Slashdot Mirror
Huawei Laptop 'Backdoor' Flaw Raises Concerns (bbc.com)
A flaw in Huawei Matebook laptops, found by Microsoft researchers, could have been used to take control of machines. From a report: The "sophisticated flaw" had probably been introduced at the manufacturing stage, one expert told BBC News. Huawei is under increasing scrutiny around the world over how closely it is tied to the Chinese government. The company, which denies any collusion with Beijing, corrected the flaw after it was notified about it in January. Prof Alan Woodward, a computer security expert based at Surrey University, told BBC News the flaw had the hallmarks of a "backdoor" created by the US's National Security Agency to spy on the computers of targets. That tool was leaked online and has been used by a wide variety of hackers, including those who are state-sponsored and criminal gangs. "It was introduced at the manufacture stage but the path by which it came to be there is unknown and the fact that it looks like an exploit that is linked to the NSA doesn't mean anything," Prof Woodward said.
Seriously, WHY? Seems clear as day to me that everything they're producing is compromised in one way or another.
We should probably consider ANY hardware manufactured in a country with an uber-authoritarian, paranoid government to be suspect.
How closely does Apple scrutinize iPhones coming out of Foxconn, I wonder?
Curious why you single out Apple when Samsung, Nokia, Dell, Sharp, Google, Amazon, Sony, and everyone else have their stuff made by Foxconn too. All of these companies go over their devices thoroughly as they know any security issue could have HUGE negative repercussions for them.
This is a weird thing to me, because at first actually it seemed like it was much ado about nothing, which was actually more suspicious than this highly predictable revelation. However, I still don't know if there's any way to tell who is backdooring these devices, only that it is now clear Huawei can't protect their supply chain any better than anyone else.
Curious why you single out Apple when Samsung, Nokia, Dell, Sharp, Google, Amazon, Sony, and everyone else have their stuff made by Foxconn too. All of these companies go over their devices thoroughly as they know any security issue could have HUGE negative repercussions for them.
Nothing to be curious about. When Slashdotters hate Apple, anything is fodder for for their angst and anger. The fact that other companies use FoxConn is irrelevant.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
A flaw in Huawei Matebook laptops, found by Microsoft researchers, could have been used to take control of machines.
Windows 10?
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Also, lots of slashdotters hate Apple.
We've done so for a long, long time.
It isn't angst or anger, btw. It's an understanding of what kind of company Apple has been for a long time.
If you are honest, it comes down to which governments will you make it easy to spy on you. Telecoms are backdooring/MITM cells anyway, so no advantages there.
What about PC and tablets?
Windows, Android, Apple? The US already has your shit.
Huawei, etc? China does too.
Russia's backward economy doesn't actually make electronics products worth importing anywhere else, but they have decent software skills, hence Kaspersky.
Europe's got a few things...Airbus?, but no real marquee stuff in tech. RIP Nokia, which is now basically an Android subcontractor.
If you live in China, and aren't politically active or ambitious, absolutely get a Huwei and save a 20% up to a hundred bucks vs a Nokia with equivalent specs.
If Russia already has your data, sure, go ahead and run Kaspersky to keep the Chinese out. Might be good for Russian aligned Linux users too.
But here is the real, practical deal:
If you use what 99% of other people use (aka not Gentoo) the US can get your stuff pretty easily.
So it comes down to what companies ALSO get your data. Running office and chrome on your mac book? Apple, MS and Google all have your stuff. Hell even without chrome all your Gmail friends each gave their half of shit to Google anyway.
The US has my stuff. MS has my stuff. But Google doesn't and apple doesn't. Beat I can do. And even Google or Apple will get my phone stuff in a year when WinPhone is dead dead. What am I going to do? Not use a smartphone? Live like an animal on a cave? F that.
The US has been the most trustworthy of the admittedly low bar set by China, Russia and the US. Even with #orangemanbad stuff, the US is only dropping towards the other two. I'd love for some other empire to exist and be better, but right now, the obnoxious bumbling America is still better than the other two bidders.
Samsung {...} Sony, and everyone else have their stuff made by Foxconn too.
Not every single company manufactures its stuff exclusively in China.
For example, Sony still manufactures in Japan.
(And Samsung obviously manufactures a lot in South Korea)
Those non-China-made products include their smartphones (and other high-tech, hi-priced gadgets), they'll prefer outsourcing less sensitive accessories (wall wart charger).
disclaimer: both of my latest two smartphones are Japan-made Sony Xperias. Though I still flashed an entirely different OS (not Android) on them.
So it's not *China*'s spyware you're going to find installed in there.
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
That tool was leaked online and has been used by a wide variety of hackers, including those who are state-sponsored and criminal gangs. "It was introduced at the manufacture stage but the path by which it came to be there is unknown and the fact that it looks like an exploit that is linked to the NSA doesn't mean anything," Prof Woodward said.
And if you comprehend the summary, it says everybody now uses it because it was leaked. And they insinuate that its not the NSA, I assume because it was found.
Pathetic that slashdot has gotten to this point, but the original article has no link to any meaningful information.
in summary:
- this is an exploit in a windows program written by huawei called pcmanager.
- Dell, HP, and even Lenovo have had security bugs in their software as well. The fact that this is a huawei bug means every news outlet gets to ratched up the terror factor for clicks.
- googling the name Alan Woodward returns the exact same article title at nearly 2 dozen news sites, but nothing meaningful about the guy outside of his singular report.
https://www.huawei.com/en/psir...
Good people go to bed earlier.
If you read the summary you'd realize that the experts said that they have no idea who put the backdoor in.
Did you notice the part in the summary that states that this flaw looks like an NSA backdoor?