# US saves self from Huawei spying by spying on Huawei spying

Maybe this is why the US government is so certain Huawei is bad news: Snowdenistas at The New York Times and Der Spiegel have reported another communiqué from their source-in-exile – this time to the effect that the United States National Security Agency penetrated Chinese networking equipment vendor Huawei and monitored its …

This topic is closed for new posts.
1. #### Insert subtitle here

Five eyes spy with my little Huawei

2. "To save ourselves from Huawei spying Maybe this is why the USA is so certain Huawei is bad news Snowdenistas at The New York Times and Der Spiegel have reported another communiqué from their source-in-exile, this time to the effect that the United States National Security Agency penetrated Chinese networking equipment vendor Huawei and monitored its communications."

The lack of punctuation in that paragraph makes my eyes bleed!!!!!

1. The lack of punctuation in that paragraph makes my eyes bleed!!!!!

Simon has a rather unorthodox approach to proofreading. He says it's the price we pay for getting up-to-date news from Australia this late at night. Myself, I'd rather wait longer for a more polished piece, but oh well – I guess we get what we pay for.

2. "The lack of punctuation in that paragraph makes my eyes bleed!!!!!"

And multiple exclamation marks restore the balance of the universe, do they?

1. "And multiple exclamation marks restore the balance of the universe, do they?"

Two wrongs make a... Something.

1. "Two wrongs make a... Something."

A right, always, always a right. But five exclamation marks are more of a challenge, because it's not clear whether we have an even or odd number of wrongs, nor how you apply BODMAS in this scenario. If we say that one exclamation mark is allowable, that's four Wrongs. If we do that as two groups each of two Wrongs, then after resolving the groups, we have two Rights, possibly with an additional Right for the single permissible exclamation mark.

So we've either got two Rights, or three Rights, and we know that they collectively make a Wrong. If both are true then 2R = W and 3R = W, which either makes W infinite or indeterminate, or means that R is a self deprecating value, such that the more R you have, so the individual value declines to keep the meta-value of all R constant.

This then implies that it is also true that R = W, meaning that Right is Wrong, and conversely Wrong is Right. I can't see the ICC over at the Hague liking the outcome of the universal truth revealed by mathematics.

3. #### xenophobic turf protection

The anti-Huawei talk might have some slight legitimacy, but it is mainly a smoke-screen to protect US kit providers.

1. #### Re: xenophobic turf protection

Would they be the US kit providers whose kit is mostly manufactured in Eastasia?

They're all at it...

It just seems that the septics keep getting caught out by their denials and distractions. Whereas us Brits "don't comment on matters of national security", then carry on regardless. Over-sight? Yeah, we've heard of that stuff. Doesn't apply here, old stick. What!

2. #### Re: xenophobic turf protection

More probably, the Chinese blocked the NSA back-door and somebody got nervous about having incomplete access to the intertubes.

1. #### Re: xenophobic turf protection

"More probably, the Chinese blocked the NSA back-door and somebody got nervous about having incomplete access to the intertubes."

Actually, our standing joke in the IA community was, the PRC had a VPN into the US DoD core networks and the NSA had a VPN into the PRC core networks, so it all balanced out. The only real problem was that both sides needed more bandwidth in order to continue normal operations, as the VPN's eroded network performance.

4. #### Ha! Take that!

You see? We knew you were going to backdoor our stuff, so we backdoored ourselves first! Now we can go right through our backdoors any time we want! What do you think about that, losers?

1. #### Re: Ha! Take that!

Yo dawg, I heard you like backdoors... etc

1. #### Re: Ha! Take that!

"Yo dawg, I heard you like backdoors... etc."

So we let you backdoor our backdoor so you could see how we backdoored your backdoors.

Sounds right.

5. #### Circular reasoning

We must spy on Huawei.

Why?

Because they are spying on us, of course!

How do we know that?

From spying on Huawei, how else?

I bet even Da Vinci couldn't draw as perfect a circle as this reasoning.

1. #### Re: Circular reasoning

I think Huawei spokesman Bill Plummer broke that circle rather nicely when he said:

"If such espionage has been truly conducted, then it is known that the company is independent and has no unusual ties to any government and that knowledge should be relayed publicly to put an end to an era of mis- and disinformation."

However, I'm not expecting the Americans to respond to that any time soon. They cant.

2. #### Re: Circular reasoning

"I bet even Da Vinci couldn't draw as perfect a circle as this reasoning."

True enough. That initially was postulated, but rather sidelined until an attack was traced back and some systems penetrated.

Then, it was proved correct by the presence of unreleased (and subsequently released) new attacks on the US networks. After that, we got detailed warnings of what was coming before it was released against the networks.

There was also a bit of a hint that there was a bit of tit for tat going on in regards to penetrating networks.

Such as photographs, names, home addresses, work addresses, telephone numbers, family member names, girlfriend/wife names, etc of PRC officers, as well as their discussions on upcoming attacks.

I've long promised myself, should I ever personally meet one of those officers in particular, I'd shake his hand for his successes and brilliance, then punch him square in the mouth for the annoyances he provided me in keeping my segment of the networks secure.

Fortunately, that shan't happen, as that particular military complex is off limits to westerners.

3. #### Re: Circular reasoning

"I bet even Da Vinci couldn't draw as perfect a circle as this reasoning."

No, but (allegedly) Giotto could have done. (http://en.wikipedia.org/wiki/Giotto)

6. a rich irony

It's so rich that it would easily make a Michelle Obama's "no (salt|sugar|fat)" list of verboten foodstuff.

But then again, we suspected this all along, didn't we?

1. #### But then again, we suspected this all along, didn't we?

Yup. Especially when the head of the NSA visited Australia just to tell us how bad Huawei are.

I've got pictures of the NSA hanging on my wall, with blood splattered all over 'em. hehehe hahahaha hehehe hahaha

2. "It's so rich that it would easily make a Michelle Obama's "no (salt|sugar|fat)" list of verboten foodstuff."

I wonder how she feels about MSG? Huwaei and NSA probably know, but does Snowdon?

7. #### This explains how Mike Rogers could assure us there would be bugs in Huawei equipment

This explains Mike Rogers, chairman of the US House Intelligence Committee coming to Canada and telling there would be bugs in any Huawei equipment Canada bought, so we should buy from US manufacturers instead.

He knew there'd be bugs alright -- NSA bugs.

Here is what Mike Rogers told Canadians:

...

"I absolutely would not do it," Rogers said. "The key word there is new secure network; I would not have the faith and confidence."

..

"The Republican congressman from Michigan says ordinary Canadian consumers have every reason to worry about threats to cyber-security.

'This is your personal data. This could be your medical records, your financial records, everything that you hold dear that you think is locked away in a safe place on your computer that goes across these networks and becomes subject to being gathered by the Chinese government.'"

...

"There are bugs, back doors and beaconing going on in Huawei gear," he claims. "We have had lots of reports of that happening.

"I will bet my bottom dollar, as we say in the U.S., that activity is happening in Canada as well."

...

same article:

Ray Boisvert, who until recently was assistant deputy director of intelligence for Canada’s spy agency, told CBC News: "The threat comes down to…can a company that manufactures hardware embed certain codes that would allow them to back-door a lot of information that goes through the network?

"I have seen it hands-on through my own experience. It is true."

He saw it hands on in equipment from US vendors. We now know from Snowden that he and his co-workers at CSEC helped put the bugs there.

Thank you people of Michigan and the USA for giving the world such honest politicians who are dedicated to the public good, NOT.

1. #### Re: This explains how Mike Rogers could assure us there would be bugs in Huawei equipment

I've seen many, many strange things in my life, and I've seen people exhibit behavior far beyond that achieved in any of my past experiments in industrial strength pharmaceuticals. But hey, it's a fucked up world, and if you think about it too much it'll drive you mad. Now with cameras in everything you can easily record the weirdness and revisit it after properly fortifying your psyche and that's a good thing.

But the single most disturbing thing I've ever seen is politicians talking to the people and the way the people just eat that shit up. It's not like it is limited to any particular brand of politics. It's universal. Politician says (something) and people you know to be intelligent and grounded instantly turn into someone who read A Catcher In The Rye and got a completely different message than you did.

I did my undergrad work in Knoxville, TN, right next to Oak Ridge and ORNL. This guy who is running for office in Knoxville is speaking all over town and braying this 'Do you know what they do just over there in Oak Ridge? They work with nuclear weapons'. It was odd because everybody knew that and a lot of people had actually moved to Knoxville and chosen to go to school there because of ORNL. Nevertheless, people still got rilled up about it.

Why do people do that? Is there really some truth to the Lizard People idea? It's really hard to discuss as well. It's like accidentally seeing your grandmother topless, but instead of whatever grandmothers keep hidden in their shirts it's a bunch of gears and eccentrics. How do you investigate that without coming off as a certified loon: 'What's it look like under your grandmothers shirt'? No good can come from any answer you get.

But you have to know, yeah? Same with politicians. In the run up to the Iraq war everybody noticed the overnight shift in anti-invasion Powell and pro-invasion clone. But how can you test it? If you cut off its head, and it doesn't die, are you off the hook for the attack?

Actually, I may have just solved all those problems with proven, 9th century, Humanity Checks. We cut the heads off all election winners and if they don't die they are disqualified from office, if they do die then we save big on scandal investigations! This is a win-win deal guys. Step right up and serve your country!

1. #### Re: This explains how Mike Rogers could assure us there would be bugs in Huawei equipment

"But the single most disturbing thing I've ever seen is politicians talking to the people and the way the people just eat that shit up".

Human beings are apes. Like other apes, they need to feel part of a group and to have a strong, decisive leader. How do apes know who is the leader? He's the one who swaggers around hitting anyone he feels like, for no special reason except that it's how they know he's the boss. No matter what political ideas we experience consciously, our brain stems are crying out for strong decisive leadership. The more others in the group accept a leader, the stronger our need to do so too. After all, who wants to be an outcast?

The best thing about The Reg, like Slashdot and other geek hangouts, is that there is a larger proportion of people who have learned something about intellectual integrity; people whose frontal lobes can at least put up a fight against their brain stems. (For any surviving Van Vogt fans, the "cortico-thalamic pause"). But it's a lot harder to stay logical and fact-oriented when dealing with politics, an intrinsically emotional and mob-arousing subject, than IT, science or maths. Look at what happened, by his own admission, to that icy logician Albert Speer. We should always be on guard against symptoms of "Speer syndrome" in ourselves and others.

2. #### Re: This explains how Mike Rogers could assure us there would be bugs in Huawei equipment

"Why do people do that?"

The real answer is simple. An individual can and frequently is quite intelligent. However, people in a group are blithering idiots. That's largely due to an odd mixture of herd and pack mind behavior that is hard coded into the human brain.

As for leaders, I suggest we cut out the middle of the process. Once someone announces that they desire to hold a particular public office, shoot them out of a cannon and into the local midden/landfill. Then, select a current private enterprise leader for the role, upon pain of exile or death, to serve to the best of their ability.

"But, but, I don't *want* to be PM/President!"

"Too bad, you got the job."

"But, I won't do it!"

<click!>

"OK, I'll do it."

2. #### Re: This explains how Mike Rogers could assure us there would be bugs in Huawei equipment

"This explains Mike Rogers, chairman of the US House Intelligence Committee coming to Canada and telling there would be bugs in any Huawei equipment..."

As Heinlein used to say, the most elegant way of lying (and one of the most effective) is to tell the truth, but not all of it. You would expect a congresscritter to be a world-class exponent of the art.

3. #### Re: This explains how Mike Rogers could assure us there would be bugs in Huawei equipment

"We now know from Snowden that he and his co-workers at CSEC helped put the bugs there."

Reading comprehension fail. Snowden didn't put anything anywhere, he was a SA only.

What is funny is, what was being discussed in your rant was about Huawei bugs, not NSA bugs that may well also be in place.

But, the NSA ones are OK in US officials views, but PRC bugs are not in their view as well.

Personally, I'd rather prefer one of two things:

1: No bugs at all.

2: If I'm to be saddled with bugs, the bugging organization should pay for the additional bandwidth they're stealing from my network to monitor it.

8. #### Protectionsim and hypocrisy

It's clearer with each new revelation about the USG machinations against Huawei that all this has little to do with security (since, obviously, US vendors are even more exposed to NSA backdoors than Huawei can possibly be) and everything to do with protecting the US market in favour of US suppliers. It isn't irony as much as it's hypocrisy.

Huawei, not coincidentally, has much stricter rules governing laptops entering and leaving their sites than any US vendor I've visited. It would be interesting to learn how the alleged backdoor code was actually inserted.

1. #### Re: Protectionsim and hypocrisy

What onsite rules for external equipment on Huawei premises will they be then?

The answer would either appear to be none, or that they were ignored completely in my experience.

1. #### Re: Protectionsim and hypocrisy

Maybe it depends on the site. At the one I'm thinking of they glue up your USB slots (literally). Maybe not so much at a sales and support site?

otoh I remember once being left alone at DEC in a meeting room that had their departmental product development plan for several years ahead posted on the wall. It was at least 15 minutes before someone noticed and yanked me out of there.

9. #### Back doors, Back doors, Back doors

Look, I know this goes on between gentlemen of a particular persuassion,

But, do I have to have this shoved in my face/mail-box every day?

The World is getting more and more like a macrocosm of the BBC every day..

The gentlemen from the US and the gentlemen from china should just get a room in a sleazy motel somewhere and play with eachothers backdoors until they get bored of it....

1. #### Re: Back doors, Back doors, Back doors

"Look, I know this goes on between gentlemen of a particular persuassion,

But, do I have to have this shoved in my face/mail-box every day?"

It is your patriotic duty as a loyal citizen to have your backdoors smashed in, confidential information stolen and your secrets discussed around a water cooler in Virginia (or over a cup of tea in Cheltenham).

1. #### Re: Back doors, Back doors, Back doors

"It is your patriotic duty as a loyal citizen to have your backdoors smashed in, confidential information stolen and your secrets discussed around a water cooler in Virginia (or over a cup of tea in Cheltenham)".

Last night I watched "The Runaway Jury" again. During the scenes where Gene Hackman's jury-rigging team look at video of the jury members' homes, private possessions and private moments I suddenly had an insight. Imagine this happening all the time, to everyone - not just the members of a particular target jury.

1. #### Re: Back doors, Back doors, Back doors

What? You say there is somebody out there watching me while I watch you? That is totally unacceptable!

10. Alternative scenario, having stolen the sourcecode, they've read it and seen how terrible it is, and decided its got so many backdoors they don't want to risk it on US soil.

1. "Alternative scenario, having stolen the sourcecode, they've read it and seen how terrible it is, and decided its got so many backdoors they don't want to risk it on US soil."

I think you would have to admit that is pretty far fetched given that their efforts seem to have overlooked folks like Cisco et al. Do you have any vulnerability stats to back that hypothesis up ?

1. Assuming I do, commercially I would not be in a position to discuss that would I?

The thing Huawei excel at is dismissing technical critisism of their equipment as political smear attempts and the drive into Europe has been facilitated by the hiring of some very very PR savy people high up in the structure to realize this. So heads you win the argument, tails I loose. The validity of my response should be left as a exercise for the reader to read between lines on.

I don't buy the whole basis for this story either, that the US needed to steal Huawei sourcecode.

The sources will have been provided to the UK spooks already and knowing what we know about helpful information transfer between NSA/GCHQ that will have been passed across without so much as a murmur.

2. "Alternative scenario, having stolen the sourcecode, they've read it and seen how terrible it is, and decided its got so many backdoors they don't want to risk it on US soil."

The ironic thing about the Huawei backdoor revelation last year is that every vulnerability demonstrated was on OEMed (badge engineered) 3com kit, not devices Huawei had developed themselves.

11. #### We dumped Cisco...

...for Huwawei a year ago. Best move we've ever done.

12. #### Push me

Shove you

13. Suppose this proves beyond a doubt all Cisco & Co kit is riddled with NSA backdoors.

14. #### From 'The Spook's book of...

... Modern Nursery Rhymes' - page 43, 'This Polled RAM':

***

NIC, NAC, tap a jack

Listen on the phone

We net slurp in ev'ry home...

***

Or, alternatively, from the recent 'Spook's Hymnal':

***

'Whether Yen or the dollar, well the brand don't matter - we are there'

***

15. #### We expect better from El Reg

QUOTE: "The New York Times and Der Spiegel have reported another communiqué from their source-in-exile"

16. #### well, yes

I heard a speech at a security conference a few weeks back from an ex-NSA guy saying that Chinese manufacturers let the Chinese security agencies access all backdoors and passed the information to aid Chinese companies economically in competition to western firms and that the Chinese security agencies were headed by loyal Chinese generals.

All the time he was speaking I wondered which US manufacturers withheld their backdoors from the US government agencies and why those agencies wouldn't help US firms in competition with overseas companies and how disloyal the US security agency leaders were to their government.

17. #### Cisco is US approved and Huawei is not

Until we can successfully install the same backdoors in Huawei kit we installed in Cisco kit years ago.

This topic is closed for new posts.