back to article While US fires criminal charges at Huawei, UK tells legislators not to worry, everything's fine

While the US was preparing criminal charges against Huawei and its exec, British government spokespeople were telling Parliament they are quite happy with the UK's "unparalleled arrangements" for finding backdoors in Huawei source code. Yesterday evening American prosecutors unveiled criminal charges of fraud against Huawei …

  1. UberMunchkin

    Anyone who thinks that the Chinese government couldn't simply demand that Huawei give them total access to their entire system and that Huawei wouldn't immediately cave and give them everything they asked for is an idiot. China is not a place where you find checks and balances, it a place where the state has total control and if you disagree then you, at best, will likely end up in jail. Companies there don't appeal against invasions of privacy because the government doesn't recognise a right to privacy.

    Of course there are government mandated backdoors into all their systems, either at the software or hardware level and perhaps both.

    1. Anonymous Coward
      Anonymous Coward

      Just like there are back doors in all the American equipment?

      1. Anonymous Coward
        Anonymous Coward

        That's why we should use European equipment - even if the US government is anyway more accountable than the Chinese one, especially since Xi obtained lifetime power, and it's far more difficult for a US CEO to disappear suddenly.

        Anyway is UK sure what they see in their labs is what Huawei actually delivers to customers, and can't tampered with later?

        1. Ledswinger Silver badge

          That's why we should use European equipment

          Sorry? Your argument is "foreign governments can and will pressure domestic tech makers to provide backdoors", and then you're proposing the UK uses European (ie mostly foreign) tech kit?

          If I were French or German I'd assume on the basis of proven history that GCHQ's fingerprints were all over any UK manufactured, supplied or installed kit, so if we aren't going to trust the US (or China) the same logic applies to any other major state that fancies itself as a "global actor". You might just about trust say Scandinavian (or Swiss) kit on this basis, but then only if it is 100% made in those countries For the most obvious candidates (Ericsson, Nokia) I can't see that they won't be using a large amount of Chinese or US made components that are no more verifiable than if they had Huawei stamped on the box.

          1. HmmmYes Silver badge

            Its software.

            Most nokia hardware - CPUs are fabricated in taiwan or america. Im happy with that.

            Software written in europe or states. Im ok with that.

            Yes itll have backdoors in it but im fine with intercept in legal oversight.

            Im not happy on any chinese software. Theres no seperation of state, law or company - all CCP, all rapacious for IP.

        2. The Original Steve

          "Anyway is UK sure what they see in their labs is what Huawei actually delivers to customers, and can't tampered with later?"

          Checksums, IC designs, massive microscopes and spot check - one would assume.

    2. Anonymous Coward
      Anonymous Coward

      Proof, not assumptions

      Of course there are government mandated backdoors into all their systems, either at the software or hardware level and perhaps both.

      As I have said (many times) before, I am not inclined to believe either government. The only gear I'd trust is that which full code and implementation has been examined by independent people who don't hang with one crowd or nation.

      There's simply too much BS around at the moment - give me independently verifiable facts or go and annoy other people.

    3. Lee D Silver badge

      Every major British ISP has been required by law to insert devices into their core network to enable certain agencies to monitor Internet traffic. The reason most people haven't heard is that they weren't allowed to tell you, and there are reports that people at ISPs were asked to sign the Official Secrets Act concerning their installation.

      https://www.theregister.co.uk/2012/07/11/communcations_data_bill_joint_committee/

      This is why "canaries" are used on certain websites. If they are ever forced, under threat of imprisonment, to comply with certain agencies, they stop posting certain signed updates that say things like "We have received no such requests from law enforcement today". No updates - they've been compromised and are unable to talk about such things. (Though I'm sure, even there, there would be some way to ensure such canaries continued to be posted even without the original person's co-operation, it would be a lot more difficult than just holding a gun to their head).

      The UK is no different in this regard to any other state entity. Nor the EU. The US is actually a lot worse than those, but probably not as bad as China.

      Anyone who thinks that ANY government couldn't simply demand that a major corporation on their territory give them total access to their entire system is an idiot. And revealing it, whether on the nine o'clock news, or in an a disguised tweet, would probably be seen as contempt of court or worse. We are the country that had the scandal over super-injunctions, you know. And it wasn't that the country protested and they were abandoned and never happened again - it was years of quiet court action, eventual use of parliamentary privilege and no clear end to the possibility that it could be done again which are the only reasons that we know about them.

      The biggest case about such things is the US vs Microsoft case where the US wanted to raid EU datacentres but the EU (and Microsoft EU) said no. If the EU said yes, do you think they wouldn't be demanding access to those datacentres? It was only the "then handing that data off to the US" part that troubled them.

      If a government want to put in a backdoor into a product made, you can be sure either a) it will happen, b) that product will never be made (because the creators object to doing so). It's highlyu unlikely c) that the creators will blab about that to the world's press and give themselves some decades in prison by doing so.

      P.S. It's only because of government backdown and that you were able to legally discuss it that things like Clipper chips never met mass adoption. You have no idea if, somewhere in that process, something did get mass adoption but was never public knowledge.

      I'm the absolutely antithesis of a conspiracy theorist. But if a government want to do this, it'll happen. Strangely, your biggest champion in this area is Apple who are quite vocal about not co-operating with the FBI etc. to decrypt their own devices. It's seen them in a lot of hot water and legal costs, but they happen to basically have the wealth of a country all their own just sitting in the bank to fight such things. You can be sure that places with less funds, more government ties, or less morality have already co-operated and you'll probably never know who, when or what until it does become public knowledge (and therefore too late as it'll be useless to use so they'll move onto something else).

      The NSA were attempting backdoor-inclusion into open-source encryption standards for years, and they still have questionable intentions (they have "chosen" the curves that Elliptic Curve cryptography standards use, in many cases - are they doing that because they know that those curves are strong, or that they know that those curves are weak? History isn't on the "protecting the public" side).

      To think that any government is above such actions is to severely misunderstand any modern government. These people choose whether or not to murder tens of thousands of civilians to "stabilise" countries, enforce government on them, while selling them arms, buying up oil rights, etc. There are vanishingly few "moral" countries around.

      In that respect, sure, you don't want Chinese kit spying on it. But neither do you want Russian, Indian, British, American, Australian, French, German or any other kit spying on you. And those are just as, if not more, likely.

      1. John Savard Silver badge

        Given that China is a dictatorship, without a free press, without a civil society - in fact, it is totalitarian, since the only churches allowed to operate are ones run by the government, and any other kind of organization is also under direct government control - being spied on by American and other equipment may be likely, but it's not more likely. China is even more to be distrusted - by an order of magnitude.

        1. Voyna i Mor Silver badge

          Given that China is a dictatorship

          Authoritarian certainly, and perhaps more so than before under Xi, but the "without a civil society" seems like a vast exaggeration. There very obviously is a civil society, it is expanding and growing richer.

          You may not like Marxist theory, and I would certainly not like to live under it, but it's really no different from the Catholic Church in Ireland in even the recent past, or living in one of those mid-west towns where anything other than Protestant fundamentalism will get you into trouble. Marxist-Leninism says that all political advance must be through the Party, so if you want to get involved in Chinese politics, you have to join the Party. It's little different from extra ecclesiam non est salus (there is no salvation outside the church).

          The Uighurs are a different matter. Look at where they live. I imagine the Chinese government is shit scared of ISIS and the Taliban achieving serious traction in the region, especially given its implications for Chinese trade expansion. The US bombed the hell out of Iraq to protect its oil interests and is now fomenting a civil war in Venezuela. Whataboutery is bad, but faced with two big countries trying to maintain control in the face of what they see as Shi'ite, socialist or Sunni threats, I look from pig to man and man to pig and really cannot see any difference.

          1. aberglas

            "Civil Society"

            Does not mean a middle class.

            It means the everyday rights we take for granted. To be able to discuss things freely. To be able to complain vigorously if we disagree with something. To go where we please. To be able to rely on the rule of law, and not the arbitrary dictates of a government.

            These are the things China does not have. It is a major concern now that China is the biggest economy in the world (purchasing power parity).

            1. Ledswinger Silver badge

              Re: "Civil Society"

              It means the everyday rights we take for granted. To be able to discuss things freely. To be able to complain vigorously if we disagree with something. To go where we please. To be able to rely on the rule of law, and not the arbitrary dictates of a government.

              You've not seen the Home Sec's plans to ban unconvicted knife crime suspects over 12 years old from social media, with a threat of two years porridge for breaching that? Seems to cut across your claims about taking all those things for granted.

      2. ratfox Silver badge
        Facepalm

        This is why "canaries" are used on certain websites. If they are ever forced, under threat of imprisonment, to comply with certain agencies, they stop posting certain signed updates that say things like "We have received no such requests from law enforcement today". No updates - they've been compromised and are unable to talk about such things.

        Just saying, but the idea that this would fly in front of a judge is laughable.

        If you are forbidden from telling people something happened, you are not to let them know that it happened. It doesn't matter whether you tell them directly or indirectly, by starting or stopping sending out messages, turning the light on or off, whatever. If they learn about it thanks to you, you're in for it.

        1. Spazturtle Silver badge

          Warrant canaries work in the US due to the 1st Amendment of the Constitution.

          1. Anonymous Coward
            Anonymous Coward

            Blah blah 1st Amendment blah muh freedom

            Bull.

            The First Amendment is explicitly about freedom of speech, yet national security letters curtail that freedom of speech and prevent people from speaking. There is no reason to believe that it would work better the other way.

  2. Anonymous Coward
    Anonymous Coward

    Or more likely....

    the case will be dragged out, in a year Trump will, as a personal favour, intervene. Trump hoping that he now has favour with the Chinese after he is out of office, either voted out at the next election or sooner by other methods. If the latter, hoping he can make a run there to his new golf club.

    1. Tom 38 Silver badge

      Re: Or more likely....

      Please, this is mostly John "I loves me a war" Bolton. He can't wait to antagonise anyone and everyone so that he has somewhere to invade. I wouldn't be surprised if he can only get hard when ordering brown people to be killed.

  3. Anonymous Coward
    Anonymous Coward

    Who's afraid of the big bad dragon

    The US always has to have a big bad enemy to blame the world's ills on.

    Traditionally that would have been Russia, but that is becoming politically too hot to handle, so after a brief dalliance with North Korea, the US have decided to pick on China.

    Just as they did with Kaspersky, they are now trying to blacken the reputation of Huawei without actually offering much in the way of evidence.

    1. Anonymous Coward
      Anonymous Coward

      Re: Who's afraid of the big bad dragon

      "Just as they did with Kaspersky"

      Which was a real kick in the balls for them, considering they informed the NSA about their tools being found.

    2. DavCrav Silver badge

      Re: Who's afraid of the big bad dragon

      "The US always has to have a big bad enemy to blame the world's ills on."

      Not the whole world's ills, no. But a reasonable percentage of the world's problems are caused by China, yes. We had more or less got rid of concentration camps in the world, but then China had to go and make the largest in history. As one example.

      1. Anonymous Coward
        Anonymous Coward

        Re: Who's afraid of the big bad dragon

        Sver heard of trumps immigration camps? or for-profits locking up disproportionate number of blacks?

        pot kettle

        1. Anonymous Coward
          Anonymous Coward

          Re: Who's afraid of the big bad dragon

          While US has a lot of issues it can't still resolve - and anyway immigration became an issue in Europe too and was one of the main reasons for Brexit -, and while Trump & C. are making them worse, it's hard to put them at the same level of what China is doing - i.e. "re-educating" a whole ethnic minority like the Uighur, or cracking what is left of Hong-Kong freedom.

        2. Spazturtle Silver badge

          Re: Who's afraid of the big bad dragon

          "Sver heard of trumps immigration camps"

          You mean the ones that Obama setup?

          "for-profits locking up disproportionate number of blacks?"

          When you inject a large number of immigrants into a society they are injected into the bottom, the poor at the bottom of society commit more crime.

          1. Anonymous Coward
            Anonymous Coward

            Re: Who's afraid of the big bad dragon

            " the poor at the bottom of society commit more crime"

            That should be

            the poor at the bottom of society are convicted and jailed more for their crimes.

            1. Yes Me Silver badge

              Re: Who's afraid of the big bad dragon

              " the poor at the bottom of society commit more crime"

              Actually that's true. For every Bernie Madoff there are thousands and thousands of poor people. Statistically they commit more crimes, unless you count the money, in which case Madoff committed 64.8 billion times more crime than each poor person who stole a dollar.

          2. Rob Gr

            Re: Who's afraid of the big bad dragon

            I has evidently escaped your attention that the majority of African Americans did not arrive as immigrants, but as slaves. Most have lived there for generations now, and so are not immigrants at all.

            But let's all make excuses for racism in the system, eh?

          3. Anonymous Coward
            Anonymous Coward

            Re: Who's afraid of the big bad dragon

            Sorry, I thought Trump was president now. But feel free to call Obama back - I wasn't making a partisan point.

            You really don't know how the for-profit jails are disproportionally filled by the poor, and blacks?

            Or how America jails far more people than China , in fact america is #1 - twice as many as #2(south africa)

        3. Primus Secundus Tertius Silver badge

          Re: Who's afraid of the big bad dragon

          Trump's camps? People don't have to walk from Mexico to Trumpcamp. the Chinese camps are a different matter: people are taken there.

          How many people walk into China?

  4. Anonymous Coward
    Anonymous Coward

    So when the Huawei-using UK rocks up at a US-AU-NZ conference

    and wonders why no one is talking to them, they'll know the reason ?

    1. BigSLitleP

      Re: So when the Huawei-using UK rocks up at a US-AU-NZ conference

      Yes, that we're not willing to take part in a political row without reason.

  5. robpomeroy
    Holmes

    Quelle surprise

    Chinese company in intellectual property theft shocker.

    Seriously, anyone who didn't already assume this was the case must have been living in a cave.

    1. CAPS LOCK Silver badge

      @robpomeroy

      I'm not sure why you got down voted. The Japanese trade ministry has had spokesmen on UK TV complaining about exactly that. Ironically.

      1. Yes Me Silver badge

        Re: @robpomeroy

        The downvotes are because companies in every country commit industrial espionage. It's rather obvious that they're picking on a Chinese company for political reasons at this point in history.

        1. Rob Gr

          Re: @robpomeroy

          Indeed, I seem to remember Uber recently being involved in such activities for example.

    2. Anonymous Coward
      Anonymous Coward

      Re: Quelle surprise

      I turned down a job in about 1989 with a company that made telephone exercisers. OK, they didn't have off the shelf Epson arms to use and had to use a mixture of pneumatics and stepper motors, but really if Huawei is accused of stealing an Epson arm to clone software that could be written in an afternoon, that's just silly.

      I guess it's remotely possible that yes, someone at Huawei in the US is that silly, but it's hardly even a Jenkins's ear event.

      I guess it all went downhill when we let the US have our nuclear know-how in WW2 and then at the end of the war when we asked to be kept updated on the information sharing they said "What information sharing? They're our nukes now".

      1. HmmmYes Silver badge

        Re: Quelle surprise

        No.

        The Tappy thing might sound a bit but if you look youve got an NDA signed by a high up. And youve got a Huawei grunt found with the robot in his bag. And hes probably confessed to stealing it on orders from high.

        Chinese company will steal everything ftom all the source code to the spoons in the canteen.

        In tge tappy case theyve got everyyhing they need to get the case thru court.

        1. W.S.Gosset Bronze badge

          Re: Quelle surprise

          Mate, it's even sillier than that. You can read ALL sorts of inside info re what exactly happened including retrieved emails and internal documents describing the thefts in detail, here:

          https://www.justice.gov/opa/press-release/file/1124996/download

          p3 points out that Tappy was actually hugely $$beneficial in reducing costs from phone-returns. And Huawei's phones turned out in testing to be horrifically bad.

          p5: NDAs all round

          pp6-15 (!): the fleecage efforts and final success.

          pp15-18: the cover-up

          .

          p19 is... a seriously WTF moment... (!!)

  6. Primus Secundus Tertius Silver badge

    Unparalelled

    I hope our "unparalelled arrangements" include the novel idea of techies actually looking for bugs/features in Huawei code. This would be so different from ordinary "quality assurance" checks that meetings have been minuted, actions acted upon, paperwork properly filed, etc.

    1. Anonymous Coward
      Anonymous Coward

      Re: Unparalelled

      Doesn't unparalelled mean not parallel, I.e. we aren't going in the same direction?

      1. Tom 38 Silver badge
        Headmaster

        Re: Unparalelled

        Doesn't unparalelled mean not parallel, I.e. we aren't going in the same direction?

        Part 1, Yes.

        Part 2, No.

        Words have multiple meanings. Parallel has meaning relating to position, in which it means the distance between two lines is equal throughout their length, and it has a meaning relating to similarity, in which it means things that are happening at the same time, or are comparable to each other.

        Unparalleled solely refers to the second meaning, referring to a thing that is so superior as to not have another thing that is comparable to the first thing.

    2. Ucalegon

      Re: Unparalelled

      Doesn't it this mean no one else is doing the same thing as us? Which is, of course, the very story itself. Western world chucks Huawei out whilst we, in unparalleled fashion, clutch them slightly tighter.

  7. not.known@this.address Bronze badge

    Who would'a thunk Joss Whedon is prescient?

    He foresaw this Sino-English Alliance in Firefly/Serenity...

  8. John Savard Silver badge

    Barn Doors and Horses

    "so far there is notably little in the way of hard proof that Chinese network equipment contains actual backdoors or other features intended for espionage or theft of trade secrets."

    While this is certainly true, it doesn't seem to be a good guide to action. Instead, it pretty much guarantees that the barn door will only be locked after the horse is gone. Instead, what is needed is hard proof that any network equipment used does not contain backdoors. Including equipment made in China, but with the name of an American company on the box - and, for that matter, any equipment manufactured by any company in any country.

  9. 2Blockchainz

    Pick any country

    So, if you were to purchase Telco gear based on the host country government's likelihood to have compromised the software, where would you theoretically purchase it from?

    Somalia, because the government is ostensibly too weak, and lacks the expertise, to be able to compel equipment manufacturers to build backdoors and monitor the data that comes through?

    Singapore, Brazil, or Iceland, since they are theoretically unaligned to the major military powers?

    Cyprus, since even they themselves don't know who they are aligned with?

    What's wrong with the assumption that BGP can be compromised BY ANYONE, so any traffic anywhere, could be monitored by any party at my time? Would we then simply go back to a free-market calculation, where we look for a combination of quality and price?

  10. Cuddles Silver badge

    Legacy equipment

    "BT subsequently began uninstalling Huawei equipment from its 3G and 4G mobile network cores in December, publicly insisting that this was simply because it was legacy equipment inherited from EE when the mobile operator was bought out by BT in 2016."

    All their equipment is legacy equipment inherited from EE. The whole reason they bought EE is because they didn't have a mobile network of their own.

    1. HmmmYes Silver badge

      Re: Legacy equipment

      That statement does not convey the level of urgency or out of the blueness of BTs action.

      Similar actions are occuring in telecoms networks and essential infrastructure.

      Repeated in all 5 eye countries, japan and taiwan. And now even Germany.

      All to suck up to Trump .....

      Its not Trump. The balloons gone up. Panic!

  11. Fruit and Nutcase Silver badge
    Coat

    History

    "Lord Young of Cookham, a Conservative peer and government whip in the House of Lords, told peers: "We have set up unparalleled arrangements in this country" for assessing the security of Huawei equipment and software..."

    To be fair to the Yanks, they whist they were jumping up and down about Donald Maclean being, in modern parlance, a "backdoor" for the soviets, the British Establishment closed ranks and chose to ignore them.

    History repeating itself?

    Answers on a postcard to

    The Editor

    The Evening Standard

    London

    Ye Olde England

    1. HmmmYes Silver badge

      Re: History

      Ahh yes. UKGOV that centre of unparalleled software expertise....

      They have a building near chippenham, run by Giles and Fiona who have an oxbridge PPE or Art History degree.

      They get the chinese to show how they build and deploy releases.

      They have some clever chappies loaned from industry - Oh look Giles, brown shoes and Northern! - who say - The built binary / checksum dont match.

      All very clever hush hush.

  12. Anonymous Coward
    Anonymous Coward

    Luddites

    The furkin murkins av ben steelin udder purples shit fur eva, there way is ta get it (Nsa, Cia ) thief fur higher, serface thin win tey got it paintent it und then sue the fukers into non Xisantance, fug tey even bin makin movies bout it.

    i ant smart bud i smater tin U!

  13. old_nic

    The amazing thing about the UK secrecy situation is that everyone knows about everything but theoretically cannot say anything without breaking the law. I have never signed the Official Secrets Act, so I am allowed to say how many spoonfuls of sugar the Chief Secretary puts in his tea, except that I am not allowed to do so by the Official Secrets Act even though I haven't signed it, but I can't tell you that either without breaking the Official Secrets Act. It is recursive, and effectively the whole world is theoretically breaching it! So what happens when you have a silly law like that? Bit like Part P of the Electrical Regulations, which is a scam, so is the OSA. Mysterious people arrive at BT exchanges, and have done for all my life and do mysterious things which I don't know anything about. Woops, I am off to jail! Brave New World.

  14. W.S.Gosset Bronze badge
    Alert

    Huawei information

    That linked PDF is well worth a read. Very illuminating (even amusing) insider-info. Everyone rolling their eyes about "poor victimised Huawei" or "poor victimised China" - A/ hasn't had a lot of exposure to China - B/ NEEDS to read this. It looks long but it's big-type double-spaced.

    https://www.justice.gov/opa/press-release/file/1124996/download

    pp6-15 (!): the fleecage efforts and final success. Note headoffice hounding the H~ USA boys repetitively as their attempts to make their own tappy failed miserably.

    .

    p19-20 everyone should read: Huawei China announces its formal policy of a Bonus Program (monthly and annual) "to reward employees who stole confidential information from competitors":

    "Under the policy, HUAWEI CHINA established a formal schedule for rewarding employees for stealing information from competitors based upon the confidential value of the information obtained."

    1. W.S.Gosset Bronze badge

      Re: Huawei information

      vs Dell:

      https://forums.theregister.co.uk/forum/all/2019/01/29/huawei_cfo_charged_fraud_extradition/#c_3705197

      When i went to visit Huawei, we went through all their server and storage portfolio. They were all blatant copies of Dell HW, their USP was that they made their own flash so could offer big discounts, but in the the end they weren't much cheaper so not worth the risk of changing.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019