Huawei’s efforts to improve its information security credentials have appeared to receive a boost after CISO John Suffolk revealed the Chinese tech giant is engaging with a researcher who exposed flaws in some of its routers. Former UK government CIO Suffolk told Reuters at a security summit in New Delhi that he's sending a team …
"It remains to be seen whether improving the security and reliability of its products will convince governments such as the US and Australia that Huawei doesn’t pose a national security risk, however."
Don't make me laugh. This is like expecting "governments" (scare quotes mandatory) such as the US to agree that Iran doesn't actually pose a nuclear threat - it's very inconclusive, after all it's just its own intelligence assessments, its generals, and the IAEA (the latter under a lather of sexed-up scary cat innuendos, to be sure) which say so.
Point is, political decision is political.
Indeed! their lack of suspiciousness is very suspicious
A calm and reasonable approach to being seriously embarrassed, including taking positive steps to remedy it? Lock 'em up and throw away the key!
Of course it's 1990's style code...
Nortel wrote it back then.
So it's true then
Huawei's products are insecure, they admit it, Suffolk has confirmed it. USian congress has it right, but not necessarily the way they think.
As I recall
Wasn't it proven that Huawei's product contained code from someone else, was it Cisco?
The fear is that, for a company like Huawei, sponsored by a government like China, will play nice until it gains acceptance. ONLY THEN will the back doors begin! Of course, these back doors have to be coded properly so that, if discovered, they masquerade as plausible bugs.
A little tip
There are at least 2 famous German security researchers whose first name is Felix. So it might be a good idea to also mention the second one. To make it worse one is "Felix von Leitner" the other one is "Felix Lindner", so even the last names are similar.
Is this supposed to impress anyone?
The holes were discovered months ago and released to the press. This is a case of too little too late from a paid stooge. Why did it take so long to reach out to the hackers that discovered the holes? It's because that company is trash run from China and now their thievery has landed them as a complete joke in the ICT industry. They cannot hide what they really are.