back to article Vodafone: Daft Huawei comms gear ban will cripple UK – and cost punters loads

Vodafone played down 5G expectations as it elaborated on its own 5G plans today - and warned that interference over Huawei by Government would retard the UK’s mobile network leadership. Vodafone said the Huawei ban would require it to rip out a third of its 4G network, costing a huge amount of money, and delaying roll out by …

  1. Yet Another Anonymous coward Silver badge

    Would be ironic

    If Europe followed America's security warnings and insisted only European kit could be used in its phone network.

    Obviously you can't have any of those Intel CPUs with their backdoors <cough> ubiquitous security bugs </cough> or those Microsoft operating systems with their phone home telemetry

    1. SolidSquid

      Re: Would be ironic

      You mean given the whole "CISCO gave the NSA backdoors to their customers across the globe" thing?

      1. Yet Another Anonymous coward Silver badge

        Re: Would be ironic

        Remember US companies are forced by law to give the government secret access to the data

      2. Anonymous Coward
        Anonymous Coward

        Re: Would be ironic

        “"CISCO gave the NSA backdoors to their customers across the globe" thing?”

        I assume you are referring to lawful intercept?

        If so, a more correct explanation would be “the US required communications providers to allow law enforcement access to data streams to comply with legal demands.”

        Installation of the software was a choice made by the customer, who was typically legally obliged to run it.

        I’m not sure that’s a back door. If so other companies providing communications services at the time had to meet similar demands (ie Nortel, Lucent, Ericsson and likely others)

        1. Yet Another Anonymous coward Silver badge

          Re: Would be ironic

          That's one of those irregular verbs isn't it:

          The Chinese government forces companies to spy for it

          The US required communications providers to allow law enforcement access to data

          The Australian government wants makers to redefine the laws of mathematics to give it access without a backdoor

        2. sanmigueelbeer Silver badge
          Happy

          Re: Would be ironic

          I assume you are referring to lawful intercept?

          No, he's talking about lawful intercept used unlawfully.

          1. Anonymous Coward
            Anonymous Coward

            Re: Would be ironic

            "No, he's talking about lawful intercept used unlawfully."

            But to use it unlawfully, you need to replace the "normal" software image on the device with a lawful intercept release AND configuration added to use the functions.

            If your software/configuration management processes or day-to-day administrative activities don't pick up that change, I guess you could call it a backdoor.

            For your point about using it unlawfully, I will assume that it's install is approved by the communications provider (because it's far easier to get away with installing a tap to get the same level of access if you have physical access to the kit) but the use by government agencies exceeds the bounds of any legal framework. While I agree this is unlawful, it's use is subject to governmental oversight - if there are no checks and balances in the legal/governmental framework then you are screwed.

            But from the equipment manufacturers point-of-view and the telecommunications companies points of view, this is a legal compliance issue. Not a backdoor that nobody is aware of.

            1. Paul Hovnanian Silver badge

              Re: Would be ironic

              "But from the equipment manufacturers point-of-view and the telecommunications companies points of view, this is a legal compliance issue."

              Its all semantics. It might be called a National Security Letter. Or whatever the equivalent is in China. The implementations might be different, but the end effect is the same.

              "Not a backdoor that nobody is aware of."

              Define 'nobody'. The guy working the night shift in the data center might be aware of the guys in trenchcoats puttering around in the racks. But that Letter says he can't talk about it. So upper management might be blissfully unaware. And there's that plausible deniability for the CEO. "We have no evidence of backdoors in our system." Semantics again. Don't ask, don't tell.

              1. Anonymous Coward
                Anonymous Coward

                Re: Would be ironic

                "The implementations might be different, but the end effect is the same."

                I'd argue the effects are very different - most (all?) countries implement some form of monitoring or ability to monitor communications. The differences between how they are implemented and used is significant. If no monitoring of communications is a non-existent utopia, distinguishing between how monitoring is done is more than just semantics, it's how we get to an acceptable balance between differing requirements within our societies.

                "Define 'nobody'."

                This is an IT site so I would expect there to be some acknowledgement about the difference between how users view a system versus what people with full control of the devices can do. Capturing information off proxies, web servers, and any intermediate device between a client and a server is relatively straight forward if you administer those devices with the only likely restrictions being the policies and procedure your employer requires. i.e. even without lawful intercept, the things lawful intercept allows are possible if you have the required device access.

                For a back door, the assumption is that it is not known by the majority of those that administer a system, and is unable to be removed versus lawful intercept which is implemented by choice of the administrator and could potentially be disabled if legal/political conditions change.

                "Semantics again. Don't ask, don't tell."

                Or ignorance. Don't look and you won't know, and then imply that some vendors don't allow this. Lawful intercept is well documented from multiple vendors, legal authorities and law enforcement agencies at a high level. While the legal framework around it is difficult to challenge and slow to change, it can be challenged.

                If your concerns are around privacy for user traffic, then that's a legitimate concern. If your concern is security, then I disagree that lawful intercept is a backdoor.

                1. tip pc Bronze badge
                  Big Brother

                  Re: Would be ironic

                  “For a back door, the assumption is that it is not known by the majority of those that administer a system, and is unable to be removed versus lawful intercept which is implemented by choice of the administrator and could potentially be disabled if legal/political conditions change.”

                  Can you point to any documents from anyone like Cisco, bluecoat/Symantec, juniper, Citrix, VMware or other infrastructure providers (physical or virtual) concerning their versions of supported software that contain lawful intercept capabilities with details of how those capabilities can be disabled or supported firmware installed without those capabilities?

                  “Or ignorance. Don't look and you won't know”

                  I’m guessing your trying to conflate troubleshooting tools that monitor and record traffic with lawful intercept which are 2 different things, lawful intercept being the one where either the business that owns the kit is knowingly sending information to law enforcement or law enforcement by pre agreement come in and take the information whenever they want in both cases those that generated or own the information, if not the business that provides the intercept, have no clue their data is being shared with a third party. In China it’s a given that the authorities will be inspecting your traffic, elsewhere we expect that not to be true. If western nations are recording and monitoring our traffic they should be loud and proud about it instead of being underhanded. Monitoring without telling is spying & unlawful.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: Would be ironic

                    "Can you point to any documents from anyone like Cisco, bluecoat/Symantec, juniper, Citrix, VMware"

                    Cisco - This is not a complete list - the number of different options has increased significantly since the good old days of IOS with different feature releases where the Lawful Intercept option was obvious.

                    For an ASR 9000, a PIE software activation module is required:

                    https://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-3/security/configuration/guide/b_syssec_cg43xasr9k/b_syssec_cg43asr9k_chapter_0110.pdf

                    Juniper - no software version details as I understand that an additional flow-tap/capture vision is a licensed item:

                    https://www.juniper.net/documentation/software/junos/junos82/swconfig82-services/html/flow-tap-config.html

                    For the others, look for CALEA (Communications Assistance for Law Enforcement Act) solutions for the respective products.

                    "I’m guessing your trying to conflate troubleshooting tools that monitor and record traffic with lawful intercept which are 2 different things"

                    I'm trying to suggest that there are multiple ways of achieving traffic monitoring. The troubleshooting tools that are used by admins to do their jobs can just as easily be used by a third party with access to systems to monitor traffic illegally. Network taps in third-party data centres can be implemented such that system administrators aren't even aware they are there.

                    Providers using lawful intercept equipment are typically doing so to comply with legal requirements, not through choice - being aware of what can be done and what legal requirements must be met is the first step to understanding the level of threat lawful intercept presents and what legal frameworks exist to force the implementation.

                    "Monitoring without telling is spying & unlawful."

                    Which is why the point of the various lawful intercept systems is to record the monitoring and ensure there is legal oversight.

                    Otherwise you take the Chinese/Five Eyes approach and just monitor everything. The great firewall of China effectively acts as a centralised location for Internet access, controlled by security services. Five Eyes, to the best of my knowledge, installs cable taps into and out of respective countries.

                    I know which of those approaches worries me more.

    2. streaky Silver badge

      Re: Would be ironic

      It would be ironic - not only has GCHQ's own (published) advice to the government been that the risk is manageable, and they're cooperating, but I'm fairly sure I recall the part where we told the US to go stuff themselves on this. They might be considering certain restrictions but beyond that I can't see it happening in the UK. The EU27 on the other hand have no capability to even evaluate the risk let alone manage it but leave them to it I say.

      Plus we have photos of the Cisco thing thanks to Snowden...

  2. Gwaptiva

    Not like the UK needed any outside help with crippling itself

    1. Nick Kew Silver badge

      Vodafone isn't Government.

      Most of our major companies push back against government idiocy when necessary. Vodafone is one of those.

  3. djstardust

    Vodafone

    Have only ever been about shareholders and profit.

    Their customers, staff and telecoms equipment the use are just an inconvenience to their money making racket.

    1. Nick Kew Silver badge

      Re: Vodafone

      In the absence of a monopoly, they must have a fair few customers who disagree with you.

  4. Vimes

    *cough*Gerontic*cough*

    Hardly surprising Vodafone would be so supportive of a company accused of questionable activities given their own history.

  5. en.es

    cart b4 horse?

    I just wish they could sort out the rest of the network first - we don't get reliable call reception outside never mind any sort of data at all, be it Edge, 3G or 4G at the moment.

    (Not just a whinge at Vodaphone - we have no coverage from any suppliers here in not so deepest East Anglia)

    1. JaitcH
      Meh

      Re: cart b4 horse?

      Your situation represents today's Britain in so many ways.

      I write this post from a very small village, a hamlet, named Po-Y (pronounced Bo-Eee) on the border of Laos in VietNam. In other words it's really the boon-docks but there is a decent sized fibre optic cable and, within a couple of hundred metres of the physical border, a 2G and a 4G base station.

      In fact, the Laotian customs / immigration offices use VN 4G services.

      But hope maybe on the way for you - Spacex satellite clusters!

  6. Chris G Silver badge

    All of the major telcos in Spain also depend on Huawei phones as a part of their marketing, they offer comparable features to a lot of Samaung kit, the cameras arr mostly pretty good and I am sure they get a good deal on a truck load of top end phones.

    I suppose the Yanks can't really put limits on Sammy kit as they are allies with Korea.

  7. Anonymous Coward
    Anonymous Coward

    What if.... Hey Nick Reade (Vodafone), can you asure your customers “Huawei to hell” is not spying on us? Well, if you can’t maybe you don’t deserve me to be your customer... hum... food for thought

    1. This post has been deleted by its author

  8. JaitcH
    WTF?

    The Question Is: Who Would You Prefer Listening To You - GCHQ / NSA or The Chinese?

    This is the USA playing dirty on trade deals - Canada has experienced all sorts of dirty dealing under NAFTA (1) from the USA.

    The country that claims to be THE technology leader (USA) doesn't make cell system hardware, not only that, HuaWei holds hundreds of critical patents.

    Personally I find Chinese professional equipment to be of high quality and reliable Surely the joint GCHQ / HuaWei Research Centre in Banbury would have squawked long and loud if there was anything detrimental with HuaWei 5G.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019