back to article UK Defence Committee probe into national security threat of Huawei sure to uncover lots of new and original insights

UK Parliament's Defence Committee is to open an investigation into 5G and Huawei with a special focus on national security concerns. The House of Commons committee, made up of MPs, wants to find out for itself whether or not Huawei poses a threat to national security, something that nobody has ever raised before and which is …

  1. Len Silver badge
    Holmes

    Many layers

    I wouldn't be too sure that some local committee somewhere can't unearth a way of looking at it that nobody has found before. After all, this is a very complex issue. There are at least three different groups in the US alone, some of whom have been looking at Huawei for over a decade, and all three are some times at odds with each other.

    The first strand is the national security issue backed by various players in the US intelligence community. The report by the Heritage Foundation putting this on the agenda is from 2008.

    The second strand is the Iran sanctions evasions issue, backed by the US State Department and the US Department of Justice. A company called Skycom was involved in sending communications tech to Iran, evading sanctions. It's unclear to me at what point these two departments became aware of it but the general public became aware in 2013 that Skycom was in fact a front store for Huawei.

    The third strand is an economic one as, when he entered office in 2017, Donald Trump opened a trade war with China. He has made Huawei a pawn in a global trade war and has often hinted that he could relax his stance on Huawei in exchange for some concessions on trade. Much to the chagrin of the people behind Strand 1 and Strand 2.

    It seems easy to forget that the first two of these strands of concern about Huawei date from a time when Donald Trump was still just a TV show host and con-man. DT merely added an economic strand to it by making it about trade.

    And that is just the US. On a global scale there are other factors at play too. Such as countries that are too small to worry about spying and too small to fully ban Huawei for fear of falling behind on mobile infrastructure (economics) or for fear of upsetting China (politics). The EU, for instance, has tried to walk a tight-rope between its security interests, its economic interests and its political interests and came out with the policy of allowing Huawei but not in the core network. If you're let's say Vietnam or Brazil that is not a luxury that's on offer as they're too small to make a serious impact.

    Interestingly enough, the UK for now seems to follow the EU approach, but there are allegedly tensions and divisions running even through the UK cabinet (and the shady figures that operate in its shadow) about which way to go on Huawei.

    I don't think anything, or anyone, in Westminster is relevant enough have any decisive impact on this matter on a global scale but it might unearth some new views or facts.

    1. NoneSuch Silver badge
      Childcatcher

      Re: Many layers

      Putting actual facts in front of the politicians creating the laws of the land.

      Madness. Where's the spin? Where's the hype? Where's the outrage? Won't someone think of the children!?

  2. Anonymous Coward
    Anonymous Coward

    Threat to National Security

    Didn't Theresa May, as PM, consider Boris Johnson, as Foreign Secretary, to be a Threat to National Security ?

    1. Len Silver badge
      Pirate

      Re: Threat to National Security

      Just wait until Prince Andrew is announced to be succeeding Queen Elizabeth.

      1. KittenHuffer Silver badge
        Joke

        Re: Threat to National Security

        But that's only cos he bullied Harry into dropping out!

  3. Mike Shepherd
    Meh

    Surely

    Surely operators would be happy to use western equipment (supplied at Huawei prices, of course) - when they get around to inventing it.

    1. ivan5

      Re: Surely

      Don't forget all the 5i's backdoors that are includes in western equipment at no additional cost.

  4. alain williams Silver badge

    They really understand their onions - not

    They say here that:

    Your uploaded file must be a single Word, ODT or RTF document

    One of those is a program, the other two document formats, sigh :-(

  5. Anonymous Coward
    Anonymous Coward

    Lets be quite blunt about this.... The western world has spent the best part of a decade or more pulling Huawei kit to pieces in anyway possible to look for security weaknesses or spyware, and no-one has yet found anything substantial or significant, apart from the usual crop of bad practices and sloppy coding.

    Were any other manufacturers kit subject to the same analysis it would no doubt show up lots of issues.

    Britain has no ability to use "home grown" system as we do not make any - we allowed all our tech companies - Marconi, STC, Ferranti, Pye, Plesey, etc., to go down the tubes. Hence we must use European (Alcatel/Ericsson/Nokia/Siemens) or American kit. The Americans would love us to use theirs, and through the patriot act, their companies are as obliged to co-operate with the US government on export matters as much as any chinese company is obliged to co-operate with the chinese government.

    The fear the Americans have over Chinese kit is almost certainly that they have no backdoor access to it, unlike their own exported kit, nor can they mandate that backdoors are incorporated. At a second level, they fear the kit because it is cheaper and better than anything they make, so taking skilled jobs and revenue away from them.

    What is really worrying about a bunch of MP's discussing this, is that none of them have any clue about any of this. For instance, the defence committee website referred to in the article states that Huawei will not be prohibited from supplying less critical items like antennae and masts. Perhaps someone should explain to them that a mast is (nominally) a collection of welded steel tubes arranged in a latticework and performs no security function other than holding the antennae in the air. Without demeaning our cousins in the civil/structural engineering field, it's not exactly hi-tech or rocket science. And I suspect Huawei do not even supply or care about supplying masts. This one statement alone on the parliament website conveys the fact they have no understanding of what they are talking about.

    </rant>

    1. Lars Silver badge
      Happy

      (Alcatel/Ericsson/Nokia/Siemens).

      No Alcatel-Lucent is Nokia like that part of Siemens:

      "On 3 November 2016, Nokia completed the acquisition of the company and it was merged into their Nokia Networks division. Bell Labs was still maintained as an independent subsidiary of Nokia.".

      https://en.wikipedia.org/wiki/Alcatel-Lucent

    2. steelpillow Silver badge
      Pint

      Dear AC

      Couldn't have put it better myself. My round, I think.

      What is so sad is that Boris has caved into all the Trumpery and risks this turning into a xenophobic witch-hunt.

      Mind you, an optimistic conspiracy theorist might consider the possibility that this is all an ingenious plot to delay the 5G rollout until we can all come to our senses. If only our politicians had that much foresight!

    3. alain williams Silver badge

      Who operates Huawei kit ?

      Any threat from Huawei does not come from the hardware/software but that we outsource the running of the kit to Huawei. So (if I read that article properly) what we need to do is to stop being penny pinching and train up our own engineers to understand the kit and be able to make it do what we want.

      I suspect that many Huawei staff working in the UK are born Brits and could be tempted to work for a UK company if offered a decent salary. OK: there is more to it than that, but that is the direction in which we should travel. Having the engineers under UK management should help a lot.

      I do agree with all of what the A/C parent says.

      1. Anonymous Coward
        Anonymous Coward

        Re: Who operates Huawei kit ?

        Not only operated, but installed and commissioned by Huawei themselves! BT probably has someone standing there in the dc reading the paper while they do it though, because well, oversight.

        1. steelpillow Silver badge
          Boffin

          Re: Who operates Huawei kit ?

          It is possible to turn off the Huawei kit's connection back home to Mummy and to support it yourself. Even with a nice, cheap routine support contract out to said Mummy, you only need the key to the server room to terminate the contract with extreme prejudice. A little wiresharking or similar will soon tell you if there is a secret backdoor you hadn't found, and a firewall will soon fix that.

          One can only speculate whether the cyberspooks read the user instructions carefully enough to spot this, or whether they actually practise the lockdown techniques they are so fond of preaching on their publicly-available (but expensive) NCSC (formerly CESG) courses.

          Certainly, Trump and some 38 of our Tory MPs (who were among those trying to vote Boris's limited rollout down) have no idea of such niceties - and no wish to be aware of them.

    4. BebopWeBop Silver badge

      shurely </rational></obvious> rather than </rant>?

    5. Gaius

      the usual crop of bad practices and sloppy coding

      Any competently written backdoor is indistinguishable from a bug.

      But you’re right, it’s not as if we even have the option of making it ourselves any more. It’s Huawei or the highway.

  6. macjules Silver badge

    ... a threat to national security

    The House of Commons committee, made up of MPs, wants to find out for itself whether or not Huawei poses a threat to national security, something that nobody has ever raised before and which is bound to uncover lots of new and original insights.

    MPs: Can you keep a secret?

    Huawei: Yes

    MPs: The contract's yours. Now, about those nuclear power stations ...

    1. steelpillow Silver badge
      Megaphone

      Re: ... a threat to national security

      You miss the tiny fact that several years ago the UK set up a special organization to rip apart Huawei kit like no government ever done before, not even the Chinese government, and it came out smelling of roses (OK it needed a little pruning and flyspray, like they all do - don't they, Cisco?) - several times. It actually went more like this:

      MPs: Can Huawei keep a secret?

      Cyberspooks: Probably not. But Huawei kit can, as long as we don't do stupid things with it.

      MPs: No, I mean can Huawei really keep a secret?

      Cyberspooks: >sigh!< Probably not. But Huawei kit can, as long as we don't do stupid things with it.

      MPs: No look, we really need to know, can Huawei keep a secret?

      Cyberspooks: >facepalm!< Probably not. But Huawei kit can, as long as we don't do stupid things with it.

      MPs: Boris, can you ask the cyberspooks if Huawei....

  7. Doctor Syntax Silver badge

    "It does not appear that any of Ellwood's parliamentary colleagues on the committee have any special knowledge of national security matters."

    Do any of them at all, on or off the committee, have the special knowledge to assess the technical aspects?

    1. Benson's Cycle

      I expect there will be big lunches involved, they can assess them.

    2. Androgynous Cupboard Silver badge

      Unlikely, but I'm sure that wont' stop Ian Duncan Smith sharing his opinions with us as facts.

      1. CrazyOldCatMan Silver badge

        Ian Duncan Smith sharing his opinions with us as facts

        ObPedantry: They are almost certainly not *his* opinion, but the opinion he's been given by others..

    3. Mike 137 Silver badge

      Someone does have the special knowledge

      The Huawei Cyber Security Evaluation Centre Oversight Board certainly does, and it produced a very interesting report in 2019.

      I quote (in part) "Overall, the Oversight Board can only provide limited assurance that all risks to UK national security from Huawei’s involvement in the UK’s critical networks can be sufficiently mitigated long-term."

      Again, on a more technical level "HCSEC was tasked with understanding the issues confronting Huawei in creating repeatable builds. The issue in all cases is with Huawei’s underlying build process which provides no end-to-end integrity, no good configuration management, no lifecycle management of software components across versions, use of deprecated and out of support tool chains (some of which are non-deterministic) and poor hygiene in the build environments [...]"

      1. EnviableOne Silver badge

        Re: Someone does have the special knowledge

        They produce great reports, every year, and none of them have said that they are more or less secure than any of the competition's gear and this one basically says:

        Because their coding practice is shoddy and inconsistant they are unable to accuratley assess the risk.

        They also state that Huawei have committed to spending $2bn to fix it over the next five years and that if their processes are fixed, there is every chance they can re evaluate their position.

        On a Pure cost benefit analysis the only way forward is to use the Huawei gear and hope their coding process improves, backed up by the HCSEC's continued assessment and ongoing processes within Huawei.

  8. DrBed
    Devil

    PM's official spokesman told that the gov's ambition was to reduce...

    UK

    1. Muscleguy Silver badge

      Re: PM's official spokesman told that the gov's ambition was to reduce...

      Actual Boris Johnson is DESPERATE to avoid reducing the UK which is why Scotland is currently not in a Union with England/Wales but a hostage situation.

      Mind you we have a First Minister who is wilfully blind about all other internationally attested routes to independence which do not require the permission of the hostage taking country. She is also determined to destroy her party's electoral prospects by caving to EVERYTHING the woke brigade want and deliberately NOT listening to women's groups, at all.

      There are now lots of us Yessers pledging not to vote SNP unless they relent. Twitter is full of such folk for eg. If forced I will spoil both my ballots by writing NO to GRA on them.

  9. Yes Me Silver badge
    Devil

    It all depends on the real remit

    I'm sure that the published remit of any investigation will be nice and unbiased. But the real remit will be mumbled into someone's ear (one would like to think this would happen in the smoking room of an exclusive London club, but those days are probably gone, and surely no club would let Dominant Cunnings in). And the real remit could be an instruction to declare Huawei to be as clean as the Immaculate Conception, or as dirty as COVID-19, depending on where the government's lords and masters have their money invested...

  10. Anonymous Coward
    Anonymous Coward

    No such thing as "good guys"!!

    One law for Huawei (Ban the kit) -- and another for Cisco, Jupiter et al (We're perfectly fine with backdoors and other flaws which allow snooping).

    *

    Am I missing something here?

  11. big_D Silver badge

    Lock them in a room...

    Lock them in a room with the source code from the quality lab that GCHQ and Huawei run and let them out, when they finished reading it.

    1. Anonymous Coward
      Anonymous Coward

      Re: Lock them in a room...

      Pfft, only when they've finished reading it?

      Rather you kept them in there until they could adequately explain what any of the code does...

  12. Spanners Silver badge
    Meh

    Let's be clear

    The main reason not tu use Chinese kit is so that US companies can make more money.

    A secondary and minor reason is that Huawei is not as susceptible to US courts and when some some company owned judge in the USA wants a US corporation to have access to stuff, Huawei will tell him to get lost.

    I would suspect China is less likely to spy on me than the USA. When US spooks finish finding what they want, they will pass it on to a US company, either for money or out of financial patriotism. I find the idea of a Chinese corporation knowing about me less likely to send me junk mail.

    If this is on UK national Security grounds, US back doors in our 5G are precisely as dangerous as Chinese ones but the US ones are less predictable.

    1. Anonymous Coward
      Anonymous Coward

      Re: Let's be clear

      Absolutely. The US already has US telcos and network manufacturers by the balls but doesn't have Huawei and needs to be able to spy on the EU in particular.

      Anyway, there's already more Huawei kit in UK data centres and with BT, EE, Vodafone etc than anybody realises, especially at core and distribution level where they have some very interesting and capable products.

  13. not.known@this.address Bronze badge
    Trollface

    Score another point for Joss Whedon

    Remember who was running everything in Firefly? That's right, The Anglo-Chinese Alliance, led by all those evil English and Chinese corporations... and those brave American three-letter agencies could have stopped it all if it wasn't for those pesky kids^H^H^H un-backdoored network boxes, gorram it!

  14. AnoniMouse

    Keep your friends close but your enemies closer

    Not entirely clear which is which but given that the UK technical experts have assessed that any risks from Huawei can be managed, what on earth do the almost universally techincally and scientifically illiterate MPs think that they can usefully add to the discussion?

  15. IGotOut
    WTF?

    So let me get this right....

    If they do find something, they will therefore be publicly declaring that GCHQ are incompetent?

  16. amanfromMars 1 Silver badge

    High Risk Vendor Machines

    Revealing debate ongoing in Parliament now [1500hrs] .... https://www.bbc.co.uk/iplayer/live/bbcparliament

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020