EU boss Breton: There's no Huawei that Chinese comms kit is safe to use in Europe European commissioner Thierry Breton wants Huawei and ZTE barred throughout the EU, and revealed plans to remove kit made by the Chinese telecom vendors from the Commission's internal networks. "We cannot afford to maintain critical dependencies that could become a weapon against our interests," he declared in a Thursday …
Yeah, GCHQ's HSCIC said if there were backdoors in Huawei's kit, they were indistinguishable from the shoddy code in the rest of it.
The only reason it got banned in the UK is the US de-stabilised the Huawei supply chain, so the president's lapdog AKA prime minister used this as an excuse.
Not content with self-immolation over energy supplies, markets in the east and so on the EU is determined to use only non-competitive, second rate kit. Or rather, carefully re-labeled kit made by 'the usual suspects' that's been cosmetically altered so as to appear to be made locally.
With politicians like that in charge an adversary doesn't need to undermine to conquer. You just sit tight and wait for events to unfold.
Two of the 4 main Telecom equipment providers are in EU ( namely Ericsson and Nokia, the obvious other two being the Chinese Huawei and ZTE )...
And as far as I know both have competitive products... But the Chinese, thanks to CCP subsidies, can undercut any price if they really want the market.
Another thing to take into account, $TELCOs tends to avoid putting all their eggs in the same basket, so they will usually buy stuff f'rom two or 3 different vendors.
With only 4 vendors in the market it's hard to avoid going Chinese.
And lets cull the remarks :
- But Qualcom... they make chips, not equipment. no baseband, no antenna, no core network ( parse : COTS servers ) , no router.
- But NEC & Samsung... They mostly operate in respectively Japan and South Korea... and barely sell outside of those markets.
- But <insert your favorite early 2K telecom equipment vendor [ like Alcatel, Siemens, Nortel ]>... they either got gobbled up by a bigger shark ( Nokia in the case of Alcatel and the Telecom branch of Siemens ) or went under ( Nortel )
- But Cisco... Sorry, no radio, while they have a really nice market share on the transport side, and some decent results on the private mobile networks ( core side ) they have failed so far in the RAN domain, and that's where the money is, as you only need a few rows of servers nowadays to run a mobile $TELCO, but you need thousands upon thousands antennas and basebands to cover the territory.
"thanks to CCP subsidies"Please provide evidence for that. And of course, we note the whiny use of "CCP" when you mean "government". Also please demonstrate that Ericsson and Nokia never got their own government subsidies.
I truly don't understand why the EU would believe the totally unsubstantiated claims about Huawei or ZTE equipment having better back doors than the Western kit.
> And of course, we note the whiny use of "CCP" when you mean "government".
Well, that party IS the government in China, so the two are synonymous. There are no other parties. There are no real elections. By their self-description, the country is a Peoples Democratic Dictatorship: https://en.wikipedia.org/wiki/People%27s_democratic_dictatorship
> Also please demonstrate that Ericsson and Nokia never got their own government subsidies.
That wasn't the point? Almost all large companies get subsidies. The difference is what for. In the west, companies get subsidies to lure them to countries and build new industries, and participate in the market. The companies are not owned by the state, the state doesn't control the companies.
They wont straight up sibsidize losses to raise the global influence of the companies tech for political influence.
> I truly don't understand why the EU would believe the totally unsubstantiated claims about Huawei or ZTE equipment having better back doors than the Western kit.
Simple: Because the US and EU aren't geopolitical adversaries. And even if there is spying between these two blocks, they still follow somewhat the same goals when it comes to global politics. And neither is threatening to attack Taiwan.
The CCP is the Chinese Government, they are one single thing... since the Chairman of the CCP is the Chinese Premier.
There's ample evidences around. I'm not going to bother...
You can also look at the solar panel market where Chinese companies killed the European producers by lower prices, again thanks to subsidies.
There's a main difference in how Nokia and Ericsson ( and any other companies producing in Europe ) receive subsidies compared to China....In Europe you receive a specific amount for a specific purpose. ( Say a few hundred Million for Ericsson to open a R&D Center in France, a few Billions in Germany for Intel to build a chip factory) while in China you get them just so that your production price is lower than anything produced by the western companies producing the same thing.
The EU is not monolithic, and the response to the US pressure varied between countries. In some Huawei got banned with a rip off date set, in other nothing was done... with all the middle grounds possible. ( for example in France it has been asked to the $TELCO to replace Huawei equipment when they are near sensitive and/or military areas.... they can be put back in the network somewhere else )
The edge Huawei has isn't anything to do with the CCP subsidizing it. The problem for us is that Huawei is privately held -- in their case, "owned by the employees". This makes a huge difference to the capital structure of a company because, simply put, it doesn't have to make those payments to the bank. Many quite viable companies get into trouble, even become bankrupt, not because they're not profitable but because they're not profitable enough. They're often seriously leveraged and they just can't make the debt payments so their competitveness declines as they cut costs and their product mix ages. A closely held company doesn't have to satisfy creditors, provided it makes enough to meet payroll and keep the lights on it can spend as much as it wants on R&D or whatever -- and its got huge flexibility in pricing.
(How do I know this? I worked at a closely held company (in the US) during the 2008 recession. It had zero debt, apart from a revolving line of credit for day to day business expenditure, and it owned its own facilities. Even then the bank tried to call the loan in and liquidate it but the company just switched banks, a nisance but scarcely fatal. It invested in new product development even as its competitors were going broke.)
I'm sure that they'll happily turn themselves to Cisco, right ?
Cisco, a company based in a country that has all the laws required to force it to reveal information to its Goverment.
While being forbidden to reveal publicly that it is doing so.
Yeah, much more secure than Beijing.
FISA court order with gagging, just saying. And do not start me on the whole "greek watergate" (The original - Greek wiretapping case 2004–05, not the 2022 Greek wiretapping scandal) where the NSA tapped the whole government in Greece using the vodafone phone system from the US embassy. To be fair on the US they just spy on everyone, irregardless of friend or foe. They are like a really really creepy uncle.
Cisco doesn't make Mobile network antenna nor the basebands needed for the antennas to work. That's mostly what Huawei was selling in EU.
There's no US companies left that make that kind of products, that's one of the reasons why the US are trying to block the Chinese companies... and is pushing the OpenRAN initiative.
( that way they can regain some level of control through COTS servers from Dell & HPE )
Thus spake Thierry Breton: "...plans to remove kit made by the Chinese telecom vendors from the Commission's internal networks..."
....but what about ripping out all that leaky Cisco kit?
....but what about decommissioning all that NSO software in Cheltenham and elsewhere?
....and then there's the regular metadata feeds (no warrants of course) from every mobile operator to government spooks?
....oh....Palantir and Peter Thiel need to be banned from government service too....
So much for Thierry Breton to worry about....so little time.....and yet Huawei is the only item on the agenda!!!!!!
Can someone with the technical chops to understand this stuff please elaborate on why it appears to be so difficult to definitively demonstrate whether anybody's kit is sending data to an unintended destination?
Or are they all in the employ of the [insert secret government agency name here]?
The issue is not "Are they currently spying on us?" which is easy to check (to a degree, depending on your tools and ability to wade through a shed-load of legitimate traffic) but "Can the CCP force a change to spy or simply bork $COUNTRY network if there is a major trade dispute or conflict?"
That could be via a simple vulnerability as seen with example after example of ransomware or the attacks on Ukrainian comms, etc, or it could be via an update forced by a Chinese company held at gun-point (figuratively or literally) by the CCP.
Now while it is conceivable one of the Scandinavian suppliers could do the same, the historical and current political reality of CCP versus democracy makes that far, far less likely. And yes, most phones are made in China but that is a far more difficult target to sabotage given the diversity of supply and limited degree of OS updated that are even offered even during good times, etc.
And as I’ve explained elsewhere, the answer to the sea-lioning question “just asking” is: No. They can’t eavesdrop. Because due to the basic security architecture, the network elements in question see only encrypted packets, don’t know who they are sending them either to or from, and don’t have any key information.
In fact, ironically, if you wanted to do traffic analysis, you’d be *better* served sitting with a radio sniffer in the public shopping mall, than hacking into one of the Radio Access nodes. Because some of the signal is performed co-operatively between nodes. A single node only passes potentially a fraction of encrypted bits in the datastream
So because there might one day be a possibility of Chinese kit having a backdoor (despite nobody being able to find one or prove anything),
The Europeans would like to go buy all the USA kit which is regularly found out to have back doors in it for the USA government to spy on everyone.
I'm going with it's all a bunch of lies and the real reason is bribes / payoffs / blackmail to help USA based corporations keep selling their dated and overpriced gear.
Concerns about security are not new, and were *built in* to the 5G architecture standard. It’s divided into Core Network elements and Radio Access. All identity, data, voice, and keys are held in the Core Network. Core Network encrypts, and hands just encrypted packets to Radio Access - which is the radio masts you see, and forms the vast majority of network hardware.
Huawei only provide Radio Access. There’s literally nothing in Radio Access that you can’t get by sitting a mile away on a park bench with a $50 sniffer. Back-doors just aren’t needed or relevant.
The only half-valid concern is that a back door could contain a secret kill-switch, providing a denial-of-service attack. But U.K. CESG have had full sight of the internal software, and can’t see any such. But the main point is: these network elements are on a private network *owned and secured by the operator*. This isn’t connected to public internet. To access any kill-switch, you’d have to hack in from outside. In which case, if a nefarious state actor has penetrated into the operator network, sufficient to send commands to the Radio Access nodes….why wouldn’t they just send the *standards-supported Stop Broadcasting System Information command* to cease operation? Independent whether it’s manufactured by Huawei or Nokia?
There’s really no technical case at all here. Pure politics.
these network elements are on a private network *owned and secured by the operator*. This isn’t connected to public internet. To access any kill-switch, you’d have to hack in from outside.
Do the network operators have teams from their suppliers looking after this stuff? Sure it may not be public access, but if your system is auto-patched by the supplier and they are at gun-point its a rather different situation.
There’s literally nothing in Radio Access that you can’t get by sitting a mile away on a park bench with a $50 sniffer.
But if you have remote access you don't need to send agents to sit on hundreds of park benches to sniff the radio traffic. You can look at phone IDs moving and see who works at a given government building, where they go home to, etc. You might not see traffic in plain-text, but you sure can correlate daily life of most of the population, some of whom might be of great interest to you.
No. The radio access nodes don’t see phone IDs. The network security architecture has been defined to prevent traffic analysis.
“Do the network operators have teams from suppliers…”. No, they don’t. Because all the commands/monitoring available are standards-defined, passed along standards-defined interfaces. This isn’t like Cisco routers.
You don’t even need Huawei documentation.
As to “it’s difficult to send agents to cover park benches”, if that’s the concern, that’s a non-issue.
ELINT from orbit is far safer and cheaper. Victim is literally blasting out the data OTA at a radio intensity, such that it can be heard by a cell-phone antenna 1cm size up to 2km away. 1 meter antenna dishes onboard spacecraft at 200km up, have been routine for a decade. But you’d only do that it you had a particular target cell, and for the exact same park-bench reasoning.
If you wanted to export the on-air encrypted datastreams of say, the whole of France, you would be looking at hundreds of terabits of backhaul, never mind “it would be noticed”, more “whos going to pay for that”.
As opposed to your proposal of keeping a hacking team on constant standby, with a separate penetration exploit for the external networks of each of several hundred global operators. And the constant threat of being found out/loophole closed/spy booted out, at the one time when you decide you actually need it. All to access data that is freely broadcast on-air.
GCHQ did not find that either. They found piss-poor software quality, but others seem to be guilty of that as well (just check high score CVE for any major brand...). I suspect the real issue is further updates and what they could carry if the CCP demands it.
Yes, this could largely be stopped for all leading to better global security by having open source software and audited hardware with just the keys secured, but that ain't going to sit well with vendors from any country in the current market.
Most of this kit will need replacing in the next 3-5 years anyway. Anything with a longer lifespan can be put on accelerated depreciation, rather than immediately writing off billions of Euros of working kit 'just in case the bogeyman'.
And since it isn't fair to target just China, simply mandate that strategic kit be made in EU, and then classify telecoms networks as strategic. No point sending billions to the US when you can get the kit from Nokia and Ericsson.
Now, as to where Nokia and Ericsson factories are located....
Does anybody remember the Falklands war? BOTH sides had Exocet missiles. And it seems that the British had not backdoored them.
It makes no sense to give away or sell your security. First the West exported its technology. Now they've woken up to the fact that its security accompanied the technology.
Errr, well I definitely remember the facts of the Falklands War. Yours is an alternate history of stuff that didn’t happen. Are you trying to pick an open sore?
Exocet is made by France. Exocets *do* have kill-codes (not “back doors”). At the time of the Falklands War, we knew the Argentinians were armed with that ship-killer, it was not a secret.Mrs Thatcher personally rang Mitterrand, before the Task Force sailed, to request him to give the British the Exocet kill-codes. He point-blank refused. The French, sorry Argentinians, sank HMS Sheffield with Exocet, a shocking military defeat for Britain with the loss of many lives. Mrs Thatcher then rang Mitterrand again for the kill-codes, and he still refused. As a result, we lost Atlantic Conveyor, with the loss of a further lives.
The tide finally turned when Mrs Thatcher rang Ronald Reagan instead. He ordered his services to give us the French kill-codes, as of course they were thoroughly penetrated. This enabled us to use them to successfully defend the HMS Invincible aircraft carrier against Exocet launches. Of course, we couldn’t admit it publically, so the official story was (and remains) that it was shot down…somewhat implausibly with a naval gun (not even anti-aircraft). The kill-codes given us by the *Americans* were also used to defeat two out of the three Exocets targeted at HMS Glamorgan, although unfortunately one got through.
And you wonder why the U.K. has somewhat “alternate perspective” on US penetration of French security services.
The US bringing this up was an attempt to bolster their own (barely existing) manufacturers. Now that they have such an industry, they want to boost it by getting us all to follow their dodgy lead.
Certainly, do not use stuff made in undemocratic countries but under no circumstances buy from the USA either!
And Britain somehow isn't?
https://www.dannydorling.org/wp-content/files/dannydorling_publication_id1322.pdf
You're even more gerrymandered to favor the right wing nutjobs than the US is.
Not to mention you idiots still have the very definition of undemocratic government, a monarchy. Start by getting rid of your king, then maybe you can join the democracy table. Any method you like, whether that be the French method or just deposing the scumbag royals and seizing all their ill-gotten wealth.
Four words:
Low Latency Wireless Gigabit.
A 5G connection allegedly offers hyperfast Internet connection at very low latencies comparable to fiber-to-the-home.
In practice the hyperfast speeds are only possible on the mmWave bands, and that has it's own can of worms (ie can't penetrate walls and extremely short range). A typical 5G connection can't even hit 400mbps. The only thing it has going for it is the improved latency- better than 4G but still not comparable to FTTH.
But other networking equipment is just as vulnerable to exploits and ability to wreak havoc on our networks. They're claiming that 5G runs self-driving cars and smart cities and is therefore a more critical part of infrastructure. I claim that if the Chinese can block all our internet traffic this could have a much larger economic impact.
This makes me wonder if our politicians really know what they're doing. They leave a hole wide enough to drive a truck through.
This post has been deleted by its author
Company Law of the People's Republic of China (2018 Revision) - Article 19 says:
The Chinese Communist Party may, according to the Constitution of the Chinese Communist Party, establish its branches in companies to carry out activities of the Chinese Communist Party. The company shall provide necessary conditions to facilitate the activities of the Party.
Also, consider reading the book 'Unrestricted Warfare', and take note of who the authors are.
It’s not the first signal, everyone outside the EU realised a decade ago that the EU is “decoupling” from the rest of the world. The word for this is isolationism.
It probably will, in one sense, “stop the de-industrialisation of Europe”, by freezing Europe forever at an instant in time. Come back in 2073, or 2123, and it will all still look like 2023. No better, no worse. The rest of the world just moves on, and forgets, except as a pretty cruise ship destination. Once upon a time, Venice and Amsterdam each used to stand astride the world. Both for the same reason: global mercantile powers. Now, they’re both just very pretty, one for each age-appropriate tourist-group.
Europe is weak and divided. Technically speaking there isn't a "Europe" apart from the continent (and who belongs to the continent is also up for discussion).
China exploits this weakness to the fullest. Did you know, for example, that China is already buying influence in states that are up for EU membership? Since each member state has veto power, it could eventually use these to block whatever isn't in China's interest (a wholesale trade embargo if they invade Taiwan, for example).
What Breton or any EU Commission member says only has limited relevance.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
