Join 3,520 readers in helping fund MetaFilter (Hide)


on Huawei from non-Chinese in China
October 8, 2012 4:57 PM   Subscribe

In light of the US House Intelligence Committee recommendation that American companies should be blocked from carrying out mergers and acquisitions involving two Chinese telecommunications firms, ZTE and Huawei, how do people in the telecommunications industry think about Huawei? And what is really going on with the Shenzhen-based ICT conglomerate? Hosts Kaiser Kuo and Jeremy Goldkorn of the Sinica Podcast (recorded in Beijing) cover Huawei in depth in August at The Huawei Enigma with guests David Wolf and Will Moss.
posted by gen (39 comments total) 8 users marked this as a favorite

 
Huawei seems legit, just a privately held telecom. I don't really see the big deal there beyond "ooooh, China, scary!".

ZTE looks more like... Well, consider something like Lockheed, a "private" firm but so tightly in bed with the government that even their own mothers wouldn't trust them.

That said (about Huawei), keep in mind the not-too-long-ago NSA / AT&T "deals". Our government may do well to fear Chinese "private" investment in our telecom infrastructure, because our government knows how easily someone can abuse that position of trust by the American people.
posted by pla at 5:05 PM on October 8, 2012 [8 favorites]


posted by pla at 1:05 on October 9

Eponysterical.
posted by acb at 5:24 PM on October 8, 2012 [8 favorites]


If I were the US Government I wouldn't buy Huawei (or ZTE) and if I were the PRC I wouldn't buy Cisco. The chances of successful shenanigans are low but the potential payoff is so gob-smackingly enormous you basically have to treat it as a threat.
posted by Skorgu at 5:34 PM on October 8, 2012 [4 favorites]


Luckily we can invest in domestic telecommunications companies that only conspire with the FBI, CIA and NSA.
posted by ryoshu at 5:42 PM on October 8, 2012 [5 favorites]


Uhhh being a Chinese spy is still a JOB why do you want to stop JOB CREATORS socialist congressmen?
posted by Potomac Avenue at 5:45 PM on October 8, 2012 [5 favorites]


Or Swiss companies which conspire with the NSA (like Crypto AG, who crippled the key generation mechanism on their crypto machine at the NSA's request in the 1980s).

Of course, what's not to say that there aren't back doors in CPUs which, when they see a certain pattern in a block of memory (such as a packet received from the TCP/IP driver) will switch off memory protection and/or execute code following said pattern?
posted by acb at 5:47 PM on October 8, 2012 [1 favorite]


Man, I was super-excited up until the word "involving".
posted by DU at 5:54 PM on October 8, 2012 [1 favorite]


Do design engineers in the electronics industry die mysterious deaths, the way some microbiologists do, whose work coincidentally overlaps with secret arms research?
posted by Blazecock Pileon at 5:54 PM on October 8, 2012


Huawei? The company that admitted stealing Cisco code whole cloth to get to market, not even bothering to obscure Cisco strings? I'm sure they're totally above board.
posted by kjs3 at 5:58 PM on October 8, 2012 [10 favorites]


Huawei? The company that admitted stealing Cisco code whole cloth to get to market

It's interesting you mention that.

One of the commentators in this discussion talks about how Hershey is said to have stolen the recipe for chocolate from the Swiss. I don't know if that's true or not but it's clear to me that there are many examples of corporate theft from major companies on both sides of the Pacific.
posted by gen at 6:06 PM on October 8, 2012


Seems like there's a little bit of a difference between chocolate syrup and a network firewall, in terms of both national security and dessert toppings.
posted by jenkinsEar at 6:18 PM on October 8, 2012 [9 favorites]


One of the commentators in this discussion talks about how Hershey is said to have stolen the recipe for chocolate from the Swiss.

If so, the spy's handwriting is fucking terrible because Hershey's tastes like off-brand crayons.
posted by Inspector.Gadget at 6:18 PM on October 8, 2012 [37 favorites]


Huawei seems legit, just a privately held telecom. I don't really see the big deal there beyond "ooooh, China, scary!".


Until we develop microscopy techniques along with de-compilers for circuits that are studly enough to decompile today's chips, it is scary to give a Chinese corporation the ability to install backdoors to major portions of the Internet inside the US.
posted by ocschwar at 6:21 PM on October 8, 2012 [4 favorites]


just a privately held telecom

From reading the report, it seems that Huawei failed spectacularly at reassuring the Committee that nothing was amiss with its relationship with the Chinese State. Huawei botched explaining the internal party committee, soft loans from state-owned banks, and China's national champion policy.

The report is here.

My favourite part so far: it appears that under Chinese law, ZTE and Huawei would be obligated to cooperate with any request by the Chinese government to use their systems or access them for malicious purposes under the guise of state security.
posted by kithrater at 6:26 PM on October 8, 2012 [3 favorites]


One of the commentators in this discussion talks about how Hershey is said to have stolen the recipe for chocolate from the Swiss. I don't know if that's true or not but it's clear to me that there are many examples of corporate theft from major companies on both sides of the Pacific

Yes, and probably the most famous example of all is probably that of Samuel Slater who memorized the definitely-not-available-for-export plans to British spinning machines so he could start up a textile mill in Rhode Island and bring the Industrial Revolution to America.
posted by RonButNotStupid at 6:26 PM on October 8, 2012 [1 favorite]


kithrater : it appears that under Chinese law, ZTE and Huawei would be obligated to cooperate with any request by the Chinese government to use their systems or access them for malicious purposes under the guise of state security.

You have heard of National Security Letters, right?

Tu quoque may not validate, but in this case, it should raise a few eyebrows.
posted by pla at 6:31 PM on October 8, 2012 [1 favorite]


You have heard of National Security Letters, right?

Yes, that was my point: the Committee is to be commended for its services in ensuring the world's Pot-Kettle-Black supply never runs dry.
posted by kithrater at 6:32 PM on October 8, 2012 [2 favorites]


If FX's DEFCON presentation [PDF] can be believed, Huawei kit doesn't need back doors, but is so riddled with old-school security holes that nobody with a strong interest in even basic security would consider using it. Interview with FX from earlier this year. Perhaps the fact that the kit is produced by a Chinese company isn't actually the important thing here, but there are still legitimate reasons to be concerned as to its security implications?
posted by Craig Stuntz at 6:42 PM on October 8, 2012 [2 favorites]


Huawei being way deep in the pocket of the 3PLA is not exactly news. The Seventh Bureau backs a lot of startups with capital and tech obtained through... unusual... channels, and also facilitates putting counterfit networking gear with built-in back doors into the supply chain. This may have been a shocking revelation... in 2005.

There is an election going on, tho, and this will allow the candidates to say big, tough things about China both China and the US know they won't act on.
posted by Slap*Happy at 6:45 PM on October 8, 2012


Huawei seems legit, just a privately held telecom. I don't really see the big deal there beyond "ooooh, China, scary!".

While the events of 2007/08 may make the US look like a kleptocracy, it's fair to say that compared to the United States, there is absolutely no such thing as the rule of law in China. There's not even lip-service being paid to human rights. Huawei is not just a "privately held" telecom.
posted by KokuRyu at 7:07 PM on October 8, 2012 [3 favorites]


The Economist had a leader on Huawei last month, pointing out that many telecommunications equipment is produced in China anyways. It also mentions that BT in the UK is a large Huawei customer and its government's sig-int works with Huawei to vet its gear. As a non-American, I find this recommendation ironic given NSA's machinations. Tu quoque and all that.

BTW, the Sinica podcast is an excellent near-weekly affair for China watchers. They have a rotating panel of guests to comment on current affairs, where guests tend to be visiting academics, journalists and old China hands.
posted by tksh at 7:16 PM on October 8, 2012 [2 favorites]


Yes, let's collaborate closely with our Druuge partners.
posted by Nomyte at 8:31 PM on October 8, 2012


There seems a near consensus that the recommendations have some merit to them (for various reasons); both in this thread and in Congress.

Yes, there are solid accusations of the US intelligence community having similar relations with various US companies, certainly telecommunications companies, but I would argue that's a bit orthogonal to the question at hand.

So now what? Will US companies avoid buying this hardware? Will the US government ensure that none of this hardware is used in it's government infrastructure? What happens when this hardware is cheaper (certainly it appears as if Huawei doesn't need/have the R&D budget that Cisco does, so it probably will forever remain cheaper)? Will US companies consistently choose the more secure option over the possible compromised hardware?

If we think the deep penetration into the infrastructure by chinese hackers (state sponsored or not) is frightening now (and that is a large consensus among the security community currently), what are the implications of back-doored hardware everywhere in the US (and global) infrastructure? Will the US and world allow this (probably yes).

Generally I'm quite concerned when there is a bipartisan cooperation in congress (and consensus), in this case I think it's probably quite warranted (and good job guys!).

The question now, is what impact will these realizations and recommendations have?
posted by el io at 9:13 PM on October 8, 2012


tl;dr version of my comment: congress is right, and the world (and the US in particular) is probably in deep trouble..
posted by el io at 9:14 PM on October 8, 2012


Huawei were also blocked from tendering for any contracts related to the national broadband network currently being built in Australia. See here.
posted by markr at 9:26 PM on October 8, 2012


If I lent a country a trillion-plus dollars, I'd want to spy on it, too.
posted by Blazecock Pileon at 9:29 PM on October 8, 2012 [1 favorite]


Blazecock Pileon: "If I lent a country a trillion-plus dollars, I'd want to spy on it, too."

Is that why we spy on ourselves so much?
posted by wierdo at 9:39 PM on October 8, 2012


As the owner of a Huawei phone, I certainly think they should be banned from creating anything which could potentially used by humans.
posted by Damienmce at 10:03 PM on October 8, 2012 [3 favorites]


Until we develop microscopy techniques along with de-compilers for circuits that are studly enough to decompile today's chips

Related.
posted by hattifattener at 10:21 PM on October 8, 2012


Huawei says US probe had 'predetermined outcome': Argues Congress found no “clear information or evidence” of security risk
posted by homunculus at 11:32 PM on October 8, 2012


My theory: This is geopolitical tit-for-tat.

Cisco has cut all ties with ZTE recently due to their relationship with Iran

This report is probably a way to hit China's telecommunications industry as retaliation for continuing to make deals with Iran or assisting them with securing their telecommunications networks.

Of course, you probably shouldn't be buying Hwawei/ZTE stuff anyway, since they are insecure pieces of shit, I'm just commenting on the timing of it all.
posted by amuseDetachment at 12:35 AM on October 9, 2012


China is going to stop selling stuff to Iran right about the time they stop buying Iranian oil. Which is to say never. Which is why the sanctions against Iran are just dumb.
posted by wierdo at 12:53 AM on October 9, 2012


Until we develop microscopy techniques along with de-compilers for circuits that are studly enough to decompile today's chips, it is scary to give a Chinese corporation the ability to install backdoors to major portions of the Internet inside the US.

I am under the impression that we are already making chips in China and other places. Seems we should already be using this security technology.
posted by psycho-alchemy at 1:59 AM on October 9, 2012


I'm glad to see that Cisco is getting good value for money for it lobbying.
posted by atrazine at 2:06 AM on October 9, 2012


tl;dr version of my comment: congress is right, and the world (and the US in particular) is probably in deep trouble..

Hee hee, no. As anyone who's ripped a DVD knows, hardware isn't where it's at - software was, is and will continue to be king in cyber warfare. The US has a big lead in software engineering and software based security exploits, Europe, Japan, Israel and Russia aren't far behind, and Iran, China, Viet Nam, South Korea and Taiwan are playing catch-up.

On the other hand, the US doesn't much care about most private business so long as they can tap into what the Chinese or the Russians are doing. Unless you can spec and test your own hardware platform (like Google or Facebook), stick to the American, Japanese and European network hardware - it's clean, because the governments in those places know they can break coms security without having the vendors do anything special to their systems.

Also, make sure it's vetted authentic hardware - don't buy from fly-by-night VARs or from shady Ebay operations. Buying second-hand Cisco equipment from legitimate sources and selling counterfeit gear with the same serial numbers is a thing...
posted by Slap*Happy at 4:36 AM on October 9, 2012


el io The question now, is what impact will these realizations and recommendations have?

In a crazy ideal capitalistic world, the US sets up an official government department to vet all telecommunications procurements and shares notes with similar departments in other trusted countries (eg. UK, Canada), using the same vetted equipment where possible. Part of this cost comes out of the national defence budget, part of it comes from the vendors themselves as a fixed cost applied on top of their bid proposals. They can't demonstrate their trustworthiness but the US can't prove their malice either so factor that in as a cost of business for Huawei and ZTE. The magic of the invisible hand right?

More seriously, if hardware backdoors are such a concern, then the whole supply chain is suspect or there's already a vetting program. (See: Thompson's Reflections on Trusting Trust.)
posted by tksh at 5:52 AM on October 9, 2012


The absurdity is that its more likely that the plans for hi-tech gear probably already have backdoors in them at the request of the US spy networks. And the Chinese are inadvertently already building those backdoors in.

Given the lack of US ethical conscience when it comes to screwing over Iran, I'm sure they'd think nothing of bugging every single iPhone user in the world. How well do Apple and the CIA get along these days?
posted by mary8nne at 5:56 AM on October 9, 2012


The big problem with Huawei is the complete lack of transparency over ownership, finance and control. I've spoken to senior Huawei execs - the company knows it needs to talk to journalists, and regularly flies them to Shenzhen at some expense. However, it doesn't know what to say: the Huawei trips are notorious/famous for generating no stories, because there are no answers to any questions anyone would want to ask. Like, who's in charge?

(There are answers, but never to the obvious follow-ups: you get a prepared statement, even in casual conversation, to off-limit questions).

As has been noted, most of our stuff comes from China anyway, no matter whose name is on the front. And the opportunities for espionage and sabotage in the West are massive and asymmetrical: there are far more Chinese nationals in the US tech industry than vice-versa, and the culture is far more open. It's a bit like the Cold War, only with half the US' top engineering talent from Gdansk or Novosibirsk.

Huawei and ZTE are merely successful enough to be lightning rods. I don't think there's (much) evidence of them behaving very much like Bond villains (although Huawei has a global support centre that's very Dr No, except when I was there none of the henchmen seemed to be doing anything except sleeping or reading magazines. I did ask what they were globally supporting, but... you know what answer I got.)

Until the Chinese government gets over its massive insecurity complex and opens the hell up, I doubt things can get any better.
posted by Devonian at 7:01 AM on October 9, 2012 [3 favorites]


It would be foolish, in so many ways, to invest in Huawei. 1. They have stolen Cisco software and tried to pass it off as their own. (Intellectual property rights are not big there.) 2. Networks grow. And building a network based on equipment that you may have difficulty extending, maintaining, and updating is a poor business decision. 3. The US gubmint demands a "lawful intercept" backdoor . . . no telling what another gubmint would build into their product . . . theoretically, we (Americans) could control the NSA--and if not, we would be at risk from our own gubmint--not so with Chinese equipment. I wouldn't buy cheap knockoff sunglasses . . . why would I buy a cheap knockoff communications network?
posted by ahimsakid at 10:10 AM on October 9, 2012


« Older How people profit from your online mugshot and rui...  |  Narratively is "devoted exclus... Newer »


This thread has been archived and is closed to new comments