What about Windows?
Surely they know that the NSA, DHS & MFI has a backdoor in every copy?!
David Blunkett is to press national security officials to impose a programme of ongoing testing on equipment BT bought from Huawei, the networking manufacturer with allegedly close links to the Chinese military. The former Home Secretary plans to raise concerns at meetings "in the next two weeks" that the equipment could be …
Surely they know that the NSA, DHS & MFI has a backdoor in every copy?!
what a dick, not content with a peadophile under ever bed, and a terrorist in every closet, he now wants "cyber" threat in the fridge.
Despite Blunkett having done his best to erode our freedoms and rights to privacy he's actually making good sense here. Presumably MPs like Blunkett who are off the gravy train have no qualms about shafting other MPs' who are still on the take.
... that Blunkett might, for once in his miserable existence, actually say something that makes sense. Though knowing him he is probably only saying it because he is on the board of companies that might get work out it.
Consider that this is a private organisation that is looking to maximise its profits. If it sees a bunch of kit in the marketplace for less money than the brand leader that they find provides the same operability, they are going to buy it! After all, consider that the previous public company would have been forced to do the same thing by policy. Of course, we all know that public service policy makers are only interested in the bottom line (and plausible deniability, of course!)
The question is whether the people doing the pre-purchase testing were aware of this backdoor. Assuming they were capable of finding it. Having said that, if HMG are so concerned about the national security inherant in BT's network, then they should be taking more notice.
So where's this "Montana" place again?
My neighbour's TalkTalk supplied Huawei adsl router/ modem's got some sweaty little remote access port open that is impossible to shut and didn't the US state dept. chuck out some Lenovo kit for much the same reasons? CUT THE WIRES!
Perhaps someone may be able to point out that the inclusion of hidden taps within the network, provision for DPI, data logging with widespread access and the compilation of massive centralised databases are in themselves likely to introduce fundamental weaknesses?
What about all the toys, household appliances, gadgets and gizmos, and clothing coming from China? If they're putting so-called backdoors in electronics, surely they're also adding nefarious elements to the rest of the goods they supply?
Forget about Phorm and our government-sponsored snooping plans, but be very afraid of Chinese toasters? Sounds kind of like Privacy International's lambasting of the ICO for not doing something about Google when, again, Phorm is the most obvious threat to privacy that it should be doing something about.
That's not to say that the Chinese kit, or Google for that matter, is above suspicion, but I think that if we're looking for elephants in the room, we should start the census with the more visible ones rather than the more exotic ones which may or may not actually be there. And anyway, the proper thing to do with the Chinese kit is to demand the source and/or disassemble them to find out how they actually work. That is if there is even anyone in the industry who has the necessary skills. Maybe the task would be a fitting punishment for "uber hacker" Gary McKinnon?
... think of the armies of Chinese Chefs and laundry workers already 'sleeping' in the West. That Monosodium Glutamate could well be doctored±
DB makes two bold statements in one day, first this and then the "scrap the ID cards" one. Perhaps he is starting to see the light...
...it believed the UK was "well ahead of the game" in preparing for a cyber attack...
So, just who are we preparing to attack?
"cyber security must be improved ahead of the 2012 Olympics"
Why then? The Chinese are hardly going to launch a cyber attack during the only two weeks during which table tennis is getting international coverage, are they? Why must these politicians obsess about the bloody Olymics? It's like Mandelson and his stupid dome.
In my view:
"cyber security must be improved ahead of the my next Amazon purchase"
"cyber security must be improved ahead of my mum going online to replace her aging Mac"
"cyber security must be improved ahead of Tiny Tim's World of Warcraft guiild-meeting, on Monday"
Improve it, by all means; There are many good and reasonable reasons to look into this, but I wish they wouldn't cite the Olympics, all the time, as if the mere mention of amature athletics will focus an otherwise apathetic populus to the perils they are under.
Why the Olympics?
False flag terror - that's why.
"That's not to say that the Chinese kit, or Google for that matter, is above suspicion, but I think that if we're looking for elephants in the room, we should start the census with the more visible ones rather than the more exotic ones which may or may not actually be there."
If we're counting elephants, let's start with the one labelled "corruption": the government politician who gets a cushy job with the corporation she once had to regulate.
It is good to hear that Deadhead Alex is apparently Alive and Well and hopefully now Minded to Stir up AI Storm, for he is certainly in a Quite Perfect Position to..... and it most definitely is what IT needs.
What you, and he can be assured of, is that if he not so energised, will it be done by Others for him although, and if he is half as smart as he needs to be and Phorm is half as good as everyone fears it to be, he will already know that. And also know that some such others would much rather prefer to do IT with him rather than leave him behind.
With such a Lack of Future Intelligence in Existing Services, it is only a Simple Matter of Creating another Beta One full of ....... well, Untouchables would be as Perfect a Descriptive Name as any, for AI Virtual Team of Joint Intelligence Adventurers ..... Mutual IntelAIgents Blazing a Path for 21CNetworking.
And don't let anyone say that there is no Money available, for it is Simple Matter of a Few Lines of Code Injection to Crash any Corrupt System with Inherent Catastrophic Vulnerabilities to Prove that it would have been far cheaper to Pay them as Tools, rather than Play them for Fools?
And that is a Readily Available Facility, which anyone can Access and Buy into for Unbelievably Power Control..... and Untold Wealth.
China is being invited to manufacturer all manner of things for the 'western' world, when 10 years ago it was reported as having 85% counterfeit software running on their computers. They have built entire (now) legit [sic] companies on reverse engineering Cisco, and Nokia kit amongst others.
I reckon, that if you checked under the hood of any telco you'd find Huawei kit. Security is an issue, so is service stability, pirated hardware...Employee rights, freedom of speach and expression...
Would you include dodgy paint, dodgy milk additives and dodgy pet food in that list of nefarious elements?
I don't know if this is true or not, but I seem to remember a story about the Chinese govt including brute-force decryption chips in Chinese TVs to help them crack encryption. I'd love it to be true.
Actually, most self respecting ISPs won't use Huawei, for the very reasons posited in this article. AC because I work for an ISP (and used to work for BT).
An MP saying that something other than cash is important?
I think I need to have a sit down.
if I was being cynical, perhaps Blunkett, or his nanny, now has a directorship with Cisco or Nortel and feel that Huawei are presenting too much competition?
Drumming up business for Entrust again, no doubt?
This seems to make sense to me. BT is really getting into dog's breakfast territory with me.
Anyway, the main principles seem to be:
+ buy from the cheapest source but endure whatever might be bundled in
+ buy from people that have an excellent security commitment to the UK
So Mr. Blunkett thinks it would be bad for the Chinese to be able to "listen in" to all of our communications? Great, now do the same at Menwith Hill please.
With all my dealings with US and China, I'd prefer to be spied on by the ones with the better human rights and who's motives are at least honest - China!
I worked for a company that suspected a major American competitor was somehow getting hold of our designs and documents for a major contract tender. The company made up some false versions and sent those over it's "secure" network and guess what; the major American competitor copied them! The funny thing was that everyone involved both ends of the link knew it was a ruse, to prove that the information was leaking off the wire.
What's that chop chop chop sound coming from overhead? Hey what's goi
... the South Park Chinpokomon episode:
"How can we compete with you westerners when we have such small penis?"
Industrial espionage happens everywhere, not just the UK. When I worked at Siemens Mobile in Germany, I had to attend a course on security there, because of the nature of the information I processed (it was mandatory for me to encrypt certain e-mails I had to send in the course of doing my job.)
Two case examples:
Wobben's design for wind-generators, which was nicked and patented by the Yanks. He sent a fax, which was intercepted by the US, and forwarded on to a US company, who patented the technology before Wobben did. This caused Wobben's company a lot of problems, especially given the huge amount they had blown on R&D, only to have it nicked and patented by another company.
Siemens themselves had a bid underway to the Spanish government for some of its ICE-type high-speed trains, and the French secret service intercepted these communications and handed the bidding information to Thomson-Alstom, the makers of the TGV. T-A knew exactly what the competition was bidding at, and they went in just under Siemens and snatched the contract from Siemens.
Bottom line: If you have information that's valuable to a competitor, you should treat any kind of communications link as public. Encrypt your information, and if you're clever, make sure you also send a certain amount of "junk" encrypted information along the same link. Don't do the secret services (or the competition) any favours by only encrypting information you actually want to hide.
"I worked for a company that suspected a major American competitor was somehow getting hold of our designs and documents for a major contract tender. The company made up some false versions and sent those over it's "secure" network and guess what; the major American competitor copied them! The funny thing was that everyone involved both ends of the link knew it was a ruse, to prove that the information was leaking off the wire." .... By Anonymous Coward Posted Tuesday 28th April 2009 21:31 GMT
And I imagine little has changed in the Field, AC, as that is a most effective ruse to punish the cuckoo/parasite/sub-prime spy. How much simpler would IT be, and so much more beneficial, if a major competitor just asked to purchase/lease/borrow/try out an emerging product/service which they may have wind of, rather than wasting valuable time and effort on trying to steal it, and ending up with nothing but grief and a Smart Stealthy Trojan Deeply Embedded and Decimating their SCADA Systems.
Why act like an Insane Prize Brat Prat in a Mad Man's World, if you have the Intelligence to Change/Choose/Think on and of A.N.Other Path, which Logically would then be any other Course you would be Able to Imagine and thus of an Infinite Variety and Number. And as that Possibility is Available to All and Any who would Think to be Able to Lead, does it Render Other Infinite, Infinite Alternate Reality Scenarios to Virtualise and Follow and Share if Proposed as a Common Mutually Benficial Lead.
* A Global Operating Device Concept under NIRobotIQ HyperRadioProActive Investigation/Dynamic BetaTesting.
Why is any airtime, footage or text given to this fraudster?
The only reason this man will oppose or promote anything is if there's money in it for him.
“If a blind man leads a blind man, both will fall into a pit. (Matthew 15:14)”
I have a Huawei mobile modem (O2) and have yet to see any Chinese Death Fish or Armchairs emerge from it. Prior to that a Vodafone gizmo achieved even worse results wrt my internet connection but was equally of Huawei origin. The two gadgets even share similar software. So similar in fact that "Vodafone" still appears in the O2 exe.
Aforementioned O2 modem is in a "cigarette lighter" form factor. Was this a deliberate loss of functionality for the British market or are the Chinese planning a terrible smokers' uprising with the occasional lost packet of cigarettes?
Just what we need - security advice from a two-time loser like Blunkett who is no doubt repositioning himself as a security consultant in order to cope with the loss of his state-benefits in the forthcoming electoral wipe out that the New Labour project is facing.
When full details of all MP's expenses are published shortly in response to a FOI request, many people will be paying particular attention to the likes of Blunkett just for the sheer pleasure of finding out how these hypocrites cope with their impoverished lifestyle.
But enough with the 'politics of envy' as these scumbags choose to label anyone who criticises them and back to security matters. BT is currently in league with a phormer peddler of scumware, and the purpose of this joint enterprise is to steal BT customer's private communication data in order to generate a profit for both parties. The absence of a clear and unambiguous opt-in almost certainly makes this illegal. In return for their forced participation in this scam BT customers will be deluged with unwanted ads based on their surfing profile. The UK government, who have been keeping a low profile since their voodoo economics brought the country to it's knees, suddenly wake up and decide BT would be the ideal partner to implement their own security technology. No mention of Huawei's possibly compromised hardware or security audits for ISPs appear anywhere in Smith's consultation document, just the same old voodoo security FUD.
None of this is true, it didn't happen or it happened in Pakistan or Iraq.
New Labour is a cuddly toy. No IT angle as usual. Very, very, sorry.
He's not said scrap the ID card. He's said replace it with a mandatory biometric passport, presumably all linked into whatever kludge of a database the IPS get together. To me that sounds like.. uhm.. an identity card!
Still, nice to see confusion in the ranks.
Just because they are Chinese or Muslims it doesn't mean they are out to get the UK.
We should live in a world without this intolerant Labour racism, a world where IT hardware is verified secure by the purchaser, a world where it doesn't matter the colour of a person's skin when producing IT hardware.
Replace the foil hat with a bowler hat a minute and consider how much BT has invested in the Chinese market! If BT was to cancel contracts with Huawei, who do you really think is going to miss the business? Excluding Chinese operators from public contracts in the UK will start a business war with the biggest tech market on earth, and one that will cost BT, and Britain dearly. So, besides Huawei's apparent lowest cost provision it's also good old fashioned "I'll buy these off you if you buy these off me".
As for security concerns, you're gonna have to find a way to secure it without destabilising business relationships - perhaps through due diligence when rolling out national infrastructure instead of headline grabbing, Daily Fail reader friendly, xenophobic comments. It's probably Blunkett's idea of making a come-back.
Colin, thank you for providing the most lucid explanation of DPI that I have come across in a long time. My fag packets have recently been deeply inspected with a price hike that is apparently necessary to rescue the economy from a global conspiracy of bwankers.
Double Happiness is a popular brand of cigarette in China, but it will clearly not be available in the UK for a very long time.
Kung Hei Fat Choi (Get rich - be happy) as our politicians like to say to themselves.
BT aided promotion of System X worldwide
which does exactly that on our behalf.
fscked by SHA-1 collision? Not so fast, says Linus Torvalds