back to article EU boss Breton: There's no Huawei that Chinese comms kit is safe to use in Europe

European commissioner Thierry Breton wants Huawei and ZTE barred throughout the EU, and revealed plans to remove kit made by the Chinese telecom vendors from the Commission's internal networks. "We cannot afford to maintain critical dependencies that could become a weapon against our interests," he declared in a Thursday …

  1. PhilipN Silver badge

    Following the series of links starting with the reference to Huawei backdoors...

    Fascinating. Starting in 2020 - or a lot earlier if the unnamed "US officials" are to be believed - a story at least as well supported and newsworthy as anything on Twitter, Just keep saying it.

    1. Pascal Monett Silver badge

      Re: Following the series of links starting with the reference to Huawei backdoors...

      Oh yeah. Lots of talk. Much pressure and thinly veiled threats to National Security.

      Proof ? Are you kidding ? You don't need proof, just trust us.

      Yeah, sure.

      1. EnviableOne

        Re: Following the series of links starting with the reference to Huawei backdoors...

        Yeah, GCHQ's HSCIC said if there were backdoors in Huawei's kit, they were indistinguishable from the shoddy code in the rest of it.

        The only reason it got banned in the UK is the US de-stabilised the Huawei supply chain, so the president's lapdog AKA prime minister used this as an excuse.

  2. Yet Another Anonymous coward Silver badge

    Not just backdoors

    What about all the phones made in China by European and American companies or with Chinese components?

    We need to open up the strategic Nokia 3310 reserve

    1. TimMaher Silver badge
      Windows

      Re: Nokia 3310

      And I have a Moto. Razr in reserve as well as some other ancient stuff.

      1. RAMChYLD Bronze badge

        Re: Nokia 3310

        Last I checked tho, the RAZR is a 2G only device, which is even more trivial to spy on...

  3. martinusher Silver badge

    Back to the Stone Age?

    Not content with self-immolation over energy supplies, markets in the east and so on the EU is determined to use only non-competitive, second rate kit. Or rather, carefully re-labeled kit made by 'the usual suspects' that's been cosmetically altered so as to appear to be made locally.

    With politicians like that in charge an adversary doesn't need to undermine to conquer. You just sit tight and wait for events to unfold.

    1. Xalran Silver badge

      Re: Back to the Stone Age?

      Two of the 4 main Telecom equipment providers are in EU ( namely Ericsson and Nokia, the obvious other two being the Chinese Huawei and ZTE )...

      And as far as I know both have competitive products... But the Chinese, thanks to CCP subsidies, can undercut any price if they really want the market.

      Another thing to take into account, $TELCOs tends to avoid putting all their eggs in the same basket, so they will usually buy stuff f'rom two or 3 different vendors.

      With only 4 vendors in the market it's hard to avoid going Chinese.

      And lets cull the remarks :

      - But Qualcom... they make chips, not equipment. no baseband, no antenna, no core network ( parse : COTS servers ) , no router.

      - But NEC & Samsung... They mostly operate in respectively Japan and South Korea... and barely sell outside of those markets.

      - But <insert your favorite early 2K telecom equipment vendor [ like Alcatel, Siemens, Nortel ]>... they either got gobbled up by a bigger shark ( Nokia in the case of Alcatel and the Telecom branch of Siemens ) or went under ( Nortel )

      - But Cisco... Sorry, no radio, while they have a really nice market share on the transport side, and some decent results on the private mobile networks ( core side ) they have failed so far in the RAN domain, and that's where the money is, as you only need a few rows of servers nowadays to run a mobile $TELCO, but you need thousands upon thousands antennas and basebands to cover the territory.

      1. Yes Me Silver badge
        Mushroom

        Re: Back to the Stone Age?

        "thanks to CCP subsidies"
        Please provide evidence for that. And of course, we note the whiny use of "CCP" when you mean "government". Also please demonstrate that Ericsson and Nokia never got their own government subsidies.

        I truly don't understand why the EU would believe the totally unsubstantiated claims about Huawei or ZTE equipment having better back doors than the Western kit.

        1. Evil Auditor Silver badge

          Re: Back to the Stone Age?

          No comment re subsidies. But can you explain what the problem is with CCP? They rule the country and "Chinese government" is simply a subset of CCP.

        2. mpi Silver badge

          Re: Back to the Stone Age?

          > And of course, we note the whiny use of "CCP" when you mean "government".

          Well, that party IS the government in China, so the two are synonymous. There are no other parties. There are no real elections. By their self-description, the country is a Peoples Democratic Dictatorship: https://en.wikipedia.org/wiki/People%27s_democratic_dictatorship

          > Also please demonstrate that Ericsson and Nokia never got their own government subsidies.

          That wasn't the point? Almost all large companies get subsidies. The difference is what for. In the west, companies get subsidies to lure them to countries and build new industries, and participate in the market. The companies are not owned by the state, the state doesn't control the companies.

          They wont straight up sibsidize losses to raise the global influence of the companies tech for political influence.

          > I truly don't understand why the EU would believe the totally unsubstantiated claims about Huawei or ZTE equipment having better back doors than the Western kit.

          Simple: Because the US and EU aren't geopolitical adversaries. And even if there is spying between these two blocks, they still follow somewhat the same goals when it comes to global politics. And neither is threatening to attack Taiwan.

        3. Xalran Silver badge

          Re: Back to the Stone Age?

          The CCP is the Chinese Government, they are one single thing... since the Chairman of the CCP is the Chinese Premier.

          There's ample evidences around. I'm not going to bother...

          You can also look at the solar panel market where Chinese companies killed the European producers by lower prices, again thanks to subsidies.

          There's a main difference in how Nokia and Ericsson ( and any other companies producing in Europe ) receive subsidies compared to China....In Europe you receive a specific amount for a specific purpose. ( Say a few hundred Million for Ericsson to open a R&D Center in France, a few Billions in Germany for Intel to build a chip factory) while in China you get them just so that your production price is lower than anything produced by the western companies producing the same thing.

          The EU is not monolithic, and the response to the US pressure varied between countries. In some Huawei got banned with a rip off date set, in other nothing was done... with all the middle grounds possible. ( for example in France it has been asked to the $TELCO to replace Huawei equipment when they are near sensitive and/or military areas.... they can be put back in the network somewhere else )

      2. martinusher Silver badge

        Re: Back to the Stone Age?

        The edge Huawei has isn't anything to do with the CCP subsidizing it. The problem for us is that Huawei is privately held -- in their case, "owned by the employees". This makes a huge difference to the capital structure of a company because, simply put, it doesn't have to make those payments to the bank. Many quite viable companies get into trouble, even become bankrupt, not because they're not profitable but because they're not profitable enough. They're often seriously leveraged and they just can't make the debt payments so their competitveness declines as they cut costs and their product mix ages. A closely held company doesn't have to satisfy creditors, provided it makes enough to meet payroll and keep the lights on it can spend as much as it wants on R&D or whatever -- and its got huge flexibility in pricing.

        (How do I know this? I worked at a closely held company (in the US) during the 2008 recession. It had zero debt, apart from a revolving line of credit for day to day business expenditure, and it owned its own facilities. Even then the bank tried to call the loan in and liquidate it but the company just switched banks, a nisance but scarcely fatal. It invested in new product development even as its competitors were going broke.)

        1. Xalran Silver badge

          Re: Back to the Stone Age?

          You really believe in the *owned by the employees* ?

          some light : https://telecoms.com/496951/new-research-claims-employees-do-not-own-huawei/

  4. Anonymous Coward
    Anonymous Coward

    Just wondering

    what sanctions the U.S. government threatened, in order to "persuade" Europe to go along with this never proven "backdoor" allegations ?

    Or maybe lots of envelopes stuffed with cash were handed out?

  5. Pascal Monett Silver badge

    So, the Commission is looking to ban Huawei on security grounds

    I'm sure that they'll happily turn themselves to Cisco, right ?

    Cisco, a company based in a country that has all the laws required to force it to reveal information to its Goverment.

    While being forbidden to reveal publicly that it is doing so.

    Yeah, much more secure than Beijing.

    1. Anonymous Coward
      Anonymous Coward

      Re: So, the Commission is looking to ban Huawei on security grounds

      FISA court order with gagging, just saying. And do not start me on the whole "greek watergate" (The original - Greek wiretapping case 2004–05, not the 2022 Greek wiretapping scandal) where the NSA tapped the whole government in Greece using the vodafone phone system from the US embassy. To be fair on the US they just spy on everyone, irregardless of friend or foe. They are like a really really creepy uncle.

    2. EnviableOne

      Re: So, the Commission is looking to ban Huawei on security grounds

      Except CIsco are nowhere in carrier-grade tech, Huawei's main rivals are Nokia (Finland) and Erricson (Denmark) with Samsung (SKorea) a distant third

      1. Xalran Silver badge

        Re: So, the Commission is looking to ban Huawei on security grounds

        Ericsson is not Danish, It's Swedish...

        Headquarters used to be at Telefonplan ( yes the South Stockholm subway station ) and was moved to Kista ( north of Stockholm ) in the early 2000s.

      2. The Kraken

        Re: So, the Commission is looking to ban Huawei on security grounds

        Re Nokia 5G kit - open the box and look closely - it’s made in China too. All is not what it seems.

    3. Xalran Silver badge

      Re: So, the Commission is looking to ban Huawei on security grounds

      Cisco doesn't make Mobile network antenna nor the basebands needed for the antennas to work. That's mostly what Huawei was selling in EU.

      There's no US companies left that make that kind of products, that's one of the reasons why the US are trying to block the Chinese companies... and is pushing the OpenRAN initiative.

      ( that way they can regain some level of control through COTS servers from Dell & HPE )

      1. Yet Another Anonymous coward Silver badge

        Re: So, the Commission is looking to ban Huawei on security grounds

        So the USA will now be reliant on a couple of Scandinavian countries for all their telecoms ?

        1. Xalran Silver badge

          Re: So, the Commission is looking to ban Huawei on security grounds

          They have been ( along with Huawei and ZTE ) since Alcatel *merged* with Lucent ( while it was described as a fusion, it technically Alcatel buying Lucent )... that entity was then gobbled by Nokia.

  6. Anonymous Coward
    Anonymous Coward

    More Misdirection....But Why Am I Not Surprised????

    Thus spake Thierry Breton: "...plans to remove kit made by the Chinese telecom vendors from the Commission's internal networks..."

    ....but what about ripping out all that leaky Cisco kit?

    ....but what about decommissioning all that NSO software in Cheltenham and elsewhere?

    ....and then there's the regular metadata feeds (no warrants of course) from every mobile operator to government spooks?

    ....oh....Palantir and Peter Thiel need to be banned from government service too....

    So much for Thierry Breton to worry about....so little time.....and yet Huawei is the only item on the agenda!!!!!!

  7. DJ
    Black Helicopters

    For the less security-savvy among us...

    Can someone with the technical chops to understand this stuff please elaborate on why it appears to be so difficult to definitively demonstrate whether anybody's kit is sending data to an unintended destination?

    Or are they all in the employ of the [insert secret government agency name here]?

    1. Paul Crawford Silver badge

      Re: For the less security-savvy among us...

      The issue is not "Are they currently spying on us?" which is easy to check (to a degree, depending on your tools and ability to wade through a shed-load of legitimate traffic) but "Can the CCP force a change to spy or simply bork $COUNTRY network if there is a major trade dispute or conflict?"

      That could be via a simple vulnerability as seen with example after example of ransomware or the attacks on Ukrainian comms, etc, or it could be via an update forced by a Chinese company held at gun-point (figuratively or literally) by the CCP.

      Now while it is conceivable one of the Scandinavian suppliers could do the same, the historical and current political reality of CCP versus democracy makes that far, far less likely. And yes, most phones are made in China but that is a far more difficult target to sabotage given the diversity of supply and limited degree of OS updated that are even offered even during good times, etc.

      1. Justthefacts Silver badge

        Re: For the less security-savvy among us...

        And as I’ve explained elsewhere, the answer to the sea-lioning question “just asking” is: No. They can’t eavesdrop. Because due to the basic security architecture, the network elements in question see only encrypted packets, don’t know who they are sending them either to or from, and don’t have any key information.

        In fact, ironically, if you wanted to do traffic analysis, you’d be *better* served sitting with a radio sniffer in the public shopping mall, than hacking into one of the Radio Access nodes. Because some of the signal is performed co-operatively between nodes. A single node only passes potentially a fraction of encrypted bits in the datastream

  8. Jim-234

    So because there might one day be a possibility of Chinese kit having a backdoor (despite nobody being able to find one or prove anything),

    The Europeans would like to go buy all the USA kit which is regularly found out to have back doors in it for the USA government to spy on everyone.

    I'm going with it's all a bunch of lies and the real reason is bribes / payoffs / blackmail to help USA based corporations keep selling their dated and overpriced gear.

    1. Casca Silver badge

      USA doesnt have these kind of kits...Its Sweden and Finland that has them

  9. Justthefacts Silver badge

    “Back doors” not relevant

    Concerns about security are not new, and were *built in* to the 5G architecture standard. It’s divided into Core Network elements and Radio Access. All identity, data, voice, and keys are held in the Core Network. Core Network encrypts, and hands just encrypted packets to Radio Access - which is the radio masts you see, and forms the vast majority of network hardware.

    Huawei only provide Radio Access. There’s literally nothing in Radio Access that you can’t get by sitting a mile away on a park bench with a $50 sniffer. Back-doors just aren’t needed or relevant.

    The only half-valid concern is that a back door could contain a secret kill-switch, providing a denial-of-service attack. But U.K. CESG have had full sight of the internal software, and can’t see any such. But the main point is: these network elements are on a private network *owned and secured by the operator*. This isn’t connected to public internet. To access any kill-switch, you’d have to hack in from outside. In which case, if a nefarious state actor has penetrated into the operator network, sufficient to send commands to the Radio Access nodes….why wouldn’t they just send the *standards-supported Stop Broadcasting System Information command* to cease operation? Independent whether it’s manufactured by Huawei or Nokia?

    There’s really no technical case at all here. Pure politics.

    1. Paul Crawford Silver badge

      Re: “Back doors” not relevant

      these network elements are on a private network *owned and secured by the operator*. This isn’t connected to public internet. To access any kill-switch, you’d have to hack in from outside.

      Do the network operators have teams from their suppliers looking after this stuff? Sure it may not be public access, but if your system is auto-patched by the supplier and they are at gun-point its a rather different situation.

      There’s literally nothing in Radio Access that you can’t get by sitting a mile away on a park bench with a $50 sniffer.

      But if you have remote access you don't need to send agents to sit on hundreds of park benches to sniff the radio traffic. You can look at phone IDs moving and see who works at a given government building, where they go home to, etc. You might not see traffic in plain-text, but you sure can correlate daily life of most of the population, some of whom might be of great interest to you.

      1. Justthefacts Silver badge

        Re: “Back doors” not relevant

        No. The radio access nodes don’t see phone IDs. The network security architecture has been defined to prevent traffic analysis.

        “Do the network operators have teams from suppliers…”. No, they don’t. Because all the commands/monitoring available are standards-defined, passed along standards-defined interfaces. This isn’t like Cisco routers.

        You don’t even need Huawei documentation.

      2. Justthefacts Silver badge

        Re: “Back doors” not relevant

        As to “it’s difficult to send agents to cover park benches”, if that’s the concern, that’s a non-issue.

        ELINT from orbit is far safer and cheaper. Victim is literally blasting out the data OTA at a radio intensity, such that it can be heard by a cell-phone antenna 1cm size up to 2km away. 1 meter antenna dishes onboard spacecraft at 200km up, have been routine for a decade. But you’d only do that it you had a particular target cell, and for the exact same park-bench reasoning.

        If you wanted to export the on-air encrypted datastreams of say, the whole of France, you would be looking at hundreds of terabits of backhaul, never mind “it would be noticed”, more “whos going to pay for that”.

        As opposed to your proposal of keeping a hacking team on constant standby, with a separate penetration exploit for the external networks of each of several hundred global operators. And the constant threat of being found out/loophole closed/spy booted out, at the one time when you decide you actually need it. All to access data that is freely broadcast on-air.

  10. Anonymous Coward
    Anonymous Coward

    I've been working in networking for a long time and not only have I never seen Huawei kit trying to call home nobody has ever presented any evidence of it happening.

    1. Paul Crawford Silver badge

      GCHQ did not find that either. They found piss-poor software quality, but others seem to be guilty of that as well (just check high score CVE for any major brand...). I suspect the real issue is further updates and what they could carry if the CCP demands it.

      Yes, this could largely be stopped for all leading to better global security by having open source software and audited hardware with just the keys secured, but that ain't going to sit well with vendors from any country in the current market.

  11. jmch Silver badge

    Why rip and replace?

    Most of this kit will need replacing in the next 3-5 years anyway. Anything with a longer lifespan can be put on accelerated depreciation, rather than immediately writing off billions of Euros of working kit 'just in case the bogeyman'.

    And since it isn't fair to target just China, simply mandate that strategic kit be made in EU, and then classify telecoms networks as strategic. No point sending billions to the US when you can get the kit from Nokia and Ericsson.

    Now, as to where Nokia and Ericsson factories are located....

  12. davcefai

    Exocet

    Does anybody remember the Falklands war? BOTH sides had Exocet missiles. And it seems that the British had not backdoored them.

    It makes no sense to give away or sell your security. First the West exported its technology. Now they've woken up to the fact that its security accompanied the technology.

    1. UK DM

      Re: Exocet

      Older ordinance just goes bang and didn't need a software update every week LOL.

      Maybe lookup the country of origin on that particular variety. It wasn't the UK.

      1. Fr. Ted Crilly Silver badge

        Re: Exocet

        That's Ordnance, not ordinance, that's a local by-law. (sorry, can't help it)

    2. Justthefacts Silver badge

      Re: Exocet

      Errr, well I definitely remember the facts of the Falklands War. Yours is an alternate history of stuff that didn’t happen. Are you trying to pick an open sore?

      Exocet is made by France. Exocets *do* have kill-codes (not “back doors”). At the time of the Falklands War, we knew the Argentinians were armed with that ship-killer, it was not a secret.Mrs Thatcher personally rang Mitterrand, before the Task Force sailed, to request him to give the British the Exocet kill-codes. He point-blank refused. The French, sorry Argentinians, sank HMS Sheffield with Exocet, a shocking military defeat for Britain with the loss of many lives. Mrs Thatcher then rang Mitterrand again for the kill-codes, and he still refused. As a result, we lost Atlantic Conveyor, with the loss of a further lives.

      The tide finally turned when Mrs Thatcher rang Ronald Reagan instead. He ordered his services to give us the French kill-codes, as of course they were thoroughly penetrated. This enabled us to use them to successfully defend the HMS Invincible aircraft carrier against Exocet launches. Of course, we couldn’t admit it publically, so the official story was (and remains) that it was shot down…somewhat implausibly with a naval gun (not even anti-aircraft). The kill-codes given us by the *Americans* were also used to defeat two out of the three Exocets targeted at HMS Glamorgan, although unfortunately one got through.

      And you wonder why the U.K. has somewhat “alternate perspective” on US penetration of French security services.

  13. Spanners
    Big Brother

    Total BS

    The US bringing this up was an attempt to bolster their own (barely existing) manufacturers. Now that they have such an industry, they want to boost it by getting us all to follow their dodgy lead.

    Certainly, do not use stuff made in undemocratic countries but under no circumstances buy from the USA either!

    1. Anonymous Coward
      Anonymous Coward

      Re: Total BS

      > Certainly, do not use stuff made in undemocratic countries but under no circumstances buy from the USA either!

      Why mention USA twice? The USA is undemocratic.

      1. Anonymous Coward
        Anonymous Coward

        Re: Total BS

        And Britain somehow isn't?

        https://www.dannydorling.org/wp-content/files/dannydorling_publication_id1322.pdf

        You're even more gerrymandered to favor the right wing nutjobs than the US is.

        Not to mention you idiots still have the very definition of undemocratic government, a monarchy. Start by getting rid of your king, then maybe you can join the democracy table. Any method you like, whether that be the French method or just deposing the scumbag royals and seizing all their ill-gotten wealth.

  14. Anonymous Coward
    Anonymous Coward

    Am I the only one detecting a likely cottage industry in rebadging "scapped" equipment and reselling it minus any references to Huawei or ZTE.

    Of course, we all know what it would still be.

  15. StrangerHereMyself Silver badge

    5G

    What's so special about 5G? Why not just ban all Chinese networking equipment from our networks? They're just as much a risk as 5G (which is just a hype anyway and marginally better than 4G/LTE).

    1. RAMChYLD Bronze badge

      Re: 5G

      Four words:

      Low Latency Wireless Gigabit.

      A 5G connection allegedly offers hyperfast Internet connection at very low latencies comparable to fiber-to-the-home.

      In practice the hyperfast speeds are only possible on the mmWave bands, and that has it's own can of worms (ie can't penetrate walls and extremely short range). A typical 5G connection can't even hit 400mbps. The only thing it has going for it is the improved latency- better than 4G but still not comparable to FTTH.

      1. StrangerHereMyself Silver badge

        Re: 5G

        But other networking equipment is just as vulnerable to exploits and ability to wreak havoc on our networks. They're claiming that 5G runs self-driving cars and smart cities and is therefore a more critical part of infrastructure. I claim that if the Chinese can block all our internet traffic this could have a much larger economic impact.

        This makes me wonder if our politicians really know what they're doing. They leave a hole wide enough to drive a truck through.

  16. This post has been deleted by its author

  17. tel2016

    Chinese law requires it

    Company Law of the People's Republic of China (2018 Revision) - Article 19 says:

    The Chinese Communist Party may, according to the Constitution of the Chinese Communist Party, establish its branches in companies to carry out activities of the Chinese Communist Party. The company shall provide necessary conditions to facilitate the activities of the Party.

    Also, consider reading the book 'Unrestricted Warfare', and take note of who the authors are.

    1. StrangerHereMyself Silver badge

      Re: Chinese law requires it

      Yep, and this is the stick the West will use to beat China with. Forever.

      They were stupid to put this is in a public law for everyone to see. They should've made it a "secret law" which isn't on the books.

      1. tel2016

        Re: Chinese law requires it

        Your point being...?

  18. Anonymous Coward
    Anonymous Coward

    Decoupling?

    Is this the first signal to decouple the EU from China? Perhaps that is what is required to stop the de-industrialisation of Europe.

    1. Justthefacts Silver badge

      Re: Decoupling?

      It’s not the first signal, everyone outside the EU realised a decade ago that the EU is “decoupling” from the rest of the world. The word for this is isolationism.

      It probably will, in one sense, “stop the de-industrialisation of Europe”, by freezing Europe forever at an instant in time. Come back in 2073, or 2123, and it will all still look like 2023. No better, no worse. The rest of the world just moves on, and forgets, except as a pretty cruise ship destination. Once upon a time, Venice and Amsterdam each used to stand astride the world. Both for the same reason: global mercantile powers. Now, they’re both just very pretty, one for each age-appropriate tourist-group.

      1. Casca Silver badge

        Re: Decoupling?

        Sure, lets do everything that china wants and be an vasal to them. Thats what you want apperantly...

    2. StrangerHereMyself Silver badge

      Re: Decoupling?

      Europe is weak and divided. Technically speaking there isn't a "Europe" apart from the continent (and who belongs to the continent is also up for discussion).

      China exploits this weakness to the fullest. Did you know, for example, that China is already buying influence in states that are up for EU membership? Since each member state has veto power, it could eventually use these to block whatever isn't in China's interest (a wholesale trade embargo if they invade Taiwan, for example).

      What Breton or any EU Commission member says only has limited relevance.

  19. Steve Davies 3 Silver badge

    Nothing in life is free

    Throw Huawei kit out and pay, pay and pay again due to patents.

    The Chinese win no matter what we do.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like