Real vs perceived risk
All the major equip. vendors COULD have backdoors in their kit. The question really is, do they have strong affiliation to particular Governments that want to use those backdoors .. and how much do you care when they do?
Auditing software source code probably won't find the backdoors. They could be hidden inside the silicon. All it takes is a hardware trigger to cause the system to load a small piece of external code .. which can then load a bigger bit of code, and so on. Nothing really visible until it starts happening.
So the US is prepared to spend good money to take the suspect kit back out:
http://www.fiercewireless.com/story/report-sprint-could-pay-1b-rip-out-huaweis-kit-clearwires-network/2013-05-23?utm_medium=nl&utm_source=internal
.. Canada, Australia, and now India are also concerned.
Whereas in the UK, of course BT famously awarded their 21CN deal to the big H.
More recently Minister Vince Cable welcomed them with open arms (well actually he welcomed their money).
http://www.insidermedia.com/insider/south-east/76826-huawei-make-2bn-uk-investment
There is now a joint project with GCHQ ..
http://www.h-online.com/security/news/item/Report-Huawei-working-with-GCHQ-to-quell-espionage-fears-1661205.html
That sounds like a dumb move to me.
If I understand this correctly, Shenzen will then know what our people know, and what they don't know.
Biting the hand that feeds IT
