Huawei, ZTE probe showed no evidence of spying An 18-month investigation by the US House Intelligence Committee into Chinese networking vendors Huawei and ZTE revealed no evidence that either company has been involved in espionage, sources claim. As reported by Reuters on Wednesday, two sources familiar with the probe said that "certain parts of government really wanted" …
Indeed...
Anyone at the Reg Office friendly enough to collate numbers on articles featuring terms like "security risk" , "zero-day vulnerability", and the like and couple that to brandname/product? To keep things relevant say, over the past 10 years?
Yes, I'm lazy, and you got access to your database :P
If the Chinese Gov had a quiet word with the leadership of ZTE and said they wanted to place someone for intelligence gathering they would no doubt say yes.
But so would anyone company that was advised in a similar way by a Gov be it the US or UK.
That's how intelligence gathering works, and not in the fashion of Bond 007.
Huawei came in for a pasting at Defcon 2012 because their equipment was so vulnerable. Have a look at the presentations before you make up your mind that it's all just US protectionism.
I don't find it difficult to believe that a Chinese firm hasn't really caught up with the 21st century, and realized that hackers are going to take their code apart and document vulnerabilities whether they like it or not. It took many US firms decades to learn that lesson; I doubt it will take them that long.
Not quite.
Probes like that look both into fact of spying and into the opportunity to spy.
It did not find any evidence of the first. That was expected - without a high level defector to point to something specific any "interesting" functionality or hole can be blamed on a defect. Engineers who are intimately familiar with the "quality" of H and Z kit would apply the Occam Razor and blame the defect on "quality" software. Intelligence services people have their own Razor which should probably be called Stalin's or Beria razor and it goes along the lines that "Anything that can be blamed on an enemy within is a work of an enemy within". It is normal - part of the job description.
As far as the opportunity - any company which has lack of clarity in governance structure, non-hierarchical dotted line management, etc will fail such an Intelligence review. In fact, I would love someone to conduct a similar "under the microscope" review of several UK PLC companies.
The US signed the WTO agreement and whenever it found it was incestuously screwing itself, it use Congressional inquiry after Congressional inquiry to delay things.
Canada has fine wood, grown n a cold climate, which makes for the finest products. So the US wood choppers bitch about losing their market to "unfair" competition from Canadian sources who get "Canadian government" subsidies.
The woodlands (forests) are Crown land and a timber company rents/leases a tract and pays the government an amount based upon wood chopped down.
So the American government imposes a temporary penalty tax Even though the US couldn't prove subsidies, repeated the process..
Eventually, after repeated findings of no subsidy, and repeated applications of 'temporary' tax a bilateral side agreement was signed. Now the Canadian government applies the very same tax before export and the Americans are happy.
Even with Canadian wood costing more, the US still bought the wood because it is simply better.
VietNam sells about USD$6,000,000 of our 'tiger' shrimp to the US annually. The sold far less food to VietNam because their food was substandard and they had foot and mouth, etc. The Vietnamese also had problems with ammonia being used during food processing, cows being fed on chicken remains, etc.
In fact the VN government ended up banning 'American beef'. To get the ban lifted the US government started imposing all sorts of restrictions, etc. They also told VN to use GM products (Franken food). Out comes the old bilateral agreement and the WTO gets bypassed again. (If you like US beef don't go reading < http://motherjones.com/ >!
Huawei and ZTE are simply going through the same process so the US can help CISCO. Paying off your Congressman makes for bigger profits.
Canadian government has subsidized their "choppers" in the past by offering relaxed immigration criteria as well as economical "stimuli" to people who are willing to immigrate into the "less populated" parts of Canada as well as a long raft of infrastructure subsidies for these areas (telecoms, roads, etc - you name it).
One way to look at it is a government subsidizing their underdeveloped areas. Another way of looking at it is subsidizing wood chopping specifically.
As far as US beef - that is a long standing trade war with anyone and everyone around the world. All big countries continue to resist importing it. Smaller - not so much - USA has been good in twisting their arms into importing carnivorous cattle products.
Seems to me then, that the likes of Huawei and ZTE are the sort of companies/organisations/global forces to share novel technologies and intellectual property with, for the US House Intelligence Committee has just comprehensively vetted them as being ethically sound and securely protected against intelligence services investigations/attacks.
Presumably is one now free to also assume, unless UKGBNI MODified information wishes it to be universally known that the US House Intelligence Committee be oxymoronic and unfit for future security vetting purpose, that the following help is not needed for Novel Enterprising UK companies/CIOs with proprietary private unpirated base assets/SMARTR HyperRadioProActive Intellectual Property to donate and share for trade and export/enlightenment and wealth creation ....... We assist UK Companies in verifying the security status of foreign companies and citizens, through liaison with National Security Authorities. ..... http://www.mod.uk/DefenceInternet/AboutDefence/WhatWeDo/SecurityandIntelligence/PSyA/
I suppose, for all the time that it takes, and it is done in next to no time with the drafting and sending of an appropriate email to an address clearly provided for the purpose, it is a simple enough question to ask of the MOD Defence Equipment & Support Principal Security Advisor (DE&S PSyA) System ...... just in case Blighty Eggheads/Bletchley Station X Type Boffinry has identified that Uncle Sam has some major intelligence problems in the Wild Wacky West which the Exotic Erotic East has recognised and circumvented so expertly.
Plausible deniability is the term coined by the CIA back in the early 60's. In this case, writing intentionally sloppy code enables these companies (any company really), to say "aw shucks, we're just stupid, here's a patch" when run-on-the-mill hackers, state-sponsored hackers, etc perform data rape&pillage actions to your now de-virginized network.
Yes, I have my tinfoil hat on, thank you!
;)
From http://www.atimes.com/atimes/China/NJ13Ad01.html
....
It is clear that the Chinese companies were given the Saddam Hussein treatment. Just as the Iraqi despot was put in the impossible position of proving a negative - that he did not have any weapons of mass destruction - Huawei and ZTE executives were called upon to prove their companies were not untrustworthy.
Mission unaccomplished, for sure.
...
Perhaps a suggestion that the US is very busy watching it's own citizens right now and doesn't want to share that data with anybody else just yet. Witness the drones the local law enforcement is getting - seriously, wtf?
Probably just paranoid (adjusts tinfoil hat), but I do know that about 85% of the intrusion attempts on my various networks originate from China.
"Probably just paranoid (adjusts tinfoil hat), but I do know that about 85% of the intrusion attempts on my various networks originate from China."
No. You mean that "85%" (or whatever) attempts have source IP addresses in Chinese address space. You have no idea whether the /actual/ source is in some other place and is simply using chinese IP addresses as a cover. In the same way you have no idea of the /actual/ source of any DDOS attack - all you see are the multiple IP addresses of the compromised machines which form the 'bot.
"false flagging" is probably more common than most people believe.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
