Feeds

back to article Reds in the Routers is routine, not rare

Critics of a recent report by US lawmakers highlighting serious national security concerns with Huawei and ZTE have argued that their internal Communist Party committees, which are slammed in the report, are actually a feature of most foreign firms in China. The House of Representatives Intelligence Committee finally released …

COMMENTS

This topic is closed for new posts.
Silver badge

Some of us build our own routers ...

... using off-the-shelf parts and FOSS. It's not exactly rocket science.

2
3
Silver badge

Re: Some of us build our own routers ...

Unfortunately that won't work if you have multiple 10 Gigabit links to route.

3
0
Silver badge

Re: Some of us build our own routers ...

The data center downstairs has dual redundant aging "beta-only" OC-96 connections ... it works for me. I maintain a couple of OC-768 connections between $telco and the companies involved. All run on over-the-counter hardware and BSD (Slackware for the human interface).

I won't get into the major Usenet system I consult for ... That shit would probably make your hair curl.

::shrugs::

2
4
Silver badge
Trollface

Re: Some of us build our own routers ...

> using off-the-shelf parts

Sourced from China. Not that I take this latest US moral panic seriously.

Upcoming: Wahabbis and Salafists in our oil, ZOMG! After this message...

2
0
IT Angle

Not only routers, Hardware and Software, too.

By all means. I've been arguing for years that we have a

. higher ROI

. complete security audit trail

. complete system state and patch governance

if companies build their hardware and at least the OS themselves. It's so easy to build together a high available, fully supported solution, which, over the course of 2 years with the salary of two system engineers included, costs LESS than the equivalent COTS solution with an expensive support and monitoring contracts, which still requires two system engineers. I've got the numbers, there are eye watering savings possible.

This can include building the OS (our own Linux based distro), proxy, web and web application server, and database servers, SAN, network routers, PCI-DSS compliancy etc.

Fair enough, there are limits, such as building an HSM, but overall, I don't understand why companies still today throw money at some established vendor for expensive support contracts with a bit of hardware and software attached.

But don't take my word for it, look what one of the most successful companies on this planet do, they make sure they keep their wisdom in-house (e.g. Google).

0
0
Anonymous Coward

Re: Some of us build our own routers ...

OC-96? that's fairly esoteric. what do they terminate on? And you route OC-768 on over-the-counter hardware?

I call bullshit.

1
0
Anonymous Coward

Re: Not only routers, Hardware and Software, too.

"I don't understand why companies still today throw money at some established vendor for expensive support contracts with a bit of hardware and software attached."

Redundancy - in both senses of the word. Who supports the in-house infrastructure when you get a new job (or get hit by a bus!)?

0
0
Bronze badge
Coat

Re: Not only routers, Hardware and Software, too.

--- Redundancy - in both senses of the word. Who supports the in-house infrastructure when you get a new job (or get hit by a bus!)? ---

That depends. Is your company run by accountants, or by engineers? If the first... no one. If the second, backup staffing and only THEN outside contractors.

Keep your friends close, and your enemies closer.

A. Quaker

Coat, because that's what accountants call REDUNDANT.

0
0
Bronze badge
Coat

Re: Not only routers, Hardware and Software, too.

--- Redundancy - in both senses of the word. Who supports the in-house infrastructure when you get a new job (or get hit by a bus!)? ---

That depends. Is your company run by accountants, or by engineers? If the first... no one. If the second, backup staffing and only THEN outside contractors.

Keep your friends close, and your enemies closer.

-- A. Quaker

Coat, because that's what accountants call REDUNDANT.

0
0
Silver badge

Re: Some of us build our own routers ...

"OC-96? that's fairly esoteric."

See where I typed "aging" and "beta-only"? Guess why.

"what do they terminate on?"

That's proprietary. See "beta" (actually, the six of 'em are more properly called pilot-build; they never officially entered Beta). It's a kludge built by Sun/IBM/3M/NET/cisco back in 1987. I have six of the ~40ish nodes built (four in use, two as spares). The fiber is provided to me by $telco because I wrote it into the contract nearly a quarter century ago when I was testing the new kit as an "outside observer" ... When the project was canceled, I purchased the nodes as "scrap" out of NET's MRB. Having friends in low places is handy sometimes.

"And you route OC-768 on over-the-counter hardware?

"I call bullshit."

My counter is probably a lot higher than your counter. Keeps the smell down on my end. My point is that you don't need bespoke boxen, not even for high-end gear. You CAN build it in house, and in most cases (assuming the cognizant engineer has clues), it'll work a lot better FOR THAT COMPANY than generic kit.

0
2
Paris Hilton

Re: Some of us build our own routers ...

Isn't the point of the hullabaloo about Chinese kit that it's not trustworthy? You don't have to do a lot of searching to find plenty of articles about techs backdooring their corp networks for the day they get fired and want revenge. How does DIY network gear alleviate the common goal of 'trustworthy' gear??

0
0
WTF?

They yanks would be insane...

To use chinese made equipement in the critical infrasture, Jesus wept quite literally insane!

2
3
Anonymous Coward

Re: They yanks would be insane...

Is not most of the world's tech kit made in China now, including Cisco? And the the chips inside them?

From a national security aspect the yanks have been sold down the line by the majority of US corporations who moved design and manufacture to China due to the lower costs and thus higher profits. Too late to worry about China having knowledge/access now.

If it matters that much, why not insist on open source designs so it can all be independently verified. Open source != free, as I hope you know.

3
0
Anonymous Coward

@AC 09:02 - Re: They yanks would be insane...

It's not the software that is free, it is you.

0
0
Anonymous Coward

If ever they were found out...

... to be spying with the kit, it would surely be the kiss of death to their international business.

Surely a big commercial disincentive to try it on?

3
0
Silver badge

Not really

US equipment is known to have various back doors for decades. It's hard to say whether a particular security problem was intentional or an accident. That hasn't dented Cisco's sales yet.

2
1

Re: If ever they were found out...

Maybe they wouldn't use any manufactured vulnerability for spying but more like a self-destruct mechanism to be used once, in the sort of circumstances when one might soon be using WMD.

1
0
Silver badge
Trollface

Re: If ever they were found out...

So the Chinese are crazy prepared, is that it?

0
0
Silver badge

So how about...

Making an education offensive. Make it affordable for people to study engineering, then you will have educated people in your own country which could design and build routers.

3
0
Silver badge
Holmes

Re: So how about...

> Making an education offensive.

Why do you want to have offensive education?

> Make it affordable for people to study engineering.

I don't think that the price tag of engineering curricula or the current skill set is much of a problem.

It's just that stuff from <whatever far eastern company> can - at the present time - be had at a better price than if it was produced locally. Which of course is A-OK, because that means you don't need to shell out $$$ for your kit and can invest it in something else.

It is of course true that this only happens because the US can print up money at will [or else promise tax revenues from the future] for continued infinite imports. This is not A-OK. Take that away and prices might very well balance at some time.

Btw, an economic system does not allow you to "make it affordable" just like that. That's like demanding that the solution to your differential equation should have a certain shape. It doesn't work like that. Something has to give.

1
0

Cisco and China

"... most of its rivals including US flag-bearer Cisco have at least some part of their supply chain located in the People’s Republic and so should be subject to the same scrutiny by Washington."

They have a point. I can't remember the last time I unboxed a piece of Cisco equipment that was not labelled "Made in China". It always seems ironic when Cisco make such a fuss about Export Administration Regulations, when downloading software updates for their Chinese manufactured kit.

3
0
Happy

Re: Cisco and China

Its fine, they just make the workers wear blindfolds when assembling it all.

0
0

Re: Re: Cisco and China

>>Its fine, they just make the workers wear blindfolds when assembling it all.

Judging by the quality of construction for some of the kit, I suspect they make them wear boxing gloves as well.

1
0
Silver badge
Devil

I wonder

if the main complaint for the US is that they are not the ones with the spyware etc on the routers now and so can't spy on their own people as easily as they would like.......

4
0

Right...

"In essence, these Committees provide a shadow source of power and influence directing, even in subtle ways, the direction and movement of economic resources in China."

And the US have none of those, naturally

1
1
Anonymous Coward

Obviously having shadowy figures controlling an organisation whose intent is to steer decisions in favour of the well-being of the general population is much worse than having shadowy figures controlling an organisation purely for their own benefit.

The US sure knows how to ensure a fair and open market/society doesn't it?

1
0
Anonymous Coward

Rampant Hipocrisy

Its ok for the US to have backdoors in systems, its ok for the Israeli's intelligence to be all over everything produced in Israel and to have active monitoring in various telco's infrastructure even if its not Israeli kit).

But when China does it ohhhh nooo.

Taken rationally and on the basis of the last say 30 years - which countries are most likely to act irrationally on a Global scale. Hint - it aint China.

Anon - not that that will save me.

2
4

Re: Rampant Hipocrisy

If it's ok for US to have backdoors in systems and Chinese companies make the systems, why do the Chinese need to install backdoors? They are within the original design that China is making for the yanks. All the Chinese need do is use the backdoors that the yanks require in the Chinese made product.

0
0
Anonymous Coward

said it before, I'll say it again

http://cm.bell-labs.com/who/ken/trust.html

0
0
Anonymous Coward

Re: said it before, I'll say it again

Just re read it - see this little gem:

<blockquote>Such blatant code would not go undetected for long. Even the most casual perusal of the source of the C compiler would raise suspicions.</blockquote>

0
1
Anonymous Coward

Re: said it before, I'll say it again

and then "...We can now remove the bugs from the source of the compiler and the new binary will reinsert the bugs whenever it is compiled. Of course, the login command will remain bugged with no trace in source anywhere... The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code"

2
0
Silver badge

Bottom line. (was: Re: said it before, I'll say it again)

If you can't follow the one's & zeros of the tool chain, you have no clue as to the security of the system.

0
2
Silver badge

What a shame he's dead

'Moreover, big name foreign tech firms such as IBM also have such committees in their China businesses, according to Tea Leaf Nation.'

I'd love to see the reaction of fascist-loving IBM founder, Thomas J Watson, to the news that the company has communist committees.

0
0
Anonymous Coward

If we all could be quiet for a few moments

we could clearly hear Vladimir Ilyich Lenin chuckling in his grave.

0
0
Paris Hilton

Sound and Fury

There's plenty of it to go round.

One example -

http://iheardacouplethings.blogspot.com/2012/10/why-is-anyone-surprised.html

Enjoy.

(Paris, just because)

0
1
Silver badge
Holmes

Re: Sound and Fury

The Internet is full of 'tards, no surprise here.

0
0
This topic is closed for new posts.