Some of us build our own routers ...
... using off-the-shelf parts and FOSS. It's not exactly rocket science.
Critics of a recent report by US lawmakers highlighting serious national security concerns with Huawei and ZTE have argued that their internal Communist Party committees, which are slammed in the report, are actually a feature of most foreign firms in China. The House of Representatives Intelligence Committee finally released …
The data center downstairs has dual redundant aging "beta-only" OC-96 connections ... it works for me. I maintain a couple of OC-768 connections between $telco and the companies involved. All run on over-the-counter hardware and BSD (Slackware for the human interface).
I won't get into the major Usenet system I consult for ... That shit would probably make your hair curl.
::shrugs::
"OC-96? that's fairly esoteric."
See where I typed "aging" and "beta-only"? Guess why.
"what do they terminate on?"
That's proprietary. See "beta" (actually, the six of 'em are more properly called pilot-build; they never officially entered Beta). It's a kludge built by Sun/IBM/3M/NET/cisco back in 1987. I have six of the ~40ish nodes built (four in use, two as spares). The fiber is provided to me by $telco because I wrote it into the contract nearly a quarter century ago when I was testing the new kit as an "outside observer" ... When the project was canceled, I purchased the nodes as "scrap" out of NET's MRB. Having friends in low places is handy sometimes.
"And you route OC-768 on over-the-counter hardware?
"I call bullshit."
My counter is probably a lot higher than your counter. Keeps the smell down on my end. My point is that you don't need bespoke boxen, not even for high-end gear. You CAN build it in house, and in most cases (assuming the cognizant engineer has clues), it'll work a lot better FOR THAT COMPANY than generic kit.
Isn't the point of the hullabaloo about Chinese kit that it's not trustworthy? You don't have to do a lot of searching to find plenty of articles about techs backdooring their corp networks for the day they get fired and want revenge. How does DIY network gear alleviate the common goal of 'trustworthy' gear??
By all means. I've been arguing for years that we have a
. higher ROI
. complete security audit trail
. complete system state and patch governance
if companies build their hardware and at least the OS themselves. It's so easy to build together a high available, fully supported solution, which, over the course of 2 years with the salary of two system engineers included, costs LESS than the equivalent COTS solution with an expensive support and monitoring contracts, which still requires two system engineers. I've got the numbers, there are eye watering savings possible.
This can include building the OS (our own Linux based distro), proxy, web and web application server, and database servers, SAN, network routers, PCI-DSS compliancy etc.
Fair enough, there are limits, such as building an HSM, but overall, I don't understand why companies still today throw money at some established vendor for expensive support contracts with a bit of hardware and software attached.
But don't take my word for it, look what one of the most successful companies on this planet do, they make sure they keep their wisdom in-house (e.g. Google).
"I don't understand why companies still today throw money at some established vendor for expensive support contracts with a bit of hardware and software attached."
Redundancy - in both senses of the word. Who supports the in-house infrastructure when you get a new job (or get hit by a bus!)?
--- Redundancy - in both senses of the word. Who supports the in-house infrastructure when you get a new job (or get hit by a bus!)? ---
That depends. Is your company run by accountants, or by engineers? If the first... no one. If the second, backup staffing and only THEN outside contractors.
Keep your friends close, and your enemies closer.
A. Quaker
Coat, because that's what accountants call REDUNDANT.
--- Redundancy - in both senses of the word. Who supports the in-house infrastructure when you get a new job (or get hit by a bus!)? ---
That depends. Is your company run by accountants, or by engineers? If the first... no one. If the second, backup staffing and only THEN outside contractors.
Keep your friends close, and your enemies closer.
-- A. Quaker
Coat, because that's what accountants call REDUNDANT.
Is not most of the world's tech kit made in China now, including Cisco? And the the chips inside them?
From a national security aspect the yanks have been sold down the line by the majority of US corporations who moved design and manufacture to China due to the lower costs and thus higher profits. Too late to worry about China having knowledge/access now.
If it matters that much, why not insist on open source designs so it can all be independently verified. Open source != free, as I hope you know.
So the Chinese are crazy prepared, is that it?
> Making an education offensive.
Why do you want to have offensive education?
> Make it affordable for people to study engineering.
I don't think that the price tag of engineering curricula or the current skill set is much of a problem.
It's just that stuff from <whatever far eastern company> can - at the present time - be had at a better price than if it was produced locally. Which of course is A-OK, because that means you don't need to shell out $$$ for your kit and can invest it in something else.
It is of course true that this only happens because the US can print up money at will [or else promise tax revenues from the future] for continued infinite imports. This is not A-OK. Take that away and prices might very well balance at some time.
Btw, an economic system does not allow you to "make it affordable" just like that. That's like demanding that the solution to your differential equation should have a certain shape. It doesn't work like that. Something has to give.
"... most of its rivals including US flag-bearer Cisco have at least some part of their supply chain located in the People’s Republic and so should be subject to the same scrutiny by Washington."
They have a point. I can't remember the last time I unboxed a piece of Cisco equipment that was not labelled "Made in China". It always seems ironic when Cisco make such a fuss about Export Administration Regulations, when downloading software updates for their Chinese manufactured kit.
Obviously having shadowy figures controlling an organisation whose intent is to steer decisions in favour of the well-being of the general population is much worse than having shadowy figures controlling an organisation purely for their own benefit.
The US sure knows how to ensure a fair and open market/society doesn't it?
Its ok for the US to have backdoors in systems, its ok for the Israeli's intelligence to be all over everything produced in Israel and to have active monitoring in various telco's infrastructure even if its not Israeli kit).
But when China does it ohhhh nooo.
Taken rationally and on the basis of the last say 30 years - which countries are most likely to act irrationally on a Global scale. Hint - it aint China.
Anon - not that that will save me.
If it's ok for US to have backdoors in systems and Chinese companies make the systems, why do the Chinese need to install backdoors? They are within the original design that China is making for the yanks. All the Chinese need do is use the backdoors that the yanks require in the Chinese made product.
and then "...We can now remove the bugs from the source of the compiler and the new binary will reinsert the bugs whenever it is compiled. Of course, the login command will remain bugged with no trace in source anywhere... The moral is obvious. You can't trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code"