back to article Tell me Huawei: Chinese giant wants to know what made EU label it high security risk

Chinese tech megacorp Huawei is kicking back after EU officials characterized it as a "high-risk supplier," filing an official complaint with the European Commission. The company was hit hard over the past few years by countries such as the UK and several European Union member states effectively putting a ban on Huawei …

  1. Anonymous Coward
    Anonymous Coward

    Just today...

    In a global technology convention, Huawei employee, with sloppily concealed Huawei badge, comes on European equipment vendor booth and takes pictures of all demos.

    People in the industry know that these accusations of unethical behaviour have been common practice for years.

    1. Avon B7

      Re: Just today...

      Why not at least name the convention?

      I doubt a photo taken from a booth is likely to provide any information of use and, by definition, any device on public display would be fair game for photos unless otherwise prohibited with appropriate signage.

      Ethics are irrelevant here but if ethical issues were the order of the day you would end up with everybody in the same bucket for one reason or another.

      What counts are facts, evidence and laws.

      Guidelines are not laws and Huawei's complaint is reasonable.

      Is it reasonable for Spain, for example, to say EU subsidies will only go to trusted ICT suppliers, accept applications for the grants, but hold back on actually publishing the list of trusted vendors?

      Of course not. That's why Huawei and Vodafone have legally challenged the way Spain has acted and Orange fully supports the challenge.

      The UK used similar tactics. Only later was it revealed that someone from the US administration had flown in and literally shouted US demands to Boris Johnson until he conceded.

      The same administration that managed to speak of, cough, 'clean' networks and keep a straight face!

      As for legislation, the Chinese law angle has been debunked by experts. The upshot is that the same goals are achievable, through law, basically everywhere. Often, in the case of the US especially, laws are simply ignored anyway. We know this thanks to Snowden.

      It is also worthwhile remembering that a lot of Huawei businesses are not legally 'Chinese' anyway. All its consumer cloud business is run by Aspiegel Ltd in Ireland.

      1. Anonymous Coward
        Anonymous Coward

        This is oversimplistic.

        This has never been about "fairness". This has always been about balance sheet: the reason why some telcos complain about the EU "trusted" gear preference is because Huawei and ZTE are usually significantly cheaper (sometimes FREE!!!!) and the goal is to have Europe follow the US with a Huawei swap fund that would allow them to modernise their network on the back of EU taxpayers. Let's not fool ourselves here: this is nothing but a horse-trading game. This is not about siding with "bullied" Huawei.

        Orange are notorious for their anti EU-vendor policies: supporting O-RAN "disaggregation", heavily influencing TM-Forum standardisation efforts, and leveraging cheap overseas vendors like HW and ZTE.

        Vodafone are cash-strapped, constantly "restructuring" and losing market share.

        What the US know about Huawei and have subsequently disclosed to UK, Germany, and others is about national security. It is NOT about protecting some hypothetical US equipment vendors: THERE ARE NONE. Therefore, the "protectionist" theory does not hold water.

        It is NOT about "protecting Apple" either: the first accusations of Huawei malpractice were made public in the UK and in the USA as early as 2009 when Huawei had not sold a single smartphone and were just starting to become relevant in the 4G equipment market.

        OTOH, not a single day passes, without finding a new cybersecurity event involving China.

        So, who wants us to believe that Huawei is the only innocent Chinese company, in spite of all its ties to the PLA and the CCP?

        A hard sell, if you want my opinion.

        1. Anonymous Coward
          Anonymous Coward

          Re: This is oversimplistic.

          >OTOH, not a single day passes, without finding a new cybersecurity event involving China.

          Not a single day passes without a cybersecurity event with a US software company.

          Fortunately none of them have links to US government agencies

          1. Anonymous Coward
            Anonymous Coward

            Generative AI according to wumao playbook

            sed -e 's/China/U-S-A/g ; s/USA/China/g ; s/U-S-A/USA/g' previousComment >> myWumaoComment

        2. Avon B7

          Re: This is oversimplistic.

          There most definitely are major US 5G players even if they are 'behind the scenes'. Marvell is a key infrastructure player and Qualcomm holds a decent patent portfolio and influence.

          The Huawei situation from a US perspective has multiple fronts.

          Protectionism is one of those. Losing technological influence is another.

          Is there a single reason that supports banning the sale of Huawei handsets in the US but allowing those from other Chinese brands if the Chinese government supposedly has access to ALL Chinese companies?

          Tim Cook had two private meetings with Trump prior to the US sanctions.

          As for having something to disclose to allies, that is completely groundless. If they had something there would never have been ANY resistance from allies in banning the company. In fact successive US presidents would have loved to have something (anything) to wave around.

          That would have killed Huawei internationally in one foul swoop.

          1. Xalran

            Re: This is oversimplistic.

            Marvell is not a *key infrastructure player*... It's like Qualcomm a semiconductor vendor.

            True they have a package of nice IP tied to 5G and to the silicon they sell, but they are not infrastructure vendors.

            In telecom Key infrastructures players are not many : and are easy to identify :

            - Nokia

            - Ericsson

            - ZTE

            - Huawei

            - Samsung ( mainly for Korea )

            - NEC ( mainly for Japan )

            You can add Cisco & Juniper because nowadays telecoms means IP Transport and that's about it.

            1. Avon B7

              Re: This is oversimplistic.

              No. You are nit picking.

              To be clear, the original wording I replied to was: 'US equipment vendor'.

              You, on the other hand are highlighting 'key infrastructure player'.

              Is there a substantial difference, though?

              Nokia would not be competitive without Marvell and the same can probably be said of Ericsson. Marvell is a key interest here and in fact fully fits the equipment vendor label.

              Not just because of its ICT silicon (one of its business lines) but because it actually does have a 5G infrastructure carrier division too.

              Of the Big Three (two of which, ironically, are minnows) only Huawei bakes it's own silicon (via HiSilicon).

              As for irony, the struggle is painted as a fight for national security, but key EU 5G technologies actually have US Marvell baked silicon sitting at the hearts of their hardware.

              Nothing to worry about?

          2. Anonymous Coward
            Anonymous Coward

            Re: This is oversimplistic.

            FYI, Marvell just laid off their entire mainland China R&D back in March.

            Also, not sure what's the role of Qualcomm in your pro-Chinese piece of advocacy.

            Also, not sure either why you bring up consumer electronic market segment in a debate about 5G infrastructure and backdoor interception.

            Also the innuendo about Tim Cook is irrelevant. This kind of CEO interact with all POTUS's on a regular basis. You're... um,... cooking up your own story here.

            Finally, you probably have ZERO insider knowledge of the Huawei spying activities and your qualifying their disclosure as "groundless" just reveal your bias and therefore your lack of credibility.

            Which is also confirmed by a cursory review of all your comments since you joined early this year.

            1. Avon B7

              Re: This is oversimplistic.

              Groundless is the perfect term and we do not need insider knowledge.

              The US has been trying to destroy Huawei for years now. It has focused the bulk of technology foreign policy on stopping China by choking Huawei.

              Those words 'destroy' and 'choke' are not mine. They were spoken by high ranking members of the US administration.

              Over a decade ago during the original batch of court cases the US government spread a net so wide that it caught a company up in the legal process simply because it had 'Huawei' in its name.

              The FBI have tried sting operations. The US (extraterritorially) got Huawei's CFO put under house arrest for years. They even went so far as re-opening previously settled civil cases just to have 'something' to get their teeth into.

              The Germans asked for a smoking gun. The US replied that one wasn't needed. The risk was enough to go on. One German minister ironically fired back (pun intended) that if risk was a sole indicator the US should tread carefully.

              The UK looked deep into Huawei's gear and found nothing national security related and gave Huawei the OK.

              The UK actually pushed back against Trump.

              Believe me. If the US actually had something, ANYTHING, it would have at least shown it to its allies privately. Is there a bigger ally than the 'special' UK?

              It obviously didn't have anything and that is why the UK initially pushed back. Later the US had to bully its desires onto to the UK.

              As for the Huawei handset business in the US. That is directly tied to the ICT and national security aspects and entirely valid.

              In 2017 Huawei was due to announce a nationwide tie up with AT&T for them to carry the Mate 10. That deal was scuppered at the last minute via arm twisting from the US government.

              Huawei had spent a full year tuning the Kirin970 to AT&T infrastructure.

              AT&T was a major Huawei partner in Mexico at the time.

              How many private interviews has Tim Cook had with US presidents?

              1. Anonymous Coward
                Anonymous Coward

                Yet another piece of pro-Chinese advocacy.

                You're definitely spreading a lot of disinformation.

                Your claim are outlandish.

                How can you for instance claim "The UK looked deep into Huawei's gear and found nothing national security related and gave Huawei the OK."

                THIS IS A BLATANT LIE

                From: https://fortune.com/2019/02/04/huawei-security-threat-uk-warning/

                "A 2013 report by the U.K. Ministry of Defense describes the possibility that China could steal intellectual property, spy on citizens, and even install off-switches in critical systems by using state-bankrolled commercial activities to win contracts to build infrastructure. A leading British security expert now tells The Times that the report was “wholly ignored.”

                >>> Believe me. If the US actually had something, ANYTHING, it would have at least shown it to its allies privately. Is there a bigger ally than the 'special' UK?

                They did precisely that.

                About the Huawei CFO,Meng Wanzhou, this has to do with violating US law by conspiring to defraud US Banks and ship equipment to Iran.

                The US DID PROVIDE THE SMOKING GUN to Germany

                https://www.politico.eu/article/us-handed-berlin-smoking-gun-report/

                https://www.handelsblatt.com/politik/deutschland/5g-debatte-smoking-gun-streit-um-beweise-gegen-huawei/25484764.html

                "U.S. intelligence officials handed the German government evidence that telecom equipment maker Huawei has worked with Chinese security agencies in the past, local newspaper Handelsblatt reported Wednesday. [29th of January 2020]"

                Just the day before UK banned all Huawei Core network.

                WHY ARE YOU LYING?

                1. Avon B7

                  Re: Yet another piece of pro-Chinese advocacy.

                  A China advocate? No.

                  "BLATANT LIES"? Much less.

                  "Outlandish"? To you, that's clear.

                  Someone who has actually followed Huawei for years and has a pretty good knowledge base as a result? Yes.

                  So, you had to go back to a 2013 report which speaks about another report that speaks of 'possibilities'?

                  How many others did you find along the way?

                  And in the following years and through continuous security reviews by carriers and the National Cyber Security Council? What popped up (save for a report on sloppy coding, which Huawei said it would address through a $2 billion investment)?

                  What could you fish out? Very little of any substance, right?

                  Worth noting is that the NCSC also pointed out that it could not know the state of code from competing vendors as they were not subject to the same levels of inspection or controls.

                  Strange, seeing as they contain US designed silicon which is made in China.

                  Not worth peeking into?

                  This was stated:

                  "Firstly, in terms of competitors, it’s worth remembering that Huawei openly shows its code to GCHQ [UK government intelligence and security organisation]. Others do not. As there isn’t similar transparency regarding the software and hardware of Huawei’s competitors, it’s impossible to know the overall rate of defects in their computer systems."

                  ...

                  ... UK telecoms networks “are secure, regardless of the vendors used"

                  https://www.raconteur.net/global-business/huawei-5g-competition

                  'The smoking gun'

                  Once again. Allegations. Yet again, a report says another report says...

                  Will you now throw in the African Union, LeMonde story just for good measure?

                  Come on! The very article you linked to said this:

                  "A spokesperson for Huawei said it “welcomes genuine scrutiny based on facts, not on unsubstantiated allegations. We have been hearing allegations about so called smoking guns for decades. Facts speak louder than words.”

                  What did Germany do with 'the smoking gun'?

                  "About the Huawei CFO, Meng Wanzhou, this has to do with violating US law by conspiring to defraud US Banks and ship equipment to Iran."

                  When you say 'US law', are you referring to the extraterritorial 'sanctions' that the US imposes on sovereign nations? Because when when HSBC got caught breaking those, it got a fine. Its CFO wasn't put under house arrest on foreign soil for years. And while we are at it. The case on Meng Wanzhou was getting shakier by the minute as key witnesses suddenly 'forgot' what actually happened on the day of her detention. Strange, as usual practice is to go through a debriefing process, cross all the 'Ts' and dot all the 'Is' and formulate reports, you know, just in case! And this was a major geopolitical storm in the making but no one bothered to do the groundwork, pre or post?

                  And worst of all, the fact that the US deliberately held back slides from the now infamous PowerPoint which would have shown that it already had some key information. It selectively omitted multiple critical statements made by Meng during her presentation.

                  It tried, tooth and nail, to get those slides kept out of the extradition case.

                  HSBC was aware of Huawei's dealings with Skycom. We know this. That much was admitted officially but they tried to claim only 'junior staff' were aware of those facts. Hard to believe seeing that Huawei was one of its major clients and at the end of the day, 'compliance' responsibilities fall on HSBC too.

                  My points stand in spite of your accusations and footstamping.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: Yet another piece of pro-Chinese advocacy.

                    You claimed, today in 2023, that the USA "told Germany there was no need for providing the 'smoking gun'".

                    Yet the did provide their information on 29/02/2020. More than 3 years ago.

                    You should know that.

                    So, you LIED, end of story.

                    In 2023, trying to exonerate Huawei of any spying accusations, is as ludicrous and hopeless as claiming the Earth is flat.

                    There are ample evidence of the former and the latter.

                    You may carry on dis-informing, because of free speech. Because, precisely. we are NOT in China. It's silly but you may. It's your choice.

                    1. Avon B7

                      Re: Yet another piece of pro-Chinese advocacy.

                      Haven't we been through this point already?

                      If a smoking gun had existed three years ago, all the drawbridges of Europe would have been raised and moats filled by now.

                      The US would still be on a world tour of every ally to beat its chest and tell everyone 'we told you!'

                      Huawei would be basically dead.

                      All you yourself can point to are allegations.

                      But, hey, sometimes allegations are all you need.

                      https://apac.news/turnbull-says-no-huawei-smoking-gun/

                      Take note of full disclosure at the end of that piece. Not that it affects the reported content, which is straight from the horse's mouth.

                      1. Anonymous Coward
                        Anonymous Coward

                        Re: Yet another piece of pro-Chinese advocacy.

                        >>> If a smoking gun had existed three years ago, all the drawbridges of Europe would have been raised and moats filled by now.

                        Hilarious:

                        If I'm a thief I should be in prison. Since I'm not in prison, I'm not a thief. So stop investigating me for stealing.

                        A good one. I'll keep it.

    2. garwhale

      Re: Just today...

      So? Do you imagine that European and US companies do not do the same? Any equipment at conventions is not secret.

      1. Anonymous Coward
        Anonymous Coward

        Re: Just today...

        > So? Do you imagine that European and US companies do not do the same? Any equipment at conventions is not secret.

        I'm employed by one of them and we absolutely don't go on competition booth and take pictures of the demos. This is a big NO-NO. Employees believing they "help" with such contributions would be severely reprimanded. Not sure who is your employer, but, if they are from the free world, I doubt they instruct you or your colleagues to engage into this kind of stunt.

        Yes we constantly study the competition strong points and then strive to equal or surpass what we perceive as the competition advances.

        But overall, we seek to differentiate and address (and precede) our installed base needs and future requirements. This is sound competition. This is how our capitalist Western Free World has become and is staying relevant. By actively engaging into sound, healthy, constructive, fair play emulation and differentiation.

        What we do not do is spy on the competition demos, in order to replicate these demos the year after.

        If only because this is a very small world. The company you would spy on today is possibly your employer of tomorrow. This kind of malpractice could NEVER be kept secret for long.

        When we do so-called "competitive intelligence", this is ONLY by leveraging publicly available information, freely disclosed by the competition themselves.

        So, rest you case and carry on watching James Bond and Mission Impossible movies. The real world is different from the fiction.

        1. Avon B7

          Re: Just today...

          The convention wasn't named. That would have provided important background information.

          Take a walk around MWC Barcelona and you will see cameras literally everywhere from press, visitors and interested parties.

          The objects on display are there precisely to be seen. This year, and due to geopolitical tensions, Huawei taped over the names of chip suppliers on some of the boards on display but you could take all the photos you wanted.

          In these scenarios 'for your eyes only' equipment is kept in reserved areas of stands with appropriate security.

          Every player obtains hardware from competitors and literally takes it apart. That is part of the business.

          1. Anonymous Coward
            Anonymous Coward

            Re: Just today...

            Of course the equipment is stored at night in a secure place. This is not specific to the telecom industry. It's meant to prevent theft, more than spying. Not a valid argument here.

            The fact that folks go about with their smartphone is perfectly OK if they are interested in the business and during the course of a business discussion, say, to keep a trace of some interesting slides.

            What I witnessed is different: and it happened again today. Some random Chinese dude not talking to anyone, spending 10 seconds in front of one demo, taking a lot of snaps, then going to the next and doing it again. Till the security asked them to show their badge, at which point they just leave the booth without even trying to argue.

            So, please, stop conflating things. There is taking pictures for work and there is taking picture for espionage. It's easy to tell them apart. And China is well known for this kind of problem, across all verticals.

            1. Avon B7

              Re: Just today...

              No one should even get into a booth without showing a badge. If they do, there will be very little need for secrecy anyway.

              Any Chinese dude snapping photos for 10 seconds and moving on is probably just a Chinese guy snapping photos.

              In any company, no restricted access device, prototype or technology demo will ever be on show. It will be in a back room of the booth and no one without invitation will ever get near it.

              1. Anonymous Coward
                Anonymous Coward

                Re: Just today...

                How best can you confess not being part of the trade...

                Demos are as close as possible to the alleys, so that visitors are attracted and can be engaged.

                Last day of the show, yet another Chinese guys came and took some snaps, just before closure.

                This one, with no visible badge, when asked, admitted being from Huawei and offered to delete the pictures he had just taken.

                It's a cultural issue.

                1. Avon B7

                  Re: Just today...

                  Not part of the trade?

                  You haven't really named the trade or convention so I don't really know what you are talking about but let's take MWC Barcelona as an example.

                  First off, yes there are 'alleys' but companies like Huawei have booths with accredited entry. They don't need to 'attract' anyone. You enter because you want to enter, even if it's just for the hospitality area.

                  If there is anything 'for your eyes only' (normally pre-arranged in the first place) you will be escorted off the floor and up onto the second level.

                  Last year Huawei's stand was the largest in the history of MWC Barcelona.

                  I can confirm that next year's stand will be equally big. Gigantic. Almost its own fair within the fair. Floor space cost will be around 12 million euros (not including the stand construction itself).

                  Yes, if you want to attract someone to your stand you absolutely have to put your star attraction in a visible high traffic location. Expect people to take photos. If you don't want them to, put signage in place.

                  Anything else that is not for general public access should not be publicly visible but in a reserved area of the stand.

                  You are frankly presenting an absurd case. If it's a 'cultural thing', that uncredited employee would never have admitted to being from Huawei, right?

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: Just today...

                    >>> I can confirm that next year's stand will be equally big. Gigantic. Almost its own fair within the fair. Floor space cost will be around 12 million euros (not including the stand construction itself).

                    So, you already have all this insider info about Huawei's MWC 2024 booth (size, cost, etc.) in 6 month time but you're "not a Huawei employee" and "have no relation with the company"... Right. Case closed.

                    1. Avon B7

                      Re: Just today...

                      If I really were a Huawei employee, I would 'out' myself 'by accident' in the same thread where I confirmed I am not a Huawei employee.

                      OK. Whatever.

                      If you fail to see how absurd that is there is little I can do about that.

                      I said I know a lot about Huawei. That information is publicly available.

                      1. Anonymous Coward
                        Anonymous Coward

                        Re: Just today...

                        >>> "That information is publicly available."

                        Post the link (Internet or extranet only).

                        >>> "I said I know a lot about Huawei."

                        How come?

                        How come all your comments, since you joined back in April, are exclusively in defense of Huawei?

  2. Anonymous Coward
    Anonymous Coward

    They keep thundering about the lack of backdoors

    When, in reality, that is not the threat the restrictions are intended to counter.

    Chinese companies that are state controlled and are required to participate in state espionage are unreliable partners and an unreliable foundation, not because they have already been caught tampering with the world telecommunications system, but because of the leverage and control that position could leverage. Because with a couple of phone calls, any firmware update could go from clean to poison overnight, and the details on subtle flaws can be handed over without losing deniability as quickly as getting caught with an obvious backdoor.

    While it's also fair that they don't trust Cisco for the same reasons, and can happily cite the many cases where the us gov intercepted outbound shipments and loaded them up with spyware before sending it along overseas, that isn't a reason for us to trust them. It just is the unfortunate reality of modern day China. They can doublethink as hard as they want and try to play the part of the victim, the rest of the world knows they are a totalitarian state on the wrong side of a genocide, and are chomping at the bit to start invading their neighbors. And that they are extensively using the tech from these companies as a tool to extend and enforce that control both internally and externally.

    Much like we saw in Hong Kong, even if the people in charge had no plans to participate in Xi's expansionist and totalitarian agenda, new people can be put in charge at Huawei or ZTE as soon as it suits the Chinese leadership. You either tow the line or get sent to a reeducation camp. So the only choice is to not put those companies in a position where their inevitable compromise can be used as leverage or a weapon against the rest of the world.

    1. DS999 Silver badge

      Re: They keep thundering about the lack of backdoors

      Its not the backdoors that are in the code today, it is the state power that could force them to install backdoors in a future update even if none exist today. That's obviously not limited to just China, but the more power a state has the more they are able to force something like that and keep those in the know quiet. So China is clearly a much bigger risk than they were 10-15 years ago as Xi has consolidated state power over corporations that had been on a long term trend of loosening before he arrived.

      1. Anonymous Coward
        Anonymous Coward

        Re: They keep thundering about the lack of backdoors

        Like the NSA did with Cisco?

  3. sarusa Silver badge
    Devil

    I guess they can't just say the real reason...

    Which is that Huawei is (by Chinese law) an arm of the Chinese government, and has large cells of the CCP embedded in it. It /is/ the CCP.

    Of course you can point to similar situations elsewhere, like how AT&T is the US govt's eager bitch - but in the EU's case (and elsewhere), an aggressive and hostile China is an actual threat. If Xi tells Huawei to take down all their comms, today, they will. And even without something so obvious, there's still China's 50+ years of large scale military and industrial espionage - their moon lander, done with the best ESA and NASA tech, demonstrates it's still working very well. You can't trust your communications to Huawei.

    1. Yet Another Anonymous coward Silver badge

      Re: I guess they can't just say the real reason...

      How unlike the home life of our own Home Secretary

    2. Avon B7

      Re: I guess they can't just say the real reason...

      Huawei can take down all their comms on their side, just like every other player.

      ICT is an international, standards based collection of communications technologies.

      Once delivered to carriers, Huawei has no control of the network from a carrier perspective. Carriers, in the case of Huawei, can have access to the source code (under Huawei supervision). There is no 'kill switch' in the science fiction context because comms do not belong to any single company.

      Yes, Huawei manages hundreds of thousands of undersea cabling, routing comms around the world. Cloud services are growing too. That could be shut down or sabotaged. The same applies to every other provider and the system has been in place for decades without issue.

      1. Anonymous Coward
        Anonymous Coward

        Re: I guess they can't just say the real reason...

        This is so MISINFORMED.

        Huawei very often also sell MANAGED SERVICES of their own gear. In other words, they run the operations of the network, on behalf of their customers (also because their doc is subpar).

        This happened in the MOST IMPORTANT UK telecom operators.

        Huawei have maintenance access from their corporate networks to most if not all their gear. This might be on a punctual, on-demand basis, or on a permanent basis. Depending on the frequency of operational needs.

        You don't seem to be aware of how the business is run nowadays. Scores of "expensive" UK resources have been laid off because Huawei have made offers that UK telcos could not refuse. And it's not only in the UK of course.

        1. Avon B7

          Re: I guess they can't just say the real reason...

          Nothing gets done without the carrier knowing.

          That was basically the entire story about the now infamous Bloomberg Vodafone Italy story (or non-story)

          Carrier don't just hand over control and pray.

          1. Anonymous Coward
            Anonymous Coward

            Re: I guess they can't just say the real reason...

            >>> Nothing gets done without the carrier knowing.

            LIES AGAIN. Do you understand what Managed Services mean?

            It means that YOUR OPERATIONS ARE OFF-SHORE. IN ANOTHER COUNTRY.

            What else do you want to argue?

            Another well known example.

            There are tens of high profile cases involving China, that made it to the press

            In January 2018, French newspaper Le Monde Afrique reported that the AU’s computer system was compromised. The newspaper, citing multiple sources, said that for five years, between the hours of midnight and 0200, data from the AU’s servers was transferred more than 8,000km away - to servers in Shanghai. This had allegedly continued for 1,825 days in a row. Le Monde Afrique reported that it had come to light in 2017, when a conscientious scientist working for the AU recorded an unusually high amount of computer activity on its servers during hours when the offices would have been deserted. Le Monde Afrique also reported that microphones and listening devices had been discovered in the walls and desks of the building, following a sweep for bugs.

            1. Avon B7

              Re: I guess they can't just say the real reason...

              You seem to be unaware that managed services involves the transfer of employees from the company contracting the service to the company providing the service.

              The AU claims were simply allegations and never substantiated and I believe the contract with Huawei was even renewed.

              1. Anonymous Coward
                Anonymous Coward

                Re: I guess they can't just say the real reason...

                >>> You seem to be unaware that managed services involves the transfer of employees from the company contracting the service to the company providing the service.

                This is not a rule. This only happens when the managed services involve platforms already operated by the telco.

                When, instead, Huawei sell their packet core bundled together with Managed Services, they already have the technical knowledge, there is very little reason to also take over the telco's employees.

                The only reason to do so, would be political, so that the telco does not have to fire their own employees.

                When Managed Services is offshore (hybrid so-called right shore, then operations are run from China.

                Are you claiming that UK employees have to transfer to Shenzhen??? Ludicrous of course.

                So bad argument, and unclear point.

                tl;dr: when Huawei sell their managed services OFF-SHORE, then the data of the managed network has all chances to be transferred to China. FACT.

                Deny if you want. That's how the industry works.

                1. Avon B7

                  Re: I guess they can't just say the real reason...

                  Any data transfer would be known about.

                  If transfer is part of the deal, it would be in compliance with local legislation and, of late especially, in line with best practice guidelines laid down by government institutions. They include security, hardening, logging and audit. Most likely, data transfer to a different jurisdiction of that of the carrier would not be permitted for data protection reasons although in some cases, certain types of data are transfered.

                  Incident response and recovery absolutely requires local access to (preferably air gapped) hard copies of data in the case of the network becoming unavailable. Obviously it has to be up-to-date. Resilience to MFA exploits is also becoming a key concern.

                  You should detail some of the cases you mentioned. I wonder if they had contractual failings.

                  Employee transfer does NOT require relocation to China.

                  Often, if the managed services change hands, personnel currently running them can be transferred as part of the deal.

                  If Ericsson loses a managed services contract to Huawei for example, it would not be unusual for the new deal see Ericsson employees transferred to Huawei. It is not 'political'.

                  Under no circumstances does the carrier relinquish ultimate control or supervision of its networks.

                  Can things go wrong? They can go wrong in any scenario. Not just with managed services. New technologies require new protections and not only technical but from new legislation. 'Everything as a service' is picking up pace and will probably be where the industry is headed with more and more cloud or intercloud solutions coming to market.

                  The sheer amount of data that needs managing and the speed with which it is moved around demands new ways of dealing with it.

                  Carriers are becoming more than carriers in the traditional sense. Private 5G networks are now popping up in some scenarios, IoT is coming of age. The network itself is becoming the 'sensor' in some industries.

                  Huawei claims that in almost 30 years of operation it has not seen a single major breach in its operations around the globe. There will always be a first time but trying to argue that they would actively participate in trying to make one itself is frankly, nuts. It would be the end of the company outside China, and rightly so.

                  WHY would it do anything that would lead to its death?

                  Something catastrophic could happen anywhere and to any company. A few years ago there were rumours of a 'bug' at Google that could have potentially been exploited and used to delete a huge amount of YouTube content. A bug.

                  Network resilience from an ICT perspective is built into the design. It is important not to lose track of that.

                  True loss of network communications is most likely to be caused in a major war scenario and in that case we already know that undersea cabling will be targeted along with satellite operations and surgical strikes on data centers. Of course, in a major war scenario of that kind there will be a lot more to worry about than networks and carriers.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: I guess they can't just say the real reason...

                    All that ridiculous gibberish of yours assumes Huawei follows the rules.

                    That's the problem: they don't. How do you enforce the rules when the rule enforcer is in charged of managing your operations. Simple answer: you can't!

                    The whole point of managed services is to cut costs. This is mainly achieved through the use of cheap human resources. In this case mostly in China.

                    For them to be able to work, they need network access to the equipment. Even if it were through terminal emulator only (it's not), you can still transfer data.

                    So, that's it: case closed.

                    Some well known UK and German operators had their operations performed by Huawei.

                    Hence the heads up from the US.

                    1. Avon B7

                      Re: I guess they can't just say the real reason...

                      Yet you cannot name a single case where what you are suggesting, actually happened.

                      Huawei follows the rules. It has contracts to comply with. Its activity is independently audited. Carriers know what is hoping down with traffic.

                      There is no way on earth that the company would even risk what you are proposing.

                      Please provide information of any case because it would be like the Titanic hitting the iceberg.

                      30 years. Now in 170 countries. According to Huawei not a single major breach.

                      1. Anonymous Coward
                        Anonymous Coward

                        Re: I guess they can't just say the real reason...

                        We're not talking about breaches. But espionage.

                        And I haven't got a clue why you're citing Huawei to exonerate Huawei themselves. What's the credibility of that!?!?!?!

                        The examples of Huawei managed services in UK are public and in the press.

                        For instance in 2012, Huawei got Managed services for the core networks of Telefonica O2 and Hutchinson 3G.

                        Another well know case is that of KPN in Netherlands. The Dutch counter intelligence (AIVD) warned KPN as early as 2009. Then, in 2010, KPN mandated Capgemini for an assessment. Conclusion of still confidential Capgemini report was that calls between then prime minister, Jan Peter Balkenende, and Chinese dissidents, had probably been monitored.

                        1. Avon B7

                          Re: I guess they can't just say the real reason...

                          And so the circle finally closes with yet more allegations.

                          Par for the course.

                          I'm talking about Huawei because I know a bit about Huawei. That's it.

                          I could talk about a major UK ICT company (now defunct) because I did have access to certain details of possible interest here but I'm not going to do that for logical reasons.

                          That isn't the case with Huawei because I do not have a working relationship with them.

                          And you are digging up ancient history from 2009-2012.

                          Nothing evidence based whatsoever.

                          Am I surprised?

                          Not really, because from 2012 to 2019 (and even beyond) Huawei blazed a trail and had the complete trust of the major carriers. It opened up its code for inspection in various countries. It offered to licence its ENTIRE 5G stack to a US competitor or consortium. The whole thing. That offer was turned down.

                          None of that would have happened if it was dragging known cases of evidence based espionage behind it.

                          As I've said many times. This is simple.

                          The second someone is able to demonstrate that Huawei (or any ICT company) has extracted data for espionage it will effectively be a dead company. That should be easy to understand.

                          Why risk killing your multi billion dollar business?

                          You might not like to hear Huawei claim it hasn't suffered a major ICT in decades but until you (or anybody) actually put something on the table, their claim will stand.

                          Arguably Huawei is the most scrutinised ICT company (and by far) on the planet.

                          And, ironically, it is investing huge amounts into network/data security as more carriers open up to 'Everything as a Service' and cloud/intercloud systems.

                          1. Anonymous Coward
                            Anonymous Coward

                            Re: I guess they can't just say the real reason...

                            >>> "And so the circle finally closes with yet more allegations."

                            Funny guy...

                            Asking for some precise details and then, when I list them, you complain about "more allegations". Bad faith.

                            >>> "That isn't the case with Huawei because I do not have a working relationship with them."

                            LOL. Your impassioned defense of Huawei as the sole innocent Chinese company, your insider knowledge, your posting timezone patterns... no comment.

                            >>> And you are digging up ancient history from 2009-2012."

                            That's when suspicions were first made public by some Western counter intelligence agencies. That's also when Huawei started becoming relevant with the advent of 4G.

                            Investigators don't get to choose dates of crimes, they just report them.

                            >>> "The second someone is able to demonstrate that Huawei (or any ICT company) has extracted data for espionage it will effectively be a dead company. That should be easy to understand."

                            And we understand. And that's exactly what is happening now. And what you seem to be trying to avert through your comments.

                            Are you saying that criminals don't commit crime because they understand that they can end up in jail? Well then, I have news for you: that does not seem to work all the time. There are still criminals. Some in jail, some at large. It's like an osmosis equilibrium. So what's your point again?

                            1. Avon B7

                              Re: I guess they can't just say the real reason...

                              With the circle closed you now post a comment completely void of substance.

                              Criminals are in the business of crime. In the case you are presenting that would be crime for economic benefit.

                              They run the risk of prison or fines.

                              If you are already in a dominant position, already profitable, you do not risk the lifeblood of the business by sending a message to your entire client base that you are untrustworthy in an industry where trust and compliance are key.

                              No company will be free of accusations of 'foul play' at times and some of those claims will be valid. Negotiating tactics, abuse of dominant position etc. Some of those accusations may actually be proven true through evidence, too.

                              In the case of IP related court cases I believe Apple has had more cases on the table than Huawei but that is normal business. You will always be dragged into a dispute somewhere along the way.

                              What you are claiming (without a shred of evidence) is something completely different and does not change my question.

                              WHY would a company risk its existence by spying on its clients userbases?

                              You haven't answered that.

                              Let's ask the next logical question. Spying for who? The Chinese government?

                              That would be absurd.

                              Nation states with technology resources don't actually need to work with the assistance of any particular 'local' telco to reach their goals.

                              They simply try to infiltrate ANY player with viable infiltration vectors.

                              Do you doubt this?

                              The age of the cases you mentioned is worth highlighting because not only were the claims not proven but Huawei went on to dominate the industry through gaining the trust of its customers. No amount of discounting could justify using an ICT infrastructure provider which had known, evidence based, espionage claims on its back.

                              Ironically, that could constitute criminal behaviour by the carrier.

                              1. Anonymous Coward
                                Anonymous Coward

                                Re: I guess they can't just say the real reason...

                                >>> "Let's ask the next logical question. Spying for who? The Chinese government? That would be absurd."

                                No less absurd than the Chinese law that requires all Chinese companies to do so. What a surprise!

                                Some cases of eavesdropping have involved Chinese dissidents abroad.

                                You can't seem to stop that recurring ludicrous defense system along the lines of "Huawei would not do that because that would have serious consequences for them".

                                So how many millions of dollars for the MWC 2024 booth again? Oh yes. You're "not related to Huawei". I remember now :-).

    3. Avon B7

      Re: I guess they can't just say the real reason...

      Huawei has over 200,000 employees. It would be mission impossible to PV all of them.

      I've actually been interviewed for a PV candidate position at GCHQ so I know the complexities and logistics of the task.

      It is likely that some people do get embedded but not only from the CCP. From US interests too. And from other countries.

      Any industry deemed strategic will have to managed the same problems be they Nokia, Ericsson, Huawei, Samsung, Qualcomm etc.

      At the same time, internal processes within those companies will try to pick up on unusual activity by employees and root them out if possible.

      I've seen Google's caged servers in critical infrastructure data centers, which also provide housing services to the big carriers (whose servers were not protected from rogue employees).

      Huawei deals with over a million external intrusion attempts on its systems a day. It is a prized target.

      The data center I just mentioned would send out security teams about 12 times a week to investigate potential illicit activity off site.

      Famously Operation Shotgiant actually worked for a time.

      Yes, Huawei code (from many years ago) was deemed 'sloppy' in some areas.

      We cannot compare that code to its rivals because they are not as transparent as Huawei.

      Fast forward to the modern day world and we see that Huawei is showing signs of having put security right at the top of the list.

      With 5G, security was never an afterthought though. Especially with the rise of IoT in networked devices.

      Huawei put its HarmonyOS kernel up for security certification but the results were not newsworthy at many sites that, ironically, were pushing all the allegations about Huawei's threat potential.

      This was the result:

      https://itbrief.co.uk/story/huawei-obtains-security-certification-for-smart-device-oss

      1. Anonymous Coward
        Anonymous Coward

        Re: I guess they can't just say the real reason...

        Are you a Huawei employee?

        If you are, please be forthright about it.

        1. Avon B7

          Re: I guess they can't just say the real reason...

          No. I am not a Huawei employee, nor have I been one previously. I have no connection with the company.

          1. Anonymous Coward
            Anonymous Coward

            Re: I guess they can't just say the real reason...

            Your replies timestamp indicate your start of day around 6 to 7h before Europe CET.

  4. Fruit and Nutcase Silver badge
    Coat

    Cuddly Mascot

    Huawei could do with a bit of positive PR - how about adopting a well known character as a company mascot/brand ambassador - perhaps they could come to a licencing arrangement with the Disney corporation for the use of Winnie the Pooh

  5. deevee

    High Risk, because it doesn't have the backdoors the US gear does to allow spy agencies to spy on users worldwide....

  6. Anonymous Coward
    Anonymous Coward

    ARTICLE SAYS

    But as we have pointed out before, Article 7 of China's National Intelligence Law requires its citizens and organizations to function as covert operatives of the state if ordered to, which means that as far as many nations are concerned, the potential threat is there.

    YES. AND EUROPEAN PRODUCTS CAN EMIT HARMFUL Radioactive materials that emit alpha and beta particles are most harmful when swallowed, inhaled, absorbed, or injected.

    There is no evidence that EU Products are radioactive

    BUT THEY CAN BE

    Therefore China should ban EU products

    1. Anonymous Coward
      Anonymous Coward

      Don't forget about the Apple iPhones that are by design frying the brains of toddlers...

  7. Nasu

    Kishore Mahbubani,

    Singapore's former representative to the United Nations, said he had been told by a "very distinguished British citizen" that the UK had been investigating Huawei.

    A clip from the speech, taken at a forum hosted by the German think tank the Konrad Adeneur Siftung in November last year, was published on the social media accounts of China's state broadcaster CCTV on Saturday.

    Mahbubani said that in January 2020 he was told: "We have planted our people in Huawei. We have scrubbed everything. Huawei is not a threat to us."

    Mahbubani, who is now a distinguished fellow at the National University of Singapore's Asia Research Institute, has previously described the decision to put Huawei on the US entity list as a "geopolitical decision"

  8. Anonymous Coward
    Anonymous Coward

    Jan 13, 2022

    A former senior minister of the British government has said that the decision to ban 5G equipment and services from Chinese telecom giant Huawei was a result of "pressure" from the US and "had nothing to do with national security."

    UK's former business and industry minister Sir Vince Cable, who served as secretary of state for business, innovation and skills from 2010 to 2015 in the coalition government led by David Cameron, said that the UK banned Huawei "because the Americans told us we should do it".

    1. Anonymous Coward
      Anonymous Coward

      FAKE NEWS

      https://www.bbc.co.uk/news/technology-54370574

      "Huawei has failed to adequately tackle security flaws in equipment used in the UK's telecoms networks despite previous complaints, an official report says.

      It also flagged that a vulnerability "of national significance" had occurred in 2019 but been fixed before it could be exploited. The assessment was given by an oversight board, chaired by a member of the cyber-spy agency GCHQ. It could influence other nations weighing up use of Huawei's kit. The report said that GCHQ's National Cyber Security Centre (NCSC) had seen no evidence that Huawei had made a significant shift in its approach to the matter."

      1. Anonymous Coward
        Anonymous Coward

        Re: FAKE NEWS

        Should we stop using Cisco equipment because of the security flaws?

        How many are listed on each Tuesday Patch day?

        1. Anonymous Coward
          Anonymous Coward

          Re: FAKE NEWS

          Are you willfully conflating unintentional vulnerabilities with deliberate espionage back doors?

          That's a bit gross. No?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like