IEEE says it may have gone about things the wrong Huawei, lifts ban after US govt clearance The US-based Institute of Electrical and Electronics Engineers (IEEE) has lifted its sanctions on Huawei-linked academic reviewers. In an email sent to members, seen by The Register, IEEE president Jose Moura declared the organisation's recent ban on Huawei-linked people peer-reviewing academic papers is over, pleading for the …
They could have researched this before issueing the ban
It's not clear that they could. AIUI, the Big Orange One decreed without warning that "though shalt not deal with X" and that leaves everyone in a tricky situation. If they don't comply, then (as said in the letter) they open themselves up to massive legal liabilities - few can afford to win, let alone lose, in the courts. If they do comply, then they open themselves up to an unjustified (as someone described it) Media Circus.
W.R.T Climate change... I don't think Trump doubts it. Just the man made part. BTW, he pulled out of Paris Accord and the US still lowered their CO2 output at a greater percentage than most other countries. "
Good point. The Japanese have used that wheeze for years to justify ignoring the whaling ban.
You guys seem to have missed the original reason Huawei was banned... The Chinese government has ultimate control over all Chinese businesses. The finding of several lines of server mainboards with camouflaged spy chips embedded and concerns of similar shenanigans on the mobile and network equipment products have led us to this point. I personally won't be using them as I don't feel I can trust that company because of the Government control, and I would really strongly suggest none of you do either. I've seen their latest flagship phone and sure, it's got a very tempting set of features (undoubtedly acquired through IP strong arming done to foreign tech companies who wanted to have facilities in mainland China for economical reasons (since they insist to have full access to R/D of these companies in exchange for slave labor in their country)).
Seriously, if you're concerned about privacy, avoid Huawei at all costs. If you love being pwned by the Chi-Coms, be all means, use this stuff. But don't do it just because the IEEE says they are "A-OK with us"!
You sort of get to choose WHICH set of government snoops are watching your every move - maybe. Of course if you're in the USA, the NSA watches everything you do or, if in the UK, GCHQ performs that service for you. If you use a Huawei phone, MAYBE it reports everything you do to China as well?
But since most of us don't live in China or work on any secret government (whichever government you suffer under) projects, using a Huawei phone wouldn't be a problem, I'd think. If the Chinese (along with the NSA) want to spy on me, let them. The only danger in spying on me is dying of boredom.
Of course there are no pictures. They're camouflaged. Fortunately there are some people in the government with five eyes, which is how they saw them. No one knows how the chips sent the data from the motherboard to China, but of course the Chinese would be keen to keep that process secret, so you can be certain that it's happening - because if it wasn't, you would have seen it.
People thought they were, but I thought it turned out to be a mistake.
Anyways, it isn't the spying suspicions, I think. Instead, placing Huawei on the Entity List is a normal response to the other naughty thing they are supposed to have been doing: selling stuff to Iran.
"...the other naughty thing they are supposed to have been doing: selling stuff to Iran."
The UN sanctions against Iran ended on 16 January 2016, due to an agreement reached between Iran an the UN limiting the developement of Iran's nuclear program, and things were going well until a certain extremely sociopathic "leader of the free world" with far less braincells that hairs in his head (and that's not putting the bar too high) decided to break said treaty and impose sanctions against Iran, again, only this time all by himself. Nowadays, most of the planet, except less than a dozen of shithocountries don't support said sanctions.
If Trump was directly following orders from Putin to isolate the USA from the rest of the world and destroy its economy and global influence, he would be doing precisely what he is doing, but knowing the fecker, we can't totally rule out a mixture of bigotry and incompetence.
If Trump was directly following orders from Putin to isolate the USA from the rest of the world and destroy its economy and global influence, he would be doing precisely what he is doing, but knowing the fecker, we can't totally rule out a mixture of bigotry and incompetence.
The two are not mutually exclusive..
Well, with everyone spying on everyone else, the only option for us tech types is to build our own routers then. This whole kerfluffle just points out that no country is innocent of watching. "Under the spreading chestnut tree, I sold you and you sold me", isn't fiction anymore.
Never understood the strong left lean of this site. The dissonance is legendary and growing daily.
Cheering on a repressive, fascistic, expansionist state? We’re all global citizens, right? Unless you’re American, right?
Decrying every minute deviation of western governments from a mythical citizen’s charter of freedom and equality but flag waving for China as it slaughters and displaces anyone non-Han, tortures and executes dissidents, denies everything it doesn’t like from basic human rights to IP law. But god forbid someone in the west Mis-genders you.
Attacks Brexit for its allegedly potential damage whilst carefully avoiding the phrase ‘in my opinion’ but cheers on Corbyn as he unveils plans to repeat the maelstrom of the 70s.
Attacks IR35 as regressive and punitive and installed by ‘Red Dawn’ Primarolo but votes for an openly Marxist shadow chancellor that would make IR35 seem like a child asking for pocket money.
Except you won’t will you? When you get into the privacy of the booth you’ll think about the 60% tax and £3000 a year garden tax and the banning of cars and vote Tory like you did last time.
>The finding of several lines of server mainboards with camouflaged spy chips embedded
The alleged findings on a stock price 'news' site with no evidence of any chips ever being found. And this applied to a range of chinese MB makers but not Huawei
> But don't do it just because the IEEE says they are "A-OK with us"!
The IEEE didn't say they were A-OK it just said you were allowed to talk to scientist who their employees.
Remember an outfit that tried to build an atom bomb without using any "Jewish science"? How did that work out for them ?
> I personally won't be using them as I don't feel I can trust that company because of the Government control, and I would really strongly suggest none of you do either.
So you don't use Cisco or Juniper either, given the US has exactly the same sort of law as the Chinese one they're complaining about? The main difference is the US Govt is *known* to have sent things like NSLs.
Actually, probably shouldn't buy from home either, as the UK govt has also enacted the same powers under the IPA.
That goes for the economic espionage side of things too, although we've heard much less about that (I suspect, so far).
What the whole Huawei "scandal" stinks of is a country identifying an economic competitor that not only has the early mover advantage, but is also locked in a trade-war with that other country. Note how it seems to be US politicians making the noise, and we're hearing very little actual intelligence.
> The finding of several lines of server mainboards with camouflaged spy chips embedded
You seem to have missed the latter half of the story where the companies that were supposedly targeted (Apple, Dell, HP etc) very very publicly denied the story. Now, they could have been compelled to do so, but given the story was something of a stretch from the outset, it seems more likely it was part of a misinformation campaign that "just" happened to happen in the middle of a trade-spat.
The concerns about government access are very real, but they apply to kit from the US and UK just as much as from China. The difference is that pretty much everyone who'll see your post is in reach of the US and UK Governments, but not in reach of Beijing. I know which I'd be more concerned about.
"What the whole Huawei "scandal" stinks of is a country identifying an economic competitor that not only has the early mover advantage, but is also locked in a trade-war with that other country. Note how it seems to be US politicians making the noise, and we're hearing very little actual intelligence."
And just last week, Trump said that Huawei could be part of a new trade deal with China. It all smells of negotiating tactics. The problem is that Trump is a short termist and China plays a long game. Neither see that a good trade deal benefits both sides because if both economies grow then more trade happens and everybody wins.
"The finding of several lines of server mainboards with camouflaged spy chips embedded and concerns of similar shenanigans on the mobile and network equipment products have led us to this point"
Proof or it didn't happen, and no a Bloomberg article that couldn't back up its claims and was widely question (ridiculed?) is not proof.
" I personally won't be using them as I don't feel I can trust that company because of the Government control"
Way, way more proven government control in Western Tech - see Cisco ad infinitum.
"undoubtedly acquired through IP strong arming" That's called copying and generally copying badly. When they are producing kit that is the leader in their field they are probably innovating in some way?
"Seriously, if you're concerned about privacy, avoid Huawei at all costs."
As a person trying to go about their own business do you really feel that the CHinese spying on you will affect you, your freedom and your liberty more than your own Government (NSA/GCHQ) doing mass surveillance which at any time when they need to question you, stitch you up, force your arm they can bring out out-of-context or embarrassing evidence about you?
If Huawei was such a security concern then why did the Trump insinuate that if China had a more US favourable trade deal they might have their harassment stopped?
You are quite right @steve 1234, you should boycott any device made, manufactured, associated or even gone with in 100 miles of China and its allies.
.
.
.
.
Good, now he's living in a technology free slum of his own devising, that's one more nut job we will never hear from again
"You guys seem to have missed the original reason Huawei was banned... The Chinese government has ultimate control over all Chinese businesses."
I don't think anyone missed that. The problem is that reason is bullshit. Not because China doesn't have such control, but because pretty much every nation has the same amount of control over the business in their territories. Singling China out for punishment because of that is inconsistent and therefore can't be the real reason.
I can only think of two reasons that make any sort of sense -- it's either part of the trade war the US is engaged in, or its part of preparation for a shooting war.
I can only think of two reasons that make any sort of sense -- it's either part of the trade war the US is engaged in, or its part of preparation for a shooting war.
It is part of a shooting war, Trump shooting his mouth off without engaging what passes for his brain.
It's not just the political prisoners and the labor camps. China actually has a different political system than that seen in Russia, India, South Africa, Zimbabwe, the EU, Britain or the USA. I know this seems unbelievable to people who've never been outside their own country, but stay with me: the Chinese government is committed to having only one kind of authority in their country. Art, Religion, Business, Ethnicity: it doesn't matter how apolitical and harmless an organisation or community is, it is a central theory of the present Chinese government that no independent strand of moral, political or social influence should exist.
It's not just about control, or who is at the top and who is at the bottom, or who benefits, or if Government runs Business, or Business runs Government. Only one thread.
Only one thread.
Thank God their government isn't in charge of the CPU business then.
Joking aside, you hit the nail on the head that their political system is wholly different. It does not explain away the atrocities there, but only a government who is without sins can cast the first stone here, and the US is certainly not amongst those.
It took me a couple of reads but I finally understand what you are trying to say. The Chinese government got a sub-contractor to install camouflaged chips in supermicro boards so Chinese companies can't be trusted.
I'm a gonna let you in on a secret, the chips were so well camouflaged they didn't actually exist.
https://www.theregister.co.uk/2018/10/08/super_micro_us_uk_intelligence/
Also, do you realise that the US/UK and a whole host of nations have laws in place where they can tell a company to do something and they aren't allowed to tell anyone or they go to jail?
As for IP strong arming, Huawei hold all the cards when it comes to 5g, why do you think America isn't happy? It could also be a tactic in regard to the current trade dispute. Who really knows?
We're talking about a company owned, essentially, by the communist party in China according to this article: https://www.nytimes.com/2019/04/25/technology/who-owns-huawei.html
Its ownership is rather murky, but the point is that all Chinese companies are required to assist the Chinese government in intelligence operations. read: spying. What is to stop Hawei from building a backdoor into the operating system for the core switches they produce allowing all communications across that switch to be monitored or worse, permanently disable that switch thereby ceasing all communications for that switch? Now replicate that across all of the switching offices that contain Huawei equipment and your country's telecommunications are dead with no recovery but replacement. Call me paranoid, but I'd rather not take that chance with the security of my country with hardware/software from a country that is not exactly my friend and clearly belligerent in some cases.
You're right but where do you stop? All countries are the same and if we want to share and use technology we have to trust each other or we would end up with no standards or shared forms of communication.
The way I look at it is that lets say China did what you propose, it would only be in the event of war otherwise they would decimate their industry because everyone would pull the plug and never buy from or use their equipment again. It's a bit like nuclear war, once that trigger is pulled there is no going back, it also applies to having the capability discovered, it's really not worth the risk for a company or a government. Also in regards to 5g what's the worst they could do? Temporarily knock out the mobile network, sure it's a huge inconvenience with lots of complications but it's not going to topple a government or weaken a country.
"What is to stop Huawei from building a backdoor into the operating system for the core switches they produce allowing all communications across that switch to be monitored or worse, permanently disable that switch thereby ceasing all communications for that switch?"
Maybe the fact that if it were discovered - which it would be, then their business would be completely ruined and the multi-billions dollars they produce would be lost.
What if they agreed that a country's security service could actually sit inside Huawei's research lab checking all the code and hardware for vulnerabilities and faults. I know that would be unprecedented and be a massive concession, but if they did that and any sign of a backdoor could be flagged up would that make them trustworthy? They would definitely be able to find any state inserted backdoors, eh?
Call me paranoid, but I'd rather not take that chance with the security of my country with hardware/software from a country that is not exactly my friend and clearly belligerent in some cases.
Here is a bit of education for you: read the license conditions for ANY telecomms operator in any EU country, or in the US, and see what is mandated about intercept. As for belligerent, you are very selective in how you pick up facts. China only tends to REACT in that way, it rarely starts such a fight.
As for paranoia, I trust a supplier that allows a government function full access and inspection rights, irrespective of from where it hails. Strangely enough, US providers have as yet not volunteered for this, but Huawei has. That makes my choice easy, I stick with the facts.
"Also, do you realise that the US/UK and a whole host of nations have laws in place where they can tell a company to do something and they aren't allowed to tell anyone or they go to jail?"
A number of high profile companies put "Canary" phrases in their annual statements to show they werent under US duress.
I dont know of one Canary phrase still being in place.
I've always wondered about those canary statements- isn't the very canary idea a canard? (I've always wanted to say that, grin).
If you are barred from disclosure, you are barred from disclosure by any means, active or passive. The canary approach should thus result in legally ruffled feathers (sorry), unless it's a letter-of-law versus spirit-of-law thing, and I would still find that a tenuous argument. I don't think it would fly in court.
Like that canary.
The theory in the US is that the Government can prevent speech (with a gagging order/National Security Order), but can't force speech.
So, it can stop you saying "We've been ordered to hand over some data", but can't stop you from not continuing to say "We've never been ordered to hand over some data".
There was an analysis a while back, though, which suggested that in the US it was perhaps questionable whether a canary could actually be removed. In the UK, it was fairly solidly agreed that canaries are useless because the Government orders you to avoid disclosure entirely, and removing your canary would be a breach of that that the courts wouldn't look too lightly upon.
So yeah, at the business level, the value of a canary is fairly questionable. And to be honest, I suspect if they were/are legally valid in the US, we'd have seen some legislation designed to cripple them.
At the individual level, they're even more laughable. Even if they're legally sound, you're then talking about an individual funding their defence against the Government, potentially spending some time in custody while the case gets resolved, and having to deal with appeals all the way up the chain. Many people talk a good game, but you'd have to be extraordinarily dedicated to your cause to go through all that.
I have been waiting a few years for these camouflage spy chips to be found.
There are unknown unknowns, the ones we don't know we don't know about.
Sounds legit to me, avoid their kit!
Something that sounds that dumb should probably be ignored, but in the good ole USA that could probably lead to war.
"You guys seem to have missed the original reason Huawei was banned... The Chinese government has ultimate control over all Chinese businesses. "
You mean The Patriot Act? Oh, sorry, you said China!
Any idea if the US threats to Microsoft over the judicial request for data held by MS Ireland (a seperate company from MS) on servers located in Ireland, a sovereign state, not part of the USA) ever came to anything? And that's not to mention the NSA "security letters)
Any idea if the US threats to Microsoft over the judicial request for data held by MS Ireland (a seperate company from MS) on servers located in Ireland, a sovereign state, not part of the USA) ever came to anything?
Yes, Microsoft fought it, the US government changed the law to make it explicitly legal, Microsoft basically said "OK then, here's the data".
https://www.theregister.co.uk/2018/04/04/microsoft_agrees_doj_cloud_act_renders_email_battle_moot/
https://www.theregister.co.uk/2018/04/17/supreme_court_punts_email_seizure_decision_into_the_long_grass/
As the latter article shows though, things are still "up in the air".
What's also still very clear is that all the puff from Micro$oft about being able to host your data in EU datacentres where it's safe and legal (eg for GDPR purposes) is just a PR smokescreen and IMO (and that of many others) it is not legal at all to host any personal data on any EU citizen or any person in the EU (and that includes email BTW) with any MS service. It's only a mater of time before Privacy ShieldFigleaf gets blown out of the water as Safe Harbour was - and then all those "guarantees" will be legally invalid (again). Other services may also be similarly affected even though, like Micro$oft, they (in theory at least) have legal separation that should avoid the issue).
Given that US law is fundamentally incompatible with things like GDPR, Privacy Figleaf is just a political way of kicking the problem down the road and allow "business as normal" to carry on in the meantime. Unless the US fundamentally changes it's laws, then no amount of legal trickery will avoid an eventual split between "doing business in Europe" and "Doing business in the USA". As the US seems to be heading in the opposite direction, I see "interesting times" ahead - hence the icon as that's what's likely to happen to transatlantic data handling eventually.
It's OT for this thread, but I once tried to follow the complex web of redirects and authentication proxies used when accessing (eg) Office 355* mail. The redirects ping the client all over the globe, using domains under control of the US parent, and authentication servers under control of the US parent. Even if you opt to keep your mail "securely" under Micro$oft Europe's control and stored in an EU datacentre - your login authentication can be routed through anywhere and thus the Micro$oft in the U$ can "play tricks" with your logins to access the data.
* No, that's not a typo, just a reflection of how reliable their email was in the last year or two !
It's easier than that. Just check the email headers of email sent by users of Office 365, even if they mapped it into their own domain name.
You will see that such email has ALWAYS been sent from a US host, so whatever you do, your data had to travel to the US first.
IMHO, Microsoft has been getting away with this for so long they don't even bother to hide it now.
> The finding of several lines of server mainboards with camouflaged spy chips....
We looked and looked and couldn't find any so concluded it was probably a Bloomber journalist's figment of their imagination. (Or, more likely, they misunderstood what a serial Flash memory did....)
The recent Cisco bug, the one with the weird name, is an example of how systems get compromised. I doubt if its something that Cisco deliberately engineered into their systems (and its the sort of probably that could also be present in Huawei kit) but its the kind of thing that does get exploited. Alternatively, there's that WhatsApp buffer overflow bug, a whole spying industry was built on that.
Just as a FYI, if you happen to be someone who lives in the US (California) and works in this biz then you'll know that a lot of your colleagues seem to look like Chinese people. Some are native Californians, some are from Taiwan but by far the majority are from the PRC. If you read academic papers and articles then you'll notice that a lot of them seem to have Chinese people as authors. This could be a dastardly plot to take over the world but I tend to think of it as there being a lot of very clever people in China, its probably due to there being 1.3 billion of them, so they're going to be popping up everywhere. Get used to it.
The finding of several lines of server mainboards with camouflaged spy chips embedded and concerns of similar shenanigans on the mobile and network equipment products have led us to this point
Yes, and has anyone as yet managed to prove that this really was the case? The Chinese probably have very clever scientists too, but if someone managed to cram so much functionality in a chip with only two contact points that could communicate successfully with all the other components to the point of precise control they would be decades ahead in nano sized technology.
I have arrived at a point where I treat any wolf crying from the US where believing would benefit them with a full barrel of salt. They really have little credibility left by now, and that is only partly to blame on Industrial Strength Hairgel 1, and it's not their first marketing campaign.
If anyone previously had any doubt, they now know the IEEE is a US gov't lapdog. Why should Huawei or anyone else contribute? Ironically, now China has valid concern that the IEEE will be used to invalidate their IP rights, since the US seems to have rejected operating through multilateral organizations, such as the WTO.
1) A mostly-volunteer organization hears about a potential legal threat to its operations, and responds by aggressively curtailing activities which might be implicated until the situation clarifies.
2) An organization in a position to embarrass a political opponent sees an opportunity to make a splash, and does so.
3) A US-based international organization joins the zeitgeist of the US government, and only to back off when criticized.
Pick your truth--but consider confirmation bias.
There is, of course, one obvious way to solve the problem once and for all.
The IEEE publish a spy specification that gathers all the data and makes it available via an API to whichever organisation wants to gather it. Then nobody has to worry about which country is grabbing your data, they all are. And if they can turn it into a patent the IEEE can license it to all the technology companies and make a fortune for its members.
#sarcasm
I've got a Huawei phone.......wanna make something of it, orange one?
We already knew - your nearest cell tower is of a US brand. Given that it was still made in China, both spy agencies were immediately informed..
No, I'm not telling you if I'm paranoid. That's none of your business.
:)
Bizarrely, the wording of the original IEEE ban also included no IEEE-branded merchandise being sold to Huawei-linked people – including, of all things, coffee mugs.
In case anyone was wondering, Yes, Huawei coffee mugs are available on the Internet. By now you can probably buy Huawei mugs with the Huawei logo superimposed over an Xed out IEEE
With mis-information, supposition and just poorly understood reporting, it is hard to know what's what in this whole Huawei situation anymore.
The U.S. Government originally banned Huawei and ZTE equipment for U.S. Government (i.e., DoD, FBI, other gov't agencies) use only, back in 2012 due to allegations and intelligence findings that the phones / telecoms equipment may have Chinese state-sponsored backdoors used for gathering intelligence. From a security perspective, I think it is reasonable and sensible to ban such devices for sensitive government use if or until the allegations can be disproved. These agencies need to err on security, regardless of whose equipment is under suspicion. This happened during the Obama administration, BTW, as a matter of perspective.
The current dispute has very little to do with the original alleged security issues and more to do with Huawei's more recent alleged behavior in regards IP infringement as well as violating sanctions against Iran. Trump's administration has not helped by conflating the original security concerns with these new allegations along with the current trade war.
IMO these articles (along with additional links in the articles) provide a fairly balanced background on the whole issue.
https://www.cnet.com/news/huawei-ban-full-timeline-on-how-and-why-its-phones-are-under-fire/
https://www.cnet.com/news/lawmakers-to-u-s-companies-dont-buy-huawei-zte/
https://www.cnet.com/news/how-a-torture-test-robot-figures-into-the-legal-assault-on-huawei/
For that matter, why are quasi-academic standards bodies operating as Corporations in the modern commercial sense ? [ Rather than Corporations in the old University sense who were demented about their independence from outsiders. Oxford ( as distinct from her colleges, became a corporation in that sense in 1231: although obviously it had already been there for around a century earlier ) ].
Apparently, there are also Corporate Universities owned and founded by commercial entities, as in a Microsoft College of Commercial Trust or a KFC Institute for Cordon Bleu Cheffery.
...that this was just the IEEE taking the piss?
There is an edict published saying that any organisation with an office in the USA is part of the USA Empire and must not touch Huawei with a barge pole under any circumstances.
Committee convenes somewhere suitably comfortable and libation friendly.
"What are these idiots on about? This is far too broad brush.
Not sell anything to Huawei? Anything????????
FFS we could become a terrist organisation by someone in Germany selling a coffee mug to a Huawei employee!!!
OK. Lets make a quick list of all the ways any IEEE member anywhere in the world might interact with Huawei including employees anywhere in the world.
Publish and promote it to show that we intend to comply completely with every aspect of this ruling.
Don't forget the coffee mugs!"
The rest is history.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
