back to article Germany tells America to verpissen off over Huawei 5G cyber-Sicherheitsbedenken

German is expected to snub US pressure to cut Huawei out of its next-generation 5G networks, rejecting claims that the Chinese manufacturer is a security risk. According to German media reports, a weekend meeting of the German cabinet dug into the issue and effectively rejected America efforts to impose a global ban on the …

  1. overunder

    How about Apple's apparent deflation? The surgence of "cloud"?

    Hurry, try and drop Huawei stock so we can transfer investments from Apple to Huawei before Apple goes poof.

    As a paranoid US citizen, this whole issue feels dead on like 1 big trader scam. Someone might want to start to dig on the investments of those pushing this agenda. A lot of hardware manufacturers (or just a few 1%'ers really) stand to reap a influx of cash in the short term (ie. CISCO, AT&T, Amazon, etc..). I have a feeling that following the money, is following a crime.

    1. Voyna i Mor Silver badge

      Re: How about Apple's apparent deflation? The surgence of "cloud"?

      Huawei has its own processor designs as well as its networking and phone businesses. People seem to think they are pretty good - not Apple good but good enough.

      That threatens Apple, Qualcomm and Cisco and perhaps in future Intel.

      As neither Germany nor the UK have equivalent large companies, protectionism doesn't arise as an issue for them. And if Huawei's threat to direct its future investments to the UK and even transfer existing US assets there is serious, the UK stands to benefit considerably from US paranoia.

      1. low_resolution_foxxes

        Re: How about Apple's apparent deflation? The surgence of "cloud"?

        I cannot help but notice that Huawei has recently threatened Apple (selling Apple-quality phones for about £250, instead of Apple's £500-1000)) and Qualcomm (Huawei refusing to pay royalties to Qualcomm).

        Put both gargantuan companies in peril and you can imagine the anti-Huawei lobbying going on in the US. Even Samsung (heavily owned by US investors) is losing ground to Huawei.

        The UK is well aligned with Huawei, partially through the strong UK-Hong Kong links and HSBCs enormous revenues from Asia. The British are not going to upset the Chinese and actively seem to like having cheap goods, as opposed to the American model of "pay $1 per day and charge £700 for a smartphone in the US".

    2. DCFusor Silver badge

      Re: How about Apple's apparent deflation? The surgence of "cloud"?

      It does indeed some more like some sort of competition avoidance. And a lot easier to pull off than say, banning BMW or Audi autos (since autos aren't as fungible as net gear and people like those brands).

      Don't be confused I used German names - who'd buy any Chinese auto or even know a brand?

      My point was more protectionism and the idea of the politics being easier for some things than it would be for others.

      Now whether it's market "dirty" trading or just fighting over a slice of a decreasing pie rather than innovate to attempt to increase the size of the whole pie - which tactic has become popular as no one really has a new killer thing, and if no one else has noticed - we are in what amounts to worldwide recession despite governments cooking the books (lying)...I can't say.

      The litany of "if you can't innovate, litigate" is getting kind of old to me....funny, when the pie was getting bigger, there was a lot less of that.

      1. sprograms

        Re: How about Apple's apparent deflation? The surgence of "cloud"?

        "Who'd buy a Chinese car if they even knew a brand?" Exactly. People know little and inquire little, when cheaper products are on offer, and when they imagine they're employers will capture some huge piece of the Chinese retail market. They don't even know the other side of the thing.

        And so, Europeans are buying those Volvo Car products they've known so well for years. And yet almost all Volvo cars are now manufactured in China buy Chinese owners, using Kuka (had been German) industrial robots...which robots will in fact be manufactured in China not Germany once the 2023 contractual freeze expires. They've already, shock of shocks, built the new Kuka factory in China. They just aren't allowed to operate it yet. Where will the IP go in 2023? To China, of course.

        The Volvo cars are shipped by train complete to some eastern european markets, while most others are shipped in containers as complete car kits, for assembly in the EU. The trains arrive at the Chinese-controlled post in Duisberg, the largest inland port in the world. The train traffic had been "clothing and toys from China, German cars back to China." Well, that pleased Germans until the Volvos started arriving.

        Now Chinese investors (who swear independence of the CCP when abroad, but plead Party loyalty when in China) now control 10+8% of Daimler (Mercedes), have become the largest single shareholder of Deutsche bank, own Germany's largest and best industrial robot manufacturer, Kuka, so why not add Huawei to the mix: 5G network code has been vetted by GCHQ? Oh, are the code and chipsets static over the life of the system? No. China has Germany over a barrel. It's either breakup time or surrender time.

        1. Gorbachov

          Re: How about Apple's apparent deflation? The surgence of "cloud"?

          "Chinese investors ... have become the largest single shareholder of Deutsche bank"

          https://www.db.com/ir/en/shareholder-structure.htm

          4.88% held by BlackRock, Inc., Wilmington, DE

          3.14% held by Douglas L. Braunstein

          3.05% held by Paramount Services Holdings Ltd., British Virgin Island

          3.05% held by Supreme Universal Holdings Ltd., Cayman Islands

          3.001% held by Stephen A. Feinberg

          1.01%1 held by C-QUADRAT Special Situations Dedicated Fund, Cayman Islands

          This makes me not want to check your other claims.

          1. Bonzo_red

            Re: This makes me not want to check your other claims.

            You mean like the claim that "almost all Volvo cars are now manufactured in China buy Chinese owners"?

          2. Fins Analyst

            Re: How about Apple's apparent deflation? The surgence of "cloud"?

            On DB shareholders - factual only: C-Quadrat is managing HNA's stake - it was down to 6.34% in the most recent disclosure (12th Feb). HNA of China had been up to 9.9%, however they cannot own over 10% as that would require an application to the ECB to be green listed. Part of C-Quadrat's stake was through derivatives hence not directly disclosed but the FT etc have reported on it.

            Paramount (3.05%, 8th Feb 19) and Supreme (3.05%, YE17) are part of Qatar.

            Feinberg (3% YE18) is Cerberus, the US fund.

            1. John Stirling

              Re: How about Apple's apparent deflation? The surgence of "cloud"?

              Derivatives do not confer voting rights - therefore are not ownership.

              They are a speculative bet on the movement in the price, and are specifically not able to confer control.

              If they are 'physical' derivatives (i.e. backed by borrowed shares) then they may influence the share price when the derivative matures if it requires someone to acquire real shares to meet a promise. This can be funny to watch when a short trader gets it wrong.

          3. Anonymous Coward
            Anonymous Coward

            Re: How about Apple's apparent deflation? The surgence of "cloud"?

            >>This makes me not want to check your other claims.

            His claims are pretty accurate for El Reg commentary.....

            >held by C-QUADRAT Special Situations Dedicated Fund, Cayman Islands

            The above are HNA Group Co (Chinese) and they owned almost 10% until they recently reduced their stake to 6.3%. I'll leave it as an exercise to the reader why DB's website is less than current.

            Ref:

            https://www.bloomberg.com/news/articles/2019-02-16/hna-cuts-deutsche-bank-stake-again-as-chinese-group-plans-exit

        2. 10forcash Bronze badge

          Volvo production *facts*

          Torslanda - Sweden, Manufacures XC60, V90, V90 Cross Country, XC90 - Worldwide sales

          Ghent - Belgium, Manufactures V40, V40 Cross Country, XC40, S60, S60 Cross Country, V60, V60 Cross Country - Worldwide sales

          Shah Alam - Malaysia, Assembles V40, S60, V60, XC60, S90, XC90 for Southeast Asia

          Chengdu, China, Manufactures S60L, XC60 for China & US markets

          Daquing, China, Manufactures S90, S90L for China & Euro markets

          Two new Chinese plants are under construction, one at Luqiao (no public announcement of models or markets to be served) and one at Chengdu which will manufacture three Polestar models, this will be the first exclusively Polestar plant, previous models have been built on the production lines for their base models.

          Production plant can be decoded from the vehicles eleventh character of it's VIN.

          1. 10forcash Bronze badge

            Re: Volvo production *facts*

            Sorry USians, forgot the South Carolina Assembly plant, produces S60 models for worldwide distribution.

        3. Lars Silver badge

          Re: How about Apple's apparent deflation? The surgence of "cloud"?

          A few comments regarding Volvo, using to the wiki.

          "Volvo Cars' largest markets are China, the United States, Sweden, and the other countries in the European Union.[3] Most of its worldwide employees are based in Sweden.".

          They have factories in Sweden, Belgium, China, Malaysia, India, and the United States.

          Other facilities,Sweden, Gothenburg (Volvo Cars Headquarters, R&D and Safety Center)."

          Other interesting stuff regarding car production is of course this:

          Top 20 motor vehicle producing countries (2017)

          Country Motor vehicle production (units)

          China 29,015,434

          United States 11,189,985

          Japan 9,693,746

          Germany 5,645,581

          India 4,782,896

          South Korea 4,114,913

          Mexico 4,068,415

          Spain 2,848,335

          Brazil 2,699,672

          France 2,227,000

          Canada 2,199,789

          Thailand 1,988,823

          United Kingdom 1,749,385

          Turkey 1,695,731

          Russia 1,551,293

          Iran 1,515,396

          Czech Republic 1,419,993

          Indonesia 1,216,615

          Italy 1,142,210

          Slovakia 1,001,520

          The sad thing (perhaps) with Volvo Cars is that when they wanted to unite with Renault the shareholders did not accept it, but later they believed Ford would save them.

          And well yes, as one European said - "there is only one country between Europe and China". Cars do travel faster and cheaper on trains than on ships.

          PS. like with Nokia, alive without the phones, Volvo is alive without the cars too doing other stuff,

    3. Bugsy11

      Re: How about Apple's apparent deflation? The surgence of "cloud"?

      $300 billion in the bank and counting. Don't hold your breath for Apple to go poof. With or without China, Apple most likely has a bright future

  2. Roger B

    I'm thinking that in a few months, after many high ranking Chinese officials and Huawei directors have stayed at several Trump hotels and bought life time memberships to several of his resorts the US will release a statement that trade wars with China are over, they now have the best of deals in place and all Huawei gear is once more 100% Trump approved and safe for all to use.

    1. Martin-73 Silver badge

      Or they'll hack the wifi AP's and trump will spit his [dummy|binky|pacifier] again

    2. Robert 22

      Maybe also buy some coal.

  3. devTrail

    I'm not so sure about Huawey

    I'm not so sure about Huawey, after all the Americans got to the point that they can only use Trump and his aides as the negative characters that work by the evil prejudice. If Trump or Pence attack a person or a company often the public seeing them as evil tends to favour the opposite side. But Huawei itself is based in a country that does not do a lot of efforts to enforce the laws when the 'friends' are involved. Huawei could be easily bought by one of the corporations worried by the recent efforts of the Germans to rein in tax avoidance.

    1. Anonymous Coward
      Anonymous Coward

      Re: I'm not so sure about Huawey

      >> a country that does not do a lot of efforts to enforce the laws when the 'friends' are involved.

      That is a very wide definition that includes the USA first and foremost.

      1. devTrail

        Re: I'm not so sure about Huawey

        That is a very wide definition that includes the USA first and foremost.

        But in the case of 5G networks Huawei is not competing with Cisco, we are not talking just about switches and routers, it is a competition with Nokia (not the part bought by Microsoft) and Ericsson. Definitely from the point of view of transparency and accountability the difference between China and Europe is stark, China is a country with more than one bn people and just one party.

        I'll repeat that I don't think that the real issue is government spying, the way the media exploits the negative profiles built around Trump and his aides is driven by the private corporations that own the media and they are the ones we should beware of.

  4. Shadow Systems Silver badge

    I most vehemently disagree.

    "The anti-Huawei rhetoric emanating from Washington DC, which has been unquestioningly accepted within the United States..." is not entirely true. Many of us don't trust our government not to lie to us, stab us in the back, & do everything possible to fuck the rest of the world over as a form of protectionism/corporate greed. Not only do I *not* swallow the line about the company being bad, I would *go out of my way* to buy their products in a general TheFinger to Trump.

    You can scream about bad actors in their company sucking up to their political masters & opening the hardware/software for corruption/spying all you want, but given we can hold up a mirad of sources proving the U.S. government guilty of the very same thing, "pot meet kettle" is a fine way of saying ShutTheFuckUp.

  5. eldakka Silver badge

    In 2013, Edward Snowden revealed, among many other things, that the NSA had used vulnerabilities in Cisco products to spy on traffic and used a combination of secret laws and clandestine operations to tap into internet and mobile networks across the globe.

    I think this is the entire basis of the US's fears.

    Every Huawei core-router or switch used in a telco core network is one less piece of US kit that the US can (supposedly) use to tap into those networks. So it is a US security nightmare, as they'll lose their ability to tap into - and probably control in a "crash the network in case of war" scenario - these critical telecommunications systems. It is not necessarily a non-US security issue, in fact it could be an improvement in the security of the non-US networks from those nations perspective. Or just changing the security threat to being a Chinese threat rather than a US one, which some of those countries calculations might be a null-sum game vis-a-vis security, so the equation balances purely on the cost of the kit.

    1. Anonymous Coward
      Anonymous Coward

      US paranoia - especially the post 9/11 one - put them in the corner (and Trump bullying doesn't help at all) - but do you really prefer to be dependent on Chinese stuff for critical systems? Would short term gain by telcos buying lowest-cost equipment turn into a long term ugly loss?

      Evidently US, would need a far more cooperative approach instead of the MAGA one - but it's far beyond the actual administration capability. Which just risks to empower China more.

      1. Anonymous Coward
        Anonymous Coward

        >> but do you really prefer to be dependent on Chinese stuff for critical systems

        So, you think Cisco, Juniper and Level One all manage to keep up a supply chain that does not include China?

        1. Anonymous Coward
          Anonymous Coward

          Still they have more control than a wholly Chinese device. It's a more difficult, albeit not impossible, to tamper with a device when you supply only a fraction of it. Especially if you need to tamper with a specific device for a specific customer only to try to avoid easy detection.

          Anyway it's true that offshoring all of its production US put itself in trouble, and European companies as well. China was not Japan (or even South Korea) - but blinded by the sweatshop costs they didn't take into account what China really is.

          If they believed China would have been just a supplier of cheap labor (like for example India, Bangladesh, Vietnam, etc.) they were very wrong - there are less restrains in the Chinese culture (which in this regard is more akin to Japan) to try to achieve success. After all they had the Hong Kong and Taiwan example also, why they believed mainland China would have been different I can't understand. Pure greed blinding every other consideration.

          1. eldakka Silver badge

            It's a more difficult, albeit not impossible, to tamper with a device when you supply only a fraction of it.

            Well yes, when that fraction is like 3/4 of it.

            Many of the electronic components are either made in China or made from materials exported from China. And then most of them are shipped back into China for integration and assembly into larger components. This is true for ICs as well.

            Usually only final assembly and testing of the hardware occurs outside China. Although most of the software is made outside China.

      2. Tom 35 Silver badge

        They want a US company to make stuff cheap in China and all the profit to end up in the US companies offshore account. They don't want some upstart Chinese company selling direct and taking all the profit.

    2. Anonymous Coward
      Anonymous Coward

      Yep and this whole debate is absurd.

      Bang - spot on the real reason.

      Let's also not forget Huawei contributes to and even chairs many of the working groups at the 3GPP and IEEE for next generation networks. In fact the very next meeting of the 3GPP is in four weeks in Shenzhen, with a big welcome your hosts ... Huawei. They're about as integrated into '5G' as you can be.

      Politicians talk about 5G as something massively different. Yes there are new licensed bands, new air interface/modulation schemes coming, the mmWave ISM band stuff etc but many technologies are incremental improvements. '5G' is really now a marketing term. There isn't really a razor sharp cutoff between one release of the 3GPP and the next. It's continuous improvement from Release 14 (supposedly 4.9G if you want to call it that) to Release 15, which is arbitrarily defined as the official beginning of 5G. Many of the touted improvements will have to wait till future releases, just as they appeared incrementally from LTE into LTE-A.

      To be talking about 5G as this completely different, utterly distinct network with new gear absolutely everywhere is a fundamental misunderstanding of the nature of continuous integration of new technology into modern networks, especially on the telco side.

    3. Jellied Eel Silver badge

      Every Huawei core-router or switch used in a telco core network is one less piece of US kit that the US can (supposedly) use to tap into those networks. So it is a US security nightmare, as they'll lose their ability to tap into - and probably control in a "crash the network in case of war" scenario - these critical telecommunications systems.

      A lot of that is political control. So the US could tell Cisco, Juniper etc to implement CALEA. And if they say 'Nope', there's a bunch of assets and execs inside the US that could be punished. And so CALEA came to pass. Along side that, practically every country requires network operators comply with lawful intercept requests. So pretty much every bit of tin has that capability built in already. Or capability used for debugging/diagnostic call traces to be used for lawful intercept.

      Vendors like Huawei could say 'Nope', we're making out kit secure. But then large customers would be blocked from buying it because it's not compatible with national legislation. So it's not in vendor's interests to do that. It does make it harder for national governments to lean on vendors that operate mostly outside their jurisdiction though.

      5G risks are a bit of a strawman given part of the specs are to ensure that there's capability to support law enforcement requirements. War games are also a strawman, ie if things got so bad that missiles were about to fly, being able to order a pizza via your new 5G phone wouldn't be a high priority. Security of supply is the bigger issue, so US v China trade wars heating up, and China saying 'Nope' to exports of new kit or spare parts.

  6. Bitsminer

    Huawei is not a risk? Not true

    Of course Huawei product (including software) is a risk . Same as Microsoft Windows is a risk. Anything as complicated as 5G or MS Office will have hundreds of possible bugs. Therefore: risky.

    Risk is about the future. "Proving" absence of risk is impossible: you can't prove anything about the future, such as the absence of unwanted outcomes. (My favourite definition of risk.)

    Pretending their product is not risky (in the sense of: unwanted features, exploitable bugs, serious architectural or design flaws, or simple coding errors) is unrealistic. However, politicians like to simplify. So, simplistically, "low risk". Whatever category of risk you like to be low, there you are.

    1. Gorbachov

      Re: Huawei is not a risk? Not true

      While on average human individuals are crap at evaluating risk, experts can use data and statistics to give decent guesses which allows us to "manage" risk (e.g. insurance). There's also the distinction between risk and hazard to consider.

      "you can't prove anything about the future"

      This is a misleading statement. While we don't know what the lotto numbers will be we do know that the earth will move along it's orbit for the next few days. I would avoid https://en.wikipedia.org/wiki/Relativism when talking about hard-ish sciences.

    2. Anonymous Coward
      Anonymous Coward

      Re: Huawei is not a risk? Not true

      This is not a technological risk - we are speaking of a wholly different league than small networks, and even corporate ones - we're speaking of national infrastructures and their core systems.

      It's a political/strategical one. We're not talking about vulnerabilities that may happen in hardware or software. It is about what a company could do when requested by its government, once it has huge control over another country critical network. That's valid for any company, Huawei, ZTE, Cisco, HPE, etc.

      Actual devices may be clean - but are you sure that tomorrow a replacement installed in a hurry because of a failure is still clean? You would need to vet each and every one - and with hardware it could be very complex.

      What is riskier, Huawei, Cisco, etc. varies from your point of view. If your US, and probably Japan, evidently is Huawei. If you're Russia, you probably think Cisco could be a bigger problem. If you're EU, after Snowden revelations and Trump gorilla attitude towards EU and NATO you're probably caught in the middle - and should start to think about Ericsson and Nokia....

  7. Anonymous Coward
    Anonymous Coward

    Missing the obvious?

    The greatest risk to any network is the network owner, not the vendor providing the equipment.

    Why is it that many large organisations have their own cyber security needs - to manage both internal and external attacks.

    Why has Cloud remained untouched with respect to security risk? Any number of organisations are placing business critical apps and data in Public Cloud. To me, that is a much larger risk that a vendor whom is part of the ICT fabric

  8. 89724102172714182892114I7551670349743096734346773478647892349863592355648544996312855148587659264921
  9. WatAWorld

    It is not as if we won't know for certain US equipment can and will be used to spy on us

    It is not as if we won't know for certain US equipment will be used to spy on us. I find it quite easy to assume that under times of stress China and Chinese companies will conduct themselves no better than the USA and American companies.

    The question is, do we want one or two countries spying on us and our engineers, academics, industrialists, authors, artists, and governments?

    It is a big question.

    One part of the big question is who do we most compete with, who is our biggest competition with: the USA or China? I think the USA is a more direct competitor. The USA, Canada, the UK, we do a lot of the same things, provide a lot of the same services.

    China mostly markets cheap labour and cheap electronics, Canada and the UK do not sell those things to the world.

    When I press submit, this email will go through the web to the USA, from the USA to the UK via undersea cable, and from there to The Reg.

    If I was submitting to a French news outlet, it would go through the UK to get to France.

    I'm tempted to assume our international telecoms are spied on by a minimum of 3 nations. Being spied on by 3, 4, 5 now anyways, what does it matter if there is one more?

    The only protection is end-to-end encryption, and it seems our own government security security agencies, the people who are supposed to be protecting us are busy lobbying to have our end-to-end encryption made insecure and breakable. We, the citizens of our countries, have no defenders.

    1. Anonymous Coward
      Anonymous Coward

      "China mostly markets cheap labour and cheap electronics"

      Wrong - China is far more advanced than you think, and that's why Huawei can bid for latest technology networks. Moreover China is working hard to close the remaining gap, and spying is a big part of that effort.

      Should you trust US or any other country? Evidently not. Still some countries are far more impenetrable when it comes to defend your interests. Try to defend one of your patents in US and China... and see the differences.

      Which is the most dangerous competitor? Bowens made photo lightning equipment in UK since 1923. It was killed by Chines clones, not US manufacturers (which may sell in US only, the fools!).... Chinese companies that started as OEM manufacturers for Western brands, and then started to sell themselves.

      End-to-end encryption won't save anything if the very device it runs on can be compromised.

  10. Charlie Clark Silver badge

    Get the facts right

    There is, of course, a risk with Huawei. As there is with American equipment. And Europeans are caught in the middle wishing to upset neither party, both of whom are important trade partners.

    Which American companies are still making mobile networking gear? And which of those are making it in the US? After the 3G hype the equipment market essentially collapsed with Lucent merging with Alcatel, Siemens with Nokia and production moved almost entirely to China. The shift and consolidation was completed with the 4G rollout with US-only standards like WiMax, CDMA, and iDEN being dropped in favour of LTE, because it was cheaper to buy.

    If there is a race to 5G then the Chinese and Koreans have already run it. For years, Huawei has been building small and efficient base stations, and it was the efficiency and design as much as the price that got them sold. The Chinese internet has been largely mobile for longer than the US and, with a much higher popular density, has a far greater need for the bandwidth that 5G promises.

    So, there are few real business arguments here, it's clumsy Trump's usualy attempt of leaning on a couple of companies as part of trade negotiations. Just like declaring european-built cars a threat to national security so that they can be given tariffs as part of negotiations over importing US gene-modified produce… But there are real risks associated with the bullying, for the US threatening Huawei is only likely to boost the Chinese chip market so that it is no longer dependent on Intel, Qualcomm or nVidia. Europe is already annoyed over tariffs slapped on it and is getting more so over the Iran deal. Currently the US benefits from its hegemony in world trade and the status of the dollar as the world's reserve currency, but by forcing countries to work around its restrictions, the US is actively undermining its own position.

    1. Anonymous Coward
      Anonymous Coward

      "with US-only standards [...] being dropped in favour of LTE, because it was cheaper to buy."

      Maybe especially because US telcos using different incompatible standards, moreover incompatible with the rest of the world, was not so smart? You know that US for a long time lagged behind Europe and Japan in mobile, because telcos were much more worried about customer lock-in than improving the network? Just like it's happening with broadband? Under this perspective, Chinese are much, much smarter.

      1. ckm5

        Re: "with US-only standards [...] being dropped in favour of LTE, because it was cheaper to buy."

        "You know that US for a long time lagged behind Europe and Japan in mobile, because telcos were much more worried about customer lock-in than improving the network? "

        This is a common misunderstanding.

        The reason why the US never warmed to GSM is because the cell radius is 1/4 that of CDMA. In a large, lightly populated country like the US, GSM require 4 to 6 times more infrastructure to build out.

        So the largest carriers chose CDMA instead. The fact that it was incompatible with the rest of the world was not that much of an issue since most Americans don't really travel internationally.

        And, in reality, CDMA was better than GSM in many ways, so much so that it became the basis for LTE.....

        1. Lars Silver badge
          Happy

          Re: "with US-only standards [...] being dropped in favour of LTE, because it was cheaper to buy."

          Perhaps there is a simple "not made here" reason for it in the US, as long as that lasted.

          "GSM (Global System for Mobile communications) is a standard developed by the European Telecommunications Standards Institute (ETSI) to describe the protocols for second-generation (2G) digital cellular networks used by mobile devices such as mobile phones and tablets. It was first deployed in Finland in December 1991.[2] As of 2014, it has become the global standard for mobile communications – with over 90% market share, operating in over 193 countries and territories."

    2. Anonymous Coward
      Anonymous Coward

      Re: Get the facts right

      @Charlie Clark

      I still not sure that Trump is like this because he doesn't understand that there is a long game or that he's following the Bannon/Putin agenda and purposefully trying to have other countries stop using the greenback as the worlds reserve currency in the name of Libertarianism, which will really put the breaks on the US economy and possibly enable the Oligarchs to really take over.

      1. Charlie Clark Silver badge

        Re: Get the facts right

        Giving up the hegemony would be wrenching for the US and lots of other countries, but I don't think Trump really understands what will happen if the dollar loses its status (currently unlikely as current exchange rates and bond yields suggest) as reserve currency. But the SPV (special purpose vehicle) being set up for trading with Iran could be the first of money. Difficult to see Trump's chums really doing well if bond yields really were suddenly to spike. Of course, the US, as has nearly every other country, defaulted on its loans, but the size of that government debt… you could probably build a wall just with all the bonds issued to finance it.

        I've said it before, I don't think Trump is stupid, but he does seem very thin-skinned and with a very short attention span. His chummy business deals of "you'll go bankrupt before me" just don't work so well on the international stage. While the "policy by tweet" works well in the US (news cycle on steroids, with Trump in control), it is really destabilising international relations. Cue trip to meet Kim Jong Eun again as a photo opportunity pushing Japan, South Korea and China closer together because they don't think they can rely on the US not to fuck things up.

  11. WatAWorld

    Here is a 2008 article from right here on The Reg about the issue.

    Remember that the anti-Huawei rhetoric began before Obama and before 5G. In Canada we started hearing nonstop publicly from US officials back in 2014.

    Here is a 2008 article from right here on The Reg about the issue:

    https://www.theregister.co.uk/2008/12/18/huawei_optus_ties_nbn_security_concerns/

    Just do a web search on Huawei spying while specifying under Tools before 2012 and you'll see dozens of articles.

    On the iPhone, which some think relevant. A list from 2016 of where the components that make up an iPhone are from. Note that the 3 components that list a US company each say "outsourced for manufacturing", which probably means they're made not in the USA, but in one of the countries that still makes electronics components.

    Accelerometer: Bosch in Germany. Invensense in the United States.

    Audio Chipsets and Codec: Cirrus Logic in the United States (outsourced for manufacturing).

    Baseband processor: Qualcomm in the United States (outsourced for manufacturing).

    Batteries: Samsung in South Korea. Huizhou Desay Battery in China.

    Cameras: Sony in Japan. OmniVision in the United States produces the front-facing FaceTime camera chip but subcontracts TMSC (in Taiwan) for manufacturing.

    Chipsets and Processors: Samsung in South Korea and TSMC in Taiwan. Alongside their partner GlobalFoundries in the United States.

    Controller Chips: PMC Sierra and Broadcom Corp in the United States (outsourced for manufacturing).

    Display: Japan Display and Sharp in Japan. LG Display in South Korea.

    DRAM: TSMC in Taiwan. SK Hynix in South Korea.

    eCompass: Alps Electric in Japan.

    Fingerprint sensor authentication: Authentec makes it in China but outsources it to Taiwan for manufacturing.

    Flash memory: Toshiba in Japan and Samsung in South Korea.

    Gyroscope: STMicroelectronics in France and Italy.

    Inductor coils (audio): TDK in Japan.

    Main Chassis Assembly: Foxconn and Pegatron in China.

    Mixed-signal chips (such as NFC): NXP in Netherlands.

    Plastic Constructions (for the iPhone 5c): Hi-P and Green Point in Singapore.

    Radio Frequency Modules: Win Semiconductors (module manufacturers Avago and RF Micro Devices) in Taiwan. Avago technologies and TriQuint Semiconductor in the United States. Qualcomm in the United States for LTE connectivity.

    Screen and Glass (for the display): Corning (Gorilla Glass) in the United States. GT Advanced Technologies produces the sapphire crystals in the screens.

    Semiconductors: Texas Instruments, Fairchild and Maxim Integrated in the United States.

    Touch ID sensor: TSMC and Xintec in Taiwan.

    Touchscreen Controller: Broadcom in the United States (outsourced for manufacturing).

    Transmitter and Amplification Modules: Skyworks and Qorvo in the United States (outsourced for manufacturing).

  12. trisul

    Ridiculous article

    It's not about whether Huawei is spying on us today, but about the risk of them abusing the infrastructure we are to build. Huawei has ties with the Chinese government, the Chinese government has been spying on us and wants to dominate us. Do we deliver our next generation communication platform into their hands? I say "no", regardless of whether they have already been caught spying. If they can, they will do it ... 100% certain.

    1. Kane Silver badge
      Thumb Up

      Re: Ridiculous article

      "It's not about whether Huawei Cisco is spying on us today, but about the risk of them abusing the infrastructure we are to build. Huawei Cisco has ties with the Chinese American government, the Chinese American government has been spying on us and wants to dominate us. Do we deliver our next generation communication platform into their hands? I say "no", regardless of whether they have already been caught spying. If they can, they will do it ... 100% certain."

      There, fixed that for you.

    2. jason 7

      Re: Ridiculous article

      Everything now ties back to the Chinese Government.

      They build everything. We let them.

      Tough!

  13. Milton Silver badge

    Capabilities

    I won't bore you all again by pointing out that from a security point of view you must weigh capabilities first, not merely intentions.

    So my question is not "Can we prove Chinese-originated kit has backdoors?" but "Could China do this?"

    Given the vile nature of that country's government and the risks it poses to western liberal democracy and human rights, we should sup with an immensely long spoon.

    My second question then is "How confident can the likes of GCHQ be in their assessment?" We should assume Chinese coders are at least as sneaky as any others ... So, are we feeling lucky, punks?

    1. This post has been deleted by its author

    2. Hans Acker
      Joke

      Re: Capabilities

      So my question is not "Can we prove Chinese-originated kit has backdoors?" but "Could China do this?"

      If they can do it, any country can.

      What makes you sure that the German government didn't order car manufacturers to build remote kill-switches into every car sold abroad? They certainly have the technology.

      Given the vile nature of that country's government and the risks it poses to western liberal democracy and human rights

      China poses a threat, indeed, because it provides a good example to politicians who more and more like to copy China's policies because they're so tough on crime, have taken their Internets under control and all-in-all have very good ratings in the voting booths. And look at all the happy people in the official photographs!

      Not sure if joking or not. I'll be off to DX and buy some more cheap stuff. Free shipping, too! Chinese worker and environmental protection laws are so practical as long as they don't apply to me.

    3. A.P. Veening

      Re: Capabilities

      Capabilities is one, past behaviour is another, so one strike against China and Chinese companies, three strikes against USA and Cisco.

  14. Anonymous Coward
    Anonymous Coward

    Republicans hate capitalism

    Surprise surprise, when capitalism becomes a disadvantage, republicans resort to all sorts of dirty tricks.

    Replublicans don't actually stand for anything - their policy for the day is what helps them the most at that time. Principles be damned.

    1. Sanguma

      Re: Republicans hate capitalism

      You know the old saying,

      There's no atheists in the trenches

      No nuns in the brothels

      and no capitalist in business.

  15. jason 7

    I've asked the same old question time and time again.

    Please provide real proof that Huawei kit is spying and reporting back!

    I want to see reports on actual firmware, chips, lab tests finding rogue signals and activity etc. not 'vague warnings' from Western Govt InfoSec folks.

    All I get is tumbleweed.

    You would think someone would have found something...

    1. eldakka Silver badge

      Re: I've asked the same old question time and time again.

      not 'vague warnings' from Western Govt InfoSec folks...

      ...who have vested economic, intelligence, military, political and imperial (i.e. American Empire) interests in the matter.

    2. Wim Ton

      Re: I've asked the same old question time and time again.

      If they would tell, they would give away too much information about their own capabilities.

  16. Anonymous Coward
    Anonymous Coward

    >>something that is credible given that GCHQ has access to Huawei's source code

    Well, to be fair, there is really no way of knowing for sure. Just like with other gear. You can know that THIS version of the firmware is fine.

    I have worked for a german provider and I can assure you that a lot of effort is put into troubleshooting testbed installations (networks like these are never just one vendor only, and interoperability has to be ensured among stations and of course between a myriad of different phones) and also evaluating upgrades from the vendor before rolling out. Actually going the extra miles of auditing every bit and piece of source code and then making sure the source compiles JUST THAT binary you're testing / rolling out is beyond anyones scope.

    As things stand, with upgrade evaluation in testbeds we are usually 6-9 months behind the release date when the upgrade roll out to the stations.

    And Huawei compounds the problem to a certain degree, as they are very helpful in accommodating customer wishes / bug reports / requests. They will happily customize to the providers or networks specifications, which then again boils down to there being lots of different firmware versions you'd have to keep track of as an auditor. The same piece of kit in London and Berlin is very unlikely to run identical or even comparable firmware images...

    One thing that has never been mentioned - it is relatively easy to keep an eye on possible "leaks" or 3rd party monitoring. Because eventually for that to work the data has to be routed out of the networks, away to China or whatever. That is relatively straightforward to keep an eye on, as mass snooping would create a metric fuckton of data traffic that should not be there.

    1. Anonymous Coward
      Anonymous Coward

      I think as big an issue would that a company/government, nearly the same thing now, could kill/disable the kit at a critical time or more insidiously cause outages/contention int specific areas but still leave enough function for the problem to not be highly suspicious. I'm doubtlessly paranoid but things like that pop into my mind as issues. I absolutely concede you are in a better position to talk about that than I am.

    2. Anonymous Coward
      Anonymous Coward

      "it is relatively easy to keep an eye on possible "leaks" or 3rd party monitoring. "

      Are you sure? You don't really need to route it to China (still, how could you detected if among other traffic from to China?), and mass snooping is not the main risk. Targeted snooping is, or being able to launch attacks to critical infrastructures or disrupt operations when needed.

      The risk is not that China (or any other foreign entity) would like to compete with Facebook or Google...

    3. Anonymous Coward
      Anonymous Coward

      Metrics

      "metric fuckton" - a Yotta is 10 ^ 24, this metric is 10 ^ of what ?

      https://en.wikipedia.org/wiki/Yotta-

      1. Anonymous Coward
        Anonymous Coward

        Re: Metrics

        Ah those new SI prefixes ...

        Like those brain-bending ultra high energy gamma rays coming at us from space at 3.4 FucktonHertz (FuHz), which converts to a wavelength of 0.294 Trumpadickametres (∏m) - about as close to the Planck length as you can get for any male appendage.

  17. DeeCee

    Even if they dont do it now..

    Even if they dont do it now that gear puts us under the risk of them adding the functionality in future patches, US is generally our ally(at least when its not led by a hairy poo filled orange) so even if it is bad, its not AS bad. sucks that EU is busy with stupid stuff and doesnt take initiative on anything, we(EU not individual countries) should do South Korea and support our companies

    1. This post has been deleted by its author

  18. Anonymous Coward
    Anonymous Coward

    B.b.b.b.b.ut will nobody...

    ... think of Tappy™® !?!

  19. jason 7

    Dont buy Huawei!

    ...cos we can't hack it!

    Says Western Govts!

  20. mhenriday
    Boffin

    Heed the Bellman (or Michael Richard Pence)

    Europeans can't find any evidence of Chinese spying
    Alas, we European are constitutionally blind to «evidence». We should heed the Bellman :
    Just the place for a Snark! I have said it twice:

    That alone should encourage the crew.

    Just the place for a Snark! I have said it thrice:

    What I tell you three times is true.

    Henri

  21. mutin

    They gonna say Ooops! right?

    What people are usually saying when found that pwned? Oops ... we do not believe!

    With all China great reputation for hacking and stealing secrets what else is needed to stay away from them handling your major resources?

    May be some influx of Chinese immigrants to keep Merkel happy?

  22. Big_Boomer

    They're in your BRAIN!!!

    Yup, USA, Russia, China, EU, UK,... and even the Andorrans are ALL spying on you (I'll bet most of you Yanks had to check on where the **** Andorra is <LOL>). Better to be paranoid and live in a shed in the middle of nowhere with your tinfoil hat on. The whole Huawei thing always was a trade war and has nothing to do with security or backdoors, although the US are probably bigging it up as they are undoubtedly STILL guilty of doing EXACTLY that, despite the NSA revelations. Yes, the US and EU is rightly afraid of the economic might of China but using obvious bullsh!t to justify your actions just makes you look like a dumb****! This is just another turn around the mulberry bush as the US economic influence fades whilst that of China grows. In 50 years time it'll be Indonesia or India vs China.

  23. LordHighFixer

    Aggregrate Edge Case

    What I am waiting for is a flaw/hole/backdoor, that relies on multiple pieces of kit coming together to make a complete puzzle. You inspect the code of each individual device and it all looks good, except for in a couple of rare edge cases where it acts a little weird, but it isn't actually a problem, and meets spec. Multiple devices installed on a network each with just a little weirdness, working perfectly until given the hidden trigger (a crafted malformed packet?) they come together to perform whatever function was originally designed in. How would you even begin to detect such a thing.

    I am sure we all have never seen one of those "this should never happen" error messages.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019