back to article US nuke lab drops Chinese networking kit

The Los Alamos National Laboratory, home of some US research into nuclear weapons, has replaced networking kit from Chinese vendor H3C over security concerns, according to Reuters. Reuters says it has read internal correspondence suggesting the removal of the H3C devices was undertaken as part of a wider review of risks posed …


This topic is closed for new posts.
  1. WatAWorld

    He who looks behind the door hath hid there once himself.

    I assume US officials know all about the home countries of telecom companies getting backdoors installed into the stuff exported to foreign countries.

    1. LarsG

      The McCarthy Era

      The McCarthy Era Witch Hunts all over again.

      God Bless America!

  2. Herby Silver badge

    One could suppose that this is ...

    An argument for open source.

    I'll let others argue the point ad-infinitium.

    1. Destroy All Monsters Silver badge

      Re: One could suppose that this is ...

      That would be "open VHDL" but even that might not be enough to allay fears.

      Chinese are crazy prepared. Twitch wrong and they will transit a packet with a special bitpattern that will make your hardware self-destroy.

  3. Anonymous Coward
    Anonymous Coward

    A back door Chinese vendors can access without users' knowledge.

    Who needs a backdoor when (as documented by FX Lindner at HitB conference) Huawei routers are so easily exploitable?

    1. P. Lee Silver badge
      Paris Hilton

      Re: A back door Chinese vendors can access without users' knowledge.

      Most systems are exploitable, they question is, "can they be secured?"

      Or in this case, I suspect, "who gave the largest political donation?"

      What's more sensible, subverting the code and putting all sales at risk, or compromising someone at the outsourced management company?

      1. taxman
        Big Brother

        Re: A back door Chinese vendors can access without users' knowledge.

        You would have thought that with John Suffolk now Global Head of Cyber Security at Huawei that such suspicion would begin to evaporate. Particularly after such an illustrious career:

        Then again....

  4. FozzyBear Silver badge

    Has someone been reading Freedom by David Suarez and making idol comments over the water cooler.

    1. Destroy All Monsters Silver badge
      Thumb Up

      But who is the idol of the moment?

      Let me consult page 3...

  5. JaitcH

    Why are secret content networks ...

    even connected to the InterNet?

    Seems kind of dumb. But we are talking about American 'security' (think Manning).

    I know some companies that do development work on a cut-out Intranets whose only common "interconnection" is the electrical power source. Another uses floppies for working data which are destroyed each night.

    1. Anonymous Coward
      Anonymous Coward

      Re: Why are secret content networks ...

      Because secret content networking is usually done with VPNs over the internet, rather than going to the extreme expense of laying one's own cable.

    2. Destroy All Monsters Silver badge

      Re: Why are secret content networks ...

      > floppies for working data which are destroyed each night

      I wonder how long that can go on past 2013.

      Did they get a container of floppies on e-bay for a few pennies??

      1. hayseed

        Re: Why are secret content networks ...

        I'm rather surprised they don't get destroyed in the drives. I remember floppies...

  6. Anonymous Coward
    Anonymous Coward

    Certian companies.... the US must be spending more on backhanders than R&D these's working well for them I see.

  7. Paul Crawford Silver badge

    Cisco of course is immune to Chinese tampering. What, you mean they are made in China as well? Tell me its not so!

    <= for the hard of thinking.

  8. ukgnome Silver badge

    It actually amazes me that any government would use kit that wasn't built by a national country. If I wanted to spy on a government then it seems the best way would be to seed their infrastructure with devices that report back.

    1. Destroy All Monsters Silver badge

      These aren't the forties.

      "Built by nation X" no longer has much meaning.

      Except if you are ordering up a vertushka ["a dialless phone made to receive important calls, but unable to make any"] for your office and even then I wouldn't be so sure.

    2. Velv Silver badge
      Big Brother

      No matter who you are, do you trust your own government not to be spying on you. Perhaps not so much here in Europe, but the Merkins should be really afraid.

  9. Velv Silver badge
    Big Brother

    I don't quite get it.

    Surely if you operate a "secure" or "sensitive" operation then you MONITOR all your outgoing traffic and you know what is going where (otherwise known as Data Leakage Prevention). You can see packets that are being routed to unknown or untrusted destinations. That is if your secure element is even connected directly to the outside world.

    Or do they think the Chinese have pioneered the subspace ether used in Star Trek that allowed transmission beyond the speed of light?

    1. Allan George Dyer Silver badge
      Black Helicopters

      Good idea...

      Now, who do you buy network monitoring gear from? qui custodit custodes

      But, overall I think they'll have a hard time finding a supplier that isn't owned by and doesn't employ citizens from all countries they might have a bit of a disagreement with during the lifetime of the kit.

      If they are going to be properly paranoid, they should keep quiet about their suspicions, buy the kit, reverse engineer it, find the backdoors and use them for feeding disinformation.

    2. Anonymous Coward
      Anonymous Coward

      I think I get it...

      They couldn't simply be trying to (mis)lead other companies and governments into buying overpriced Chinese made crap that's passed through a good ol' Merkin middleman? Perhaps in a last-gasp attempt to protect their economy from the cataclysm of having to mint that TREEEEELION dollar coin they're getting all excited about ATM!


    3. ukgnome Silver badge

      Yes you monitor all traffic, but on a certain date the malware bomb explodes then you compromise the traffic. Don't take my word for it though, the Iranians will tell you all you need to know.

    4. C-N

      Don't call me Shirley

      And, surely if you're installing back doors on networking gear, you're not having it call home hourly to

      1. Fatman Silver badge

        RE:'re not having it call home hourly...

        NO, more likely, it has a listener in its firmware that just waits for a specifically crafted packet to arrive, and then BAM, the shit hits the fan.

        That day could take many years to arrive.

  10. Anonymous Coward
    Anonymous Coward

    Protectionism via paranoia?

    I wonder if any US vendors have been seeing returns on their lobbying investments?

    1. Anonymous Coward
      Anonymous Coward

      Re: Protectionism via paranoia?


      Although one has to wonder what inducements were offered at those "high level" meetings to persuade the Aussies to prop up the FUD

  11. Anonymous Coward
    Anonymous Coward

    could it be

    The Risky Business podcast makes the point that the main problems with networking kit from PRC are:

    1) the code quality is *awful* (think IOS in the 1990s) along with all services turned on by default, 12 bit authentication cookies for web interfaces &c

    2) all the debug commands only produce output in mandarin making it necessary to have Chinese technicians that may spend a lot of time hanging around in their embassy.

  12. Anonymous Coward
    Anonymous Coward

    So... where have they gone to find hardware not made in China?

  13. MR J

    It's not about China, It's about the Lobby

    This is just a move to get "donor supported" gear into gov locations.

    I am sure if IBM was to buy Huawei that they would turn around and quickly deem it all to be safe.

  14. JCitizen

    For those that think the Americans are crazy...

    I wonder if any have actually looked at the circut patterns in many of the chips coming out of the Pacific Rim countries? - Not just China. Anyone with an eye for schematics and design, can obviously see chip doping going on. Apple was a victim of this once from a vendor, that put doped chips in the keyboard circuit for Mac Air Laptops. This is a regular repeating news item folks; it doesn't take a rocket scientist to see the brazen obvious.

  15. Anonymous Coward
    Anonymous Coward

    from sea to shining sea?

    refers to Canada. CANADA!

  16. EJ
    Big Brother


    It makes as much sense to rely on foreign-made equipment for the critical infrastructure of your nation's defenses as it does to outsource your spy network. If you want it done in a way you trust, you do it yourself.

    No one should have raised an eyebrow when China announced the Red Flag Linux initiative. Nor should people be surprised by other nations' objections to RIM being in charge of their communication, or the US dictating their Internet access.

    It all boils down to: who do you trust? Anyone who is trusting the Chinese these days are fools.

    1. Fatman Silver badge

      Re: Outsourcing...If you want it done in a way you trust, you do it yourself.

      And I keep trying to get THAT past the stupid beancounters every time there is a discussion of how IT outsourcing can save money.

      Once the discussion has degraded into a free-for-all, and lots of name calling; usually this question stops the beancounter dead in his (or her) tracks: "Are you willing to be your entire pension on the outcome of this outsourcing proposal?" The answer to date has always been the same: "No".

This topic is closed for new posts.

Biting the hand that feeds IT © 1998–2019