harmless looking printers were used to hack corporate networks.

    So yes, a camera chip is a pretty obscure place to hack, but it probably talks to the main system over an unsecured protocol that was never designed for a hostile chip at the other end.

    Everything is so complex now, with so much power, that many weird things can be done.

    1. Re:Printers were used to compramize nettworks by UnderCoverPenguin · · Score: 1

      Many printers are directly connected to a WiFi or LAN. Many printers targeted to the small office and home use markets rely on either OEM or third party servers to allow your mobile devices to use your printer.

      How many people are knowledgeable enough to block their printer's access to the Internet? How many even think of that? And, how many are actually willing to deny their mobile devices the ability to print to their printer?

      On the other hand, many cameras for small office and home use are WiFi connected. And, like the printers, also rely on OEM or third party servers to allow users to view the video on their mobile devices. Even if the camera chip is separate from the rest of the electronics, it could still exfiltrate data other than the expected video stream.

      What data could a camera chip get that you might not want sent? In many low end cameras, the only lens is the lens built in to the package of the camera chip. If that lens doesn't block infrared light, the chip could send out a second video stream showing what it sees in infrared.

      Also, think about that webcam sitting on your monitor or built in to your laptop - does the built in lens cover block infrared light? Even if the cover distorts the image, there are algorithms to correct for that. And, often, the distortion isn't enough to make the uncorrected stream useless.

      --
      Don't try to out wierd me, three-eyes. I get stranger things than you, free with my breakfast cereal. --Zaphod Beeblebr
  11. Core networking makes sense. Cameras no by Harlequin80 · · Score: 2

    For core network devices the restriction on Huawei makes sense as there is the side band maintenance network that core network infrastructure has. It's not so much them reading the data passing through the network as it is the ability for them to bring the network down.

    That said you would be crazy to think the US doesn't have exactly the same capabilities in the Cisco and other US brand equipment that is installed around the world.

    1. Re: Core networking makes sense. Cameras no by edris90 · · Score: 1

      Your own government has vested interest in keeping you under control and so cannot be trusted at all. But a foreign government doesn't care about Small Potatoes like you because they have bigger agendas and so much less likely to do something with your information sends the feds knocking on your door. I would rather trust the Chinese equipment. there's less conflict of interest.

  12. Hikvision by Anonymous Coward · · Score: 1

    We use enterprise level surveillance software provided by a Canadian vendor. Two years ago, the vendor issued a security advisory suggesting their customers stop using HIK Vision cameras.

    The surveillance software is configured to manage video using dedicated servers on the customer's premises and nothing else. This isn't cloud-based software.

    When I asked why the vendor issued the advisory, the company's president cited two cases involving different sites. In one case, the cameras were detected attempting to reach servers in China despite being configured to serve video only to the customer's on-site servers.

    In another incident, HIKVision responded to a request for tech support on a camera by sending a sample shot to the customer. The customer was surprised to see that the sample had been taken from his own camera. Again, the video was supposed to stay on the customer's premises; there are no off site servers talking to the servers tasked with managing video.

    The vendor will no longer support HIKVision cameras unless the customer signs a hold harmless document specifically acknowledging the security risk the cameras pose.

     

    1. Re:Hikvision by cheesybagel · · Score: 1

      Don't buy a Tesla car then.

    2. Re:Hikvision by Anonymous Coward · · Score: 0

      Who is the "Canadian vendor"?

  13. You must be joking by Snotnose · · Score: 3, Interesting

    Before I retired a few years ago I wrote drivers for cameras that went into cellphones. These things were hideously complex, and a minor tweak to some obscure "sets the delta alpha gamma anion setting" could have dramatic effects on the picture quality.

    None of the 100+ registers had anything to do with networking. They weren't even directly connected to anything outside the 8-16 bit interface used to talk to them. I can't think of any way these sensors could be used for spying, unless they had a hidden, built in wireless link built in. Which I strongly doubt, as the prices between cameras was pennies per unit.

    That said, if a single chip had a camera and network interface (which I never ran across) then there could be issues.

    1. Re:You must be joking by stefanb · · Score: 1

      They are talking about the controller, not the sensor.

    2. Re:You must be joking by thegarbz · · Score: 1

      None of the 100+ registers had anything to do with networking.

      The HiSilicon chips being discussed here are full SoCs that interface with the sensor. They among other things have everything to do with the networking.

  14. Another slashdot demonising propaganda piece by najajomo · · Score: 0

    “Another day, another statist propaganda piece demonising one of slashdot's regular targets. Lower down you can find neoliberal warloving slashdot demonise Venezuela for events that have been happening in France FOR REAL for months, without a single slashdot story mentioning France. Gee- I wonder why.

    J-ish sniper bullets (google 'one shot, two kills' to see the favourite T-shirt design of slashdot owners/editors) have been fired into Gaza in their tens of thousands, maiming and murdering an endless number of Humans (including women, children and journalists) without a single reference on this outlet - yet political stories now outnumber tech stories here to a significant degree.

    The agenda of slashdot is pure satanic evil. And the desired goal is more and more racist wars across our planet.

    China's 'crime' like Russia's 'crime' is not bowing the knee to the horrors that really control the West. But China has the industrial clout and Russia has the nuclear clout to stand firm- and how that triggers the owners of slashdot.” ref

  15. Re:Core networking makes sense. Cameras no by thegarbz · · Score: 1

    Please post the link to your completely unprotected feed from your in-house IP camera. If you don't want to then maybe re-assess why this restriction is in place.

  16. Re:Core networking makes sense. Cameras no by coofercat · · Score: 1

    As mentioned above - the 'camera' most likely has a CPU + network + operating system on it, all in the same chip. Plus it was probably sold at an impossibly low price (subsidised, perhaps?) so it would sell in decent quantity, and a few of them might end up in 'interesting' places.

  17. Lots Of These Are Black Boxes by Anonymous Coward · · Score: 0

    Although chip inspection technologies exist, are we sure that people actually use them? I don't just mean in some rarified lab environment; that isn't what is at play here. In order to find secret technologies meant to subvert the customers, you have to be looking for them. Systematically. Is anyone doing that?

    I ask because I've never heard of anyone doing that. I have heard that commercial pressures between competitors cause them to buy each other's equipment and examine them. OK, but is that happening here? And if a competitor found something subversive, would they do anything about it? Would they go public, or go to the police, or go to the State Department?

    The thing about hardware, once you find such tech and can prove that it can only exist for the subversive purpose, it's impossible to refute. It either exists or it does not. However if no one is looking, or they don't want that battle, or they cannot prove intent, then maybe this stuff could exist for a long time and be a viable attack vector.

  18. Re:Core networking makes sense. Cameras no by Harlequin80 · · Score: 1

    The cameras should still be on their own network and firewalled from the outside world.

    With core networking gear the concern is exploits through the control network which can't be firewalled.

  19. ... really? by stonecypher · · Score: 1

    This security camera maker used insecure parts, and had to lower targets when several governments said 'this cannot be trusted this way'

    WHAT A VICTIM, BIG BAD AMERICANS

    how short sighted y'all are

    --
    StoneCypher is Full of BS
  20. Real threat or industrial espionage? by Zigakly · · Score: 1

    Security cameras and their hub systems have been hacked like crazy, largely because the average user (homeowner, retail lackey, office lackey) doesn't even bother changing the default passwords, much less a firewall or any reasonable security measures. Here's a report of a website streaming over 70,000 hacked cameras, and here's a report of over a hundred police surveillance cameras being hacked to send spam right in DC. They're plenty hackable, just a matter of whether the Chinese state thinks it's worth risking sanctions from the countries they're surveilling.

    But this could also easily be industrial espionage. In the US, anyone competing with Huawei could simply spend a few million lobbying to convince congress that it's happening. No proof is required, only that the capability is there, and that if China was doing it we might never know.