Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
China Security Hardware

The Chinese Telecom That Spooks the World 153

Posted by samzenpus from the trust-us dept.
wrekkuh writes "The Economist has printed an interesting look at the concerns and speculations of the fast-growing Chinese telecom giant Huawei, and its spread into western markets. Of particular concern is Huawei's state funding, and the company's founder, Ren Zhengfei, who once served as an engineer in the People's Liberation Army (PLA). However, another article from The Economist goes into greater detail about the steps Huawei has taken to mitigate some of these concerns in England — including co-operating with the GCHQ in Britain, the UK's signals-intelligence agency, to ensure equipment built by Huawei is not back-doored."
This discussion has been archived. No new comments can be posted.

The Chinese Telecom That Spooks the World More

The Chinese Telecom That Spooks the World

Comments Filter:

  • That's the particular concern? (Score:4, Informative)

    by pathological liar ( 659969 ) on Sunday August 05, 2012 @04:55PM (#40888785)

    Not that they're total shit from a security POV? [phenoelit.org] (warning: pdf)

  • They don't need back doors! (Score:5, Informative)

    by Anonymous Coward on Sunday August 05, 2012 @05:29PM (#40889025)

    I normally don't post anonymously but my employer deals with Huawei.

    According to Recurity Labs they don't need a back door when the front door is locked with a piece of masking tape that says in faded yellow ink "Do not enter". Huawei's security is a joke. Their software is riddled with buffer overflows, including buffers allocated on the stack making hacking their stuff trivial. Huawei has virtually zero security. Much of their stuff runs on VxWorks which is quite insecure. (I spent many years writing software for VxWorks). All you have to do is get to the T-shell and you're basically god. In the T-shell you can look at and modify variables and memory and call C functions directly, passing whatever arguments you want.

    Even without the T-shell it looks like it's easy to get to the shell with full admin privileges on Huawei's boxes. See their DEFCON presentation at: http://www.phenoelit.org/stuff/Huawei_DEFCON_XX.pdf [phenoelit.org]

    If you value security, stay far away from Huawei. Their stuff is cheap but you get what you pay for. I guess it's good for the US that Huawei is mostly used in the Middle East and Asia. It makes life easy for the NSA.

  • Not just the US (Score:2, Informative)

    by Anonymous Coward on Sunday August 05, 2012 @05:38PM (#40889083)

    post WW2, the UK sold enigma-based encryption machines to Empire/Commonwealth countries. Of course, they didn't tell the recipients that the UK could crack enigma encryption with ease.... Its why the wartime decoding of enigma remained a state secret until the early 70s, when even the most poverty-stricken Commonwealth countries had moved onto something a bit more sophisticated!

    Its important to know what both "friends" and enemies are saying about you!

  • Re:This testing is useless... (Score:5, Informative)

    by arkhan_jg ( 618674 ) on Sunday August 05, 2012 @06:57PM (#40889581)

    GCHQ is hardly a security watchdog - the closest US equivalent would be the NSA.

    They're the signals intercept and codebreaker agency of the UK government. One presumes they know their shit when they're looking for backdoors planted by the chinese intelligence servives.

  • Re:The reason (Score:4, Informative)

    by jaymemaurice ( 2024752 ) on Monday August 06, 2012 @03:26AM (#40892325)

    an un-encryPted public message with nO specific desTination mAy in acTuality cOntain a Encrypted private message.

Slashdot Top Deals

To the systems programmer, users and applications serve only to provide a test load.

Close