Reply to post: Re: design

Europe publishes 5G risk assessment; America scrawls ‘Huawei’ on the side of a nuke and goes for a ride

Anonymous Coward
Anonymous Coward

Re: design

The risks to be assessed are:

1 - possibility of firmware having a bug that allows unauthorised monitoring of communications (i.e. unintentional)

2 - possibility of firmware having a backdoor that allows unauthorised monitoring of communications (i.e. unintentional)

3- possibility of suppliers staff accessing unauthorised information (either intentionally or unintentionally)

4 - system availability requiring supplier support

The risk of 1 will be similar between suppliers. With "untrusted suppliers", the risk of 2/3 is marginally higher but can be mitigated by designs creating more separation of responsibilities and supervision/monitoring by the telco. I would argue that the differences between a "trusted" and "untrusted" supplier should be close to zero.

For 4, I would point at O2's Ericsson certificate issues (https://www.theregister.co.uk/2018/12/06/ericsson_o2_telefonica_uk_outage/) as an example of the real risk with these systems. Operating these systems in the event of a country being sanctioned or worse would present significant risks.

Which then moves the conversation onto international relations, who you really trust and what are possible future issues and can you run the 5G network independently from the supplier.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2019