dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
13
share rss forum feed


jp_zer01

@videotron.ca
reply to aqk

Re: HUAWEI in Canada. And right beside (900ft!) the USA border.

It's all crap. Huawei is a private company whose success lies with its integrity. The security threat is vastly overstated and no tampering/espionage issue has ever been documented.

I'd sooner believe that the US is trying to muddy the waters as to protect its own telecom equipment companies. So what if the founder has served in the Chinese army? Pretty sure Canada is on good terms with China anyways so this is just libel IMO.

DSL_Ricer
Premium
join:2007-07-22
kudos:3
I've heard stories from employees of one of Huawei's competitors, and the topic of their espionage does occasionally come up.

Now, this is entirely hearsay but supposedly, for a while, wherever either Ericsson or Alcatel-Lucent would open offices, Huawei would too, within a few kilometers. This resulted in there being two Huawei branches in the same city, within a few km of each other. Furthermore, in their internal product feature roadmap, they started adding bogus features, because they noticed Huawei feature announcements to be rather interestingly timed. The bogus features started showing up too.

The more general allegation against Huawei is that it's backed by Chinese government money, with everything that brings with it.


Gone
Premium
join:2011-01-24
Fort Erie, ON
kudos:4
reply to jp_zer01
said by jp_zer01 :

I'd sooner believe that the US is trying to muddy the waters as to protect its own telecom equipment companies.

... um, what companies would those be, exactly?

If it's not Chinese, it's European.

HeadSpinning
MNSi Internet

join:2005-05-29
Windsor, ON
kudos:5
said by Gone:

said by jp_zer01 :

I'd sooner believe that the US is trying to muddy the waters as to protect its own telecom equipment companies.

... um, what companies would those be, exactly?

If it's not Chinese, it's European.

There are a handful of US telecom manufacturers in the access space like Zhone and Calix.

Although I have no proof, I wouldn't put it past the Chinese manufacturers to put hooks for back doors right in the firmware/microcode of their chipsets.
--
MNSi Internet - »www.mnsi.net


newBell

@bell.ca
reply to DSL_Ricer
said by DSL_Ricer:

I've heard stories from employees of one of Huawei's competitors, and the topic of their espionage does occasionally come up.

Now, this is entirely hearsay but supposedly, for a while, wherever either Ericsson or Alcatel-Lucent would open offices, Huawei would too, within a few kilometers. This resulted in there being two Huawei branches in the same city, within a few km of each other. Furthermore, in their internal product feature roadmap, they started adding bogus features, because they noticed Huawei feature announcements to be rather interestingly timed. The bogus features started showing up too.

The more general allegation against Huawei is that it's backed by Chinese government money, with everything that brings with it.

Perhaps it is easier to co-locate with other telecom companies so that they can get experienced workers? Didn't Cisco open up shop in Ottawa to get all the Nortel/Newbridge/Mitel folks?

And having more than one "branch" per city is suspicious? Darn, Nortel buildings were everywhere in Ottawa.

Disclaimer: I don't work for any companies I mentioned above.


El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL
reply to HeadSpinning
said by HeadSpinning:

Although I have no proof, I wouldn't put it past the Chinese manufacturers to put hooks for back doors right in the firmware/microcode of their chipsets.

Even if, wouldn't you (or any other network operator for that matter) notice that your data was being re-routed rather quickly?

Creating a huge issue for both Huawei and China in general?
--
Everything in moderation... Including Moderation --Oscar Wilde

DSL_Ricer
Premium
join:2007-07-22
kudos:3
Re-routed?

"Law-full" access interfaces don't change routes. They just send a copy to whoever requests it.


El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL
said by DSL_Ricer:

Re-routed?

"Law-full" access interfaces don't change routes. They just send a copy to whoever requests it.

Bad terminology on my part. Assuming a copies were being sent back to China (or Huawei) the network operator would (should?) notice.

At least that what I meant to say, feel free to add if you think that isn't an accurate assessment.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com
Communication systems sold already have capabilities for backdoor law enforcement access as part of the requirement. What if they have a way to use the same back door for spying specific target and recover the data without the customers knowing. Here is a scenario...

What if they were to collect the data silently and encrypted into internal normally unused non-volatile storage. After a few years when the storage is full or external trigger (say exception packets processed by the CPU matches certain CRC & payload signature), the equipment would "crash" and dump out the encrypted log file into the coredump.

The "helpful" support people at the China site would recommending the customer to ftp over their core dump. They would send them a "test load" a couple days later that magically "fixes" the system and to cover the track or "re-target" the system.


El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL
said by Ott_Cable :

What if they were to collect the data silently and encrypted into internal normally unused non-volatile storage. After a few years when the storage is full or external trigger (say exception packets processed by the CPU matches certain CRC & payload signature), the equipment would "crash" and dump out the encrypted log file into the coredump.

The "helpful" support people at the China site would recommending the customer to ftp over their core dump. They would send them a "test load" a couple days later that magically "fixes" the system and to cover the track or "re-target" the system.

Although I agree with you that this is possible, there are several issues with what you're proposing.

1) Information gets outdated fast.

2) Chances are most ISPs/Telcos would be doing their own support.

2.b) Most shops finding encrypted info on a router would likely be flashing their own firmware and would find it rather quickly.

3) the vector of attack is just too broad... why bother doing this through Huawei when you can outsource this to a cyber-espionage team that can get the targeted information your government needs and provide maximum deny-ability?

I think this whole scam is protectionism masquerading as patriotism.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com
>2) Chances are most ISPs/Telcos would be doing their own support.

It is not a CPE I am talking about as the hardware barely have enough resources to do anything nor aggregate enough of data to be useful. I have dismissed that right at the beginning for cable Modem thread.

If it is in a cell phone tower per topic, you certainly won't find any pieces that can be serviced by the provider's own tech.

Network equipments sitting at the providers are the ones that are "banned". They are not for DIY supports. The vendor charge good money for a support contract for exactly this reason.


El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL
said by Ott_Cable :

If it is in a cell phone tower per topic, you certainly won't find any pieces that can be serviced by the provider's own tech.

Network equipments sitting at the providers are the ones that are "banned". They are not for DIY supports. The vendor charge good money for a support contract for exactly this reason.

You may be correct but that still doesn't make the vector of attack any better.

My real issue with this, is why bother harvesting a bunch of useless crap from a cellphone tower, which is less effective, and much more liable than a directed cyber-attack?

I'm not denying that the Chinese are involved in some serious political and industrial espionage, I'm just saying doing it through a commericial enterprise that depends on goodwill from both its clients and foreign government isn't the way to do it.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com
I am just pointing out that the opportunities are there and not necessarily the motives. My scenario is what I can come up within minutes of reading your initial post. The best kind of stealing things are when the security guard even help you out opening the doors when you try to pull out a trolley full of "goodies" out the front door or shipping area with nothing other than a dog tag, a clip board and some cheap vinyl prints on a van. (It can be a few hours of posting delays as I am being an Anon here.) I am sure the ones in the "game" can do a lot better.

My position is not on the side of the actual vendor doing the attack. There are no gains nor needs for the vendor in question doing so. As I have previously pointed out, it is far more easier for China (as a nation) to put backdoor into other vendors' products to shift blame and position them in places China's own product can't. How many times have you heard of a FLASH stick or some hardware products having a virus straight from the factory. Once again the opportunities are there.

As for industrial espionage, why does China even need to do that when US manufacturers offshore their manufacturing and provide full packets of engineering spec including full bill of material, mechanical blue prints, logos, PCB layout files, firmware files, testing procedure and even trouble shooting support to building their products. Some of them even get access to full training and to full source code access when those corporation setup shop in China doing sustaining or even full R&D for new products.

Political influence is easy. Look at Emperor Harper etc and how easily they bend over backwards for corporations.


El Quintron
Resident Mouth Breather
Premium
join:2008-04-28
Etobicoke, ON
kudos:4
Reviews:
·TekSavvy Cable
·TekSavvy DSL
said by Ott_Cable :

I am just pointing out that the opportunities are there and not necessarily the motives. My scenario is what I can come up within minutes of reading your initial post.

That was some serious anon-lag, I been waiting to read your post for hours now.

More on this later, I have a bit of work to catch up on.
--
Everything in moderation... Including Moderation --Oscar Wilde


Ott_Cable

@teksavvy.com
BTW this is an interesting article. Whoever done is very smart in bouncing that data to a 3rd party phone (could be a burner) on the network in real time. The equipment is made by Ericsson and time frame is 2004.

»spectrum.ieee.org/telecom/securi···affair/0
"COVER - The Athens Affair - How some extremely smart hackers pulled off the most audacious cell-network break-in ever"

>To diagnose the failures, which seemed highly unusual but reasonably innocuous at the time, Vodafone contacted the maker of the switches, the Swedish telecommunications equipment manufacturer Ericsson.

>We now know that the illegally implanted software, which was eventually found in a total of four of Vodafone's Greek switches, created parallel streams of digitized voice for the tapped phone calls. One stream was the ordinary one, between the two calling parties. The other stream, an exact copy, was directed to other cellphones, allowing the tappers to listen in on the conversations on the cellphones, and probably also to record them.