dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
3534
share rss forum feed


bantamcc

@bell.ca
reply to aqk

Re: HUAWEI in Canada. And right beside (900ft!) the USA border.

Bah !

Just more hyperbore. Friggin media must've had a slow week !

;-(



FiReSTaRT
Premium
join:2010-02-26
Canada
Reviews:
·Velcom

As someone already mentioned, they could have bought land in the US and even paid almost Chinese wages to the poor people down there, if they really wanted to spy. There's no practical reason to build in Canada where the land and the workers are more expensive, the taxes are a lot greater and they have to jump through many regulatory hoops in comparison with the US.
--
If you have an apple and I have an apple and we exchange these apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas.
—George Bernard Shaw


MaynardKrebs
Heave Steve, for the good of the country
Premium
join:2009-06-17
kudos:4
reply to aqk

said by aqk:

But upon noting that a string of towers were to be erected along the US/Canada border, I started to think "WTF?"

They're for the searchlights and the motion-activated machine guns.....to protect our borders.


El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL
reply to HeadSpinning

said by HeadSpinning:

Although I have no proof, I wouldn't put it past the Chinese manufacturers to put hooks for back doors right in the firmware/microcode of their chipsets.

Even if, wouldn't you (or any other network operator for that matter) notice that your data was being re-routed rather quickly?

Creating a huge issue for both Huawei and China in general?
--
Everything in moderation... Including Moderation --Oscar Wilde

bemis

join:2008-07-18
Reading, MA
Reviews:
·Comcast
reply to FiReSTaRT

said by FiReSTaRT:

As someone already mentioned, they could have bought land in the US and even paid almost Chinese wages to the poor people down there, if they really wanted to spy. There's no practical reason to build in Canada

FTFA:
...the U.S. and Australia have already blocked Huawei from major telecom projects in those countries, and otherwise made it clear they regard China's largest telecommunications company as a potential security threat.

So my guess is that it would not be so easy for them simply buy US land to erect towers on their own.

MaynardKrebs
Heave Steve, for the good of the country
Premium
join:2009-06-17
kudos:4

said by bemis:

said by FiReSTaRT:

As someone already mentioned, they could have bought land in the US and even paid almost Chinese wages to the poor people down there, if they really wanted to spy. There's no practical reason to build in Canada

FTFA:
...the U.S. and Australia have already blocked Huawei from major telecom projects in those countries, and otherwise made it clear they regard China's largest telecommunications company as a potential security threat.

So my guess is that it would not be so easy for them simply buy US land to erect towers on their own.

That is so 99% thinking.

Many cell towers in the US are owned by independent tower companies and carriers lease space on them, or may even lease just the capacity that others install.

Front companies are rarely checked out to see who really owns them.

Say Huawei (China) sets up ACE telecom (Singapore), which in turn owns Telco Infrastructure (Ireland), which in turn owns Telco Infrastructure (BVI) with nominee officers/directors. The BVI company then incorporates TI Corporation (Delaware) and hires Coldwell Banker to act on their behalf to buy land.

All the incorporations are done in low/no taxation jurisdictions, so that in and of itself raises no alarms. The nominee directors in the BVI stop a further traceback for the most part. And the name on the land deed will be a red, white, and blue American company nominally headquartered in Delaware - just like so many others.

bemis

join:2008-07-18
Reading, MA
Reviews:
·Comcast

said by MaynardKrebs:

You're right, they can use shell companies, etc... who is to say they are not already doing this, and the add'l towers in Canada are merely a secondary method of keeping tabs? Of course that is truly paranoid.

I would also assume that our governemnt, at some level, if reasonably capable of following the trail back to whoever the original owners are.

Another thought is that even if they do setup in the US, it would not be a huge stretch to have our government wield some quiet and heavy power to inspect, dismantle or other tamper with, equipment on towers located on US soil. While I assume they would be able to do the same on Canadian soil, esp near a large and unguarded border, I would assume it would not be easy to keep it quiet without the Canadian government if things were discovered.

More to the point tho really, is what exactly would Huawei, or China, have to gain from snooping along the border? Seems like a relatively uninteresting place... unless of course they wanted to use those towers to help people/objects transition from Canada into US soil?

BTW, I'm not actually this paranoid, this more indulging in fantasy. I think Huawei has only commericial interests at heart, tho I do believe they would become a threat if relations bewteen China and the US soured.

MaynardKrebs
Heave Steve, for the good of the country
Premium
join:2009-06-17
kudos:4

said by bemis:

..... it would not be a huge stretch to have our government wield some quiet and heavy power to inspect, dismantle or other tamper with, equipment on towers located on US soil.

A few shaped charges strapped to the tower legs will do.

»www.controlled-demolition.com/

DSL_Ricer
Premium
join:2007-07-22
kudos:3
reply to El Quintron

Re-routed?

"Law-full" access interfaces don't change routes. They just send a copy to whoever requests it.



El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL

said by DSL_Ricer:

Re-routed?

"Law-full" access interfaces don't change routes. They just send a copy to whoever requests it.

Bad terminology on my part. Assuming a copies were being sent back to China (or Huawei) the network operator would (should?) notice.

At least that what I meant to say, feel free to add if you think that isn't an accurate assessment.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com

Communication systems sold already have capabilities for backdoor law enforcement access as part of the requirement. What if they have a way to use the same back door for spying specific target and recover the data without the customers knowing. Here is a scenario...

What if they were to collect the data silently and encrypted into internal normally unused non-volatile storage. After a few years when the storage is full or external trigger (say exception packets processed by the CPU matches certain CRC & payload signature), the equipment would "crash" and dump out the encrypted log file into the coredump.

The "helpful" support people at the China site would recommending the customer to ftp over their core dump. They would send them a "test load" a couple days later that magically "fixes" the system and to cover the track or "re-target" the system.



El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL

said by Ott_Cable :

What if they were to collect the data silently and encrypted into internal normally unused non-volatile storage. After a few years when the storage is full or external trigger (say exception packets processed by the CPU matches certain CRC & payload signature), the equipment would "crash" and dump out the encrypted log file into the coredump.

The "helpful" support people at the China site would recommending the customer to ftp over their core dump. They would send them a "test load" a couple days later that magically "fixes" the system and to cover the track or "re-target" the system.

Although I agree with you that this is possible, there are several issues with what you're proposing.

1) Information gets outdated fast.

2) Chances are most ISPs/Telcos would be doing their own support.

2.b) Most shops finding encrypted info on a router would likely be flashing their own firmware and would find it rather quickly.

3) the vector of attack is just too broad... why bother doing this through Huawei when you can outsource this to a cyber-espionage team that can get the targeted information your government needs and provide maximum deny-ability?

I think this whole scam is protectionism masquerading as patriotism.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com

>2) Chances are most ISPs/Telcos would be doing their own support.

It is not a CPE I am talking about as the hardware barely have enough resources to do anything nor aggregate enough of data to be useful. I have dismissed that right at the beginning for cable Modem thread.

If it is in a cell phone tower per topic, you certainly won't find any pieces that can be serviced by the provider's own tech.

Network equipments sitting at the providers are the ones that are "banned". They are not for DIY supports. The vendor charge good money for a support contract for exactly this reason.



El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL

said by Ott_Cable :

If it is in a cell phone tower per topic, you certainly won't find any pieces that can be serviced by the provider's own tech.

Network equipments sitting at the providers are the ones that are "banned". They are not for DIY supports. The vendor charge good money for a support contract for exactly this reason.

You may be correct but that still doesn't make the vector of attack any better.

My real issue with this, is why bother harvesting a bunch of useless crap from a cellphone tower, which is less effective, and much more liable than a directed cyber-attack?

I'm not denying that the Chinese are involved in some serious political and industrial espionage, I'm just saying doing it through a commericial enterprise that depends on goodwill from both its clients and foreign government isn't the way to do it.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com

I am just pointing out that the opportunities are there and not necessarily the motives. My scenario is what I can come up within minutes of reading your initial post. The best kind of stealing things are when the security guard even help you out opening the doors when you try to pull out a trolley full of "goodies" out the front door or shipping area with nothing other than a dog tag, a clip board and some cheap vinyl prints on a van. (It can be a few hours of posting delays as I am being an Anon here.) I am sure the ones in the "game" can do a lot better.

My position is not on the side of the actual vendor doing the attack. There are no gains nor needs for the vendor in question doing so. As I have previously pointed out, it is far more easier for China (as a nation) to put backdoor into other vendors' products to shift blame and position them in places China's own product can't. How many times have you heard of a FLASH stick or some hardware products having a virus straight from the factory. Once again the opportunities are there.

As for industrial espionage, why does China even need to do that when US manufacturers offshore their manufacturing and provide full packets of engineering spec including full bill of material, mechanical blue prints, logos, PCB layout files, firmware files, testing procedure and even trouble shooting support to building their products. Some of them even get access to full training and to full source code access when those corporation setup shop in China doing sustaining or even full R&D for new products.

Political influence is easy. Look at Emperor Harper etc and how easily they bend over backwards for corporations.



El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL

said by Ott_Cable :

I am just pointing out that the opportunities are there and not necessarily the motives. My scenario is what I can come up within minutes of reading your initial post.

That was some serious anon-lag, I been waiting to read your post for hours now.

More on this later, I have a bit of work to catch up on.
--
Everything in moderation... Including Moderation --Oscar Wilde


aqk

join:2006-07-17
Elgin, QC
kudos:1
reply to aqk

Re: HUAWEI in Canada. Well, WTF.

Well, WTF indeed. The 20th Century as Sir William Laurier said, belongs to Canada.
Now it's, um, the 21ST CENTURY. It is now Huawai's turn.
Nortel, move over. Oh. Sorry you're already dead. So soon? Well, except for Roth's Giga$$$. Is he on a yacht somewhere now?
So- Canucks, just STFU, and get back to whatever menial labour you happen to be good at. (Better be good at something!)

AMERICA? You're next. And Obama ain't gonna save you. Sorry.
Vent more spleen at <b>

»www.youtube.com/watch?v=AnynnG8UCsQ
</b>
Not much has changed in Canadian Internet recently.. LOL!


Ott_Cable

@teksavvy.com
reply to El Quintron

Re: HUAWEI in Canada. And right beside (900ft!) the USA border.

BTW this is an interesting article. Whoever done is very smart in bouncing that data to a 3rd party phone (could be a burner) on the network in real time. The equipment is made by Ericsson and time frame is 2004.

»spectrum.ieee.org/telecom/securi···affair/0
"COVER - The Athens Affair - How some extremely smart hackers pulled off the most audacious cell-network break-in ever"

>To diagnose the failures, which seemed highly unusual but reasonably innocuous at the time, Vodafone contacted the maker of the switches, the Swedish telecommunications equipment manufacturer Ericsson.

>We now know that the illegally implanted software, which was eventually found in a total of four of Vodafone's Greek switches, created parallel streams of digitized voice for the tapped phone calls. One stream was the ordinary one, between the two calling parties. The other stream, an exact copy, was directed to other cellphones, allowing the tappers to listen in on the conversations on the cellphones, and probably also to record them.


freejazz_RdJ

join:2009-03-10
kudos:1
reply to aqk

They are building out because they are using the deferral account money to pay for part of it and perhaps due to CBSA as others mentioned. And the Huawei thing is a non-issue IMHO. Every vendor has manufacturing and some R&D in China. If the PRC really wanted to hack people, they could do something at the manufacturing stage for basically every electronic device out there.