S. Korea Diverts Network From Huawei Networks 76
An anonymous reader writes with this excerpt from The Verge: "The South Korean government has decided to route sensitive data away from networks operated by Huawei, amid longstanding fears from the U.S. that the Chinese company's infrastructure could be used to spy on communications. As the Wall Street Journal reports, the U.S. had been urging its South Korean allies to route government communications away from Huawei networks, claiming that the infrastructure could be used to spy on communications with American military bases there. As a result, Huawei equipment will not be used at any American military base in South Korea. The Obama administration denies playing a role in the decision, and South Korean officials have not commented. The Journal reports that the White House made a point of keeping the talks private because it didn't want to be seen as meddling in its ally's business affairs."
Who cares (Score:3, Informative)
Re: (Score:2)
sourced from local vendor
... who just assembles chips and boards made by Chinese or US companies. Next try...
Re: (Score:3)
Re: (Score:1)
That and the other thing missed here is Cisco has been proven to spy. Huawei hasn't. Yet companies are fleeing Huawei, but not Cisco, so it isn't as issue of spying, but racism (and yes, that term includes non-racial-based nationalism, and xenophobia).
Re: (Score:2)
Now fuck off, you 1% piece of shit troll.
1%? I'm not in the 1%. I'm barely in the top 10% (something every college graduate is easily capable of), the real question is, why aren't you? Too lazy, or too stupid?
Re: (Score:1)
While communicating with the US, choose Cisco. While communicating with China, choose Huawei.
Re:Who cares (Score:4, Funny)
While communicating with the US, choose Cisco. While communicating with China, choose Huawei.
Do it the other way round. That'll keep everybody extremely honest.
Re:Who cares (Score:5, Interesting)
Thank tho Snowden we now know that Cisco is even worse in that regard.
Do we? [techinasia.com] Really? [marketwatch.com]
LOL (Score:1)
"most fpgas are made in Taiwan"
Do you want to try again?
LOL
I'll give you a hint. The mid to high end FPGAs that were manufactured in the past 18 months all have ITAR restrictions on them.
You'll take "I'll talk shit for $2000 alex"
Re: (Score:3)
Cisco? (Score:2, Informative)
Thank tho Snowden we now know that Cisco is even worse in that regard.
[citation needed]
In what way? I am not aware of any backdoors being reported from the Snowden documents. I've seen Chinese media say that Cisco helped the NSA, but not any reports from Greenwald et al:
http://news.yahoo.com/chinese-media-snowden-says-cisco-090020241.html
There are reports of exploits against Cisco equipment by the NSA, but they've also attacked Juniper, Huawei, and many other vendors. So again: [citation needed].
So while I'm not a fan of Cisco gear for other reasons (primarily budget/value pr
Re: (Score:3)
The US is an ally to South Korea, and since that equipment will be used to communicate to the American military bases anyway, I don't see why they need to worry if the NSA can spy on it.
Re: (Score:3)
because the US are not restricting themselves to military spying. Political, economic and LOVEINT spying of "allies" are par for the game, too.
Re: (Score:2)
Again, those communications are to the US military bases in South Korea. So why would you be worried that the NSA might be spying on your conversations with the US military?
Re: (Score:2)
What makes you think it will be used only for that?
Re: (Score:2)
claiming that the infrastructure could be used to spy on communications with American military bases there. As a result, Huawei equipment will not be used at any American military base in South Korea.
That's from the article. I admit it's rather ambiguous, so maybe I'm wrong. I understood it to mean that Huawei won't be used for communications between american military bases in South Korea, and the South Korean government.
Re:Use Cisco instead... (Score:4, Interesting)
Maybe the REAL reason that the US and its allies hate Huawei is because unlike Cisco or Juniper or HP or Ericsson or whoever, they cant put backdoors in the Huawei gear.
Re: Use Cisco instead... (Score:5, Informative)
Uh, no. You just read the *headlines* on Snowden articles and not the details, didn't you?
Backdooring Cisco or Juniper equipment required physical access or someone to upload a Trojan firmware.
Huawei has a *remote upgrade* feature that allows remote firmware programming. They are very..."user" friendly.
Re: Use Cisco instead... (Score:5, Informative)
Huawei firmware is not known for its quality. It has so many nasty bugs and security holes, the remote firmware programming interface is just a safer way to do it.
Cisco and Juniper are much better (at least their boxes crash or do idiotic things a lot less than Huawei boxes), but still not anywhere close to safe enough for the job, as one can easily check by hunting for C and J firmware exploits in several sites.
I always point to this video when people ask what my big deal with Huawei is. The takeaway, they found early 1990s bugs and security everywhere, including all memory being world accessible and mapped read, write, execute. That means you just need an exploit, no privilege escalation necessary. Also, not only are these exploits easy to find, Huawei doesn't publish CVEs or changelogs for their new firmware. Combine that with most debugging features only being available in Chinese.... Yeah, I'll pass.
http://www.youtube.com/watch?v... [youtube.com]
Re: (Score:2)
Lets face it, if you want security, its best to deliver your messages by hand or don't bother to communicate them at all. That said this should give a boost to Cisco as their business has suffered considerably in overseas markets as a result of NSA spying, not that they could do much about it. Cisco and many US manufacturers will probably now have to more heavily involve other country's IT professionals in the design, fabrication, and use of router and switch hardware to overcome fears of foreign consumer
Phyical access to network hardware (Score:1)
This is silly (Score:3)
This is silly stuff for the US to be worrying about. We should be generous with our friends in things that matter little, so when it comes to things that do matter, they will have confidence that we are negotiating in good faith. Why would you want to use protectionism to defend Verizon and Qualcomm? Really?
Re: (Score:2)
I'm not sure about that. It'll certainly be true during the saber-rattling preliminaries, but China's leadership is pragmatic. They know they've got more to lose from South Korea taking a beating than they do if North Korea goes down.
Certainly their first choice is for the current state of affairs to continue, though.
Re: (Score:3)
Well normally I'd agree, except I've lived in the region for a bit. Some other /.er's could probably explain better if they're more recent live-ins', but usually when the governments in the region do something like this it has more to do with industrial espionage and fear of direct, or indirect attacks against national interests. Or that there's interest in "gaining" people by kidnapping. China, who uses N.Korea as a proxy to attack it's neighbors will happily disavow everything. And there's a very lon
Re: (Score:2)
That is silly (Score:3)
After Chinese involvement in an attempted coup a couple of decades back they haven't gotten on very well. Of course nobody else will even talk to N.K. , let alone trade with a serious markup on everything.
The kidnapping etc has certainly been linked to N.K. on multiple occasions - but to China? I've never heard of that one so please provide an example.
I'm not defending China, merely pointing out that N.K. should take the blame for their own acti
Re: (Score:2)
What, and miss an opportunity to sell Cisco hardware instead of Huawei ? You don't know who pays for politicians' campaigns do you ?
Re: (Score:2)
When you are up against a superpower, encrypting your data is little, if any, protection. They have secret programs dedicated to finding weaknesses in commonly used crypto, and the money and motivation to build supercomputers to brute force your communications in reasonable time-frames, in combination with whatever weaknesses they've found.
In addition, that only helps keeping the content of messages safe. There's a lot to be learned from info like who is sending data to who, how much data, when, etc.
And i
Re: (Score:2)
They have secret programs dedicated to finding weaknesses in commonly used crypto, and the money and motivation to build supercomputers to brute force your communications in reasonable time-frames, in combination with whatever weaknesses they've found.
Let's assume that your paranoia is reasonable, and somehow the NSA did find a weakness in the crypto. Then create a distribution system for a one-time pad. Unbreakable.
Re: This is silly (Score:1)
You failed basic math. It's a one time pad. The ONLY system with a perfect security PROOF, given you stick to the constraints. True random values, no correlation between bits, and only used to encrypt one message. Any other use (including transmitting the pad value in ANY way less provably secure) immediately breaks the security proof. However, a one time pad, used properly, is not vulnerable to ANY attack. Any ciphertext may decrypt to any plaintext of same or shorter length with equal likelihood, that bei
Re: (Score:3)
One-time pads are extremely cumbersome, and the "distribution system" of which you speak is inherently highly vulnerable to things like interception, whether of the high or low-tech sort.
How would you propose to integrate OTPs with IPSec VPNs for instance? It's a very hard problem that you're treating like a minor detail...
Re: (Score:2)
One-time pads are extremely cumbersome, and the "distribution system" of which you speak is inherently highly vulnerable to things like interception, whether of the high or low-tech sort.
A lot of country's foreign departments already have a system in place for manually carrying encryption keys across the globe every month, so this is not a problem. (I don't know if a lot do that, but I know that some do it). Integrating it into VPN is just a software development problem, it's not something that couldn't be done.
Either way, Bruce Schneier correctly points out that the encryption algorithms we use are definitely not the weak link in the system. Even with OTP you can have your pad comprom
Re: (Score:2)
Hand-wave all you want, you still won't change the reality.
Re: (Score:2)
Re: (Score:2)
There are publicly known vulnerabilities in any crypto you care to name. Combining issues like those, with obscene amounts of money, makes it possible to decrypt anything in a reasonable time-frame. If you don't know this, you shouldn't be offering your uneducated opinion on the subject. When you're talking about *governments* and multi-billion dollar trade-secrets, the rules are very differ
Re: (Score:3)
There are publicly known vulnerabilities in any crypto you care to name.
SHA-2 and SHA-3 are still good.
And acting like it's oh-so-very simple to manage gigabytes of OTPs every day, and feeding it into the low-level protocols never designed for such a thing, won't make it true.
OTP would be easy to integrate into any low level encryption. That's not the problem; the problem is making sure the pad is secure. If it gets stolen, your encryption is over. Have you seen how many algorithms openSSL already integrates, for example? You probably don't know what you are talking about. Gigabytes are easy to transfer, do you know the size of hard drives these days?
Also, you should go read a book about cryptography. It will make you knowledgable.
And let's not forget that I mentioned FOUR different things that were utterly and undeniably wrong with your ridiculous stance on this issue. Yet you haven't argued with any of the other three show-stopping issues.
Yeap. You're
Re: (Score:2)
Oh good. Please describe your OTP negotiation algorithm for IPSec...
I'll ignore the rest of your mind-numbing trolling.
Re: (Score:2)
And I forgot to include a list of SHA-2 weaknesses for you:
https://en.wikipedia.org/wiki/... [wikipedia.org]
Translation: (Score:3)
Two sides (Score:2)
"didn't want to be seen" (Score:2)
Huawei sux... actually... (Score:3)
For anyone closely following China and their state-sponsored intellectual property theft activities, this comes as no surprise. The only thing I would change in the opening paragraph is "...infrastructure could be used to spy on communications... to ...infrastructure is used to spy on communications...
China's IP theft, how it happens, Hauwei's involvement, Chinese Liberation Army battalions devoted to network disruption and IP theft, US three letter agency involvement in trying to help US corporations protect themselves, is all open, public knowledge. Saying things like CISCO is worse is only avoiding the real and serious issues of western business competitiveness and military capabilities by posing a straw-man that, while the argument might feel good, is completely and utterly false. Do some research before claiming "we're no better than they are", please.
Re: (Score:2)
So how does it help when this east-west / us-them -construction is constantly strengthened and the separation thus deepened. The current paradigm needs to be changed. Adoring the ones that are selfish enough to gain power will only leave crumbles for the followers. In the end the ones that actually want to gain transparency are put into jails and opaqued - regardless of the culture and the political system, because the highest sphere shares the same view. The tribal power structure is build deep into the hu
Re: (Score:2)
The link from the other guy was not in a reply to your outrageous lies, so here it goes:
http://www.wired.com/wiredente... [wired.com]
Living in a surveillance state like china or the US is one thing. Denying it and accusing only the other country of being a fascistic surveillance state is ridiculous.
Re: (Score:2)
Oh the irony (Score:1)
Re: (Score:2)
From S.Korea's viewpoint, that might be a reasonable decision, given the range of available options. But use encryption on anything sensitive, and enought things that aren't (including some noise). And if it's really sensitive, use a one-time pad system (and encrypt that, too, just to break their heads against). And avoid English even on trivial stuff. Korean with lots of current slang should require the use of limited resources to understand.
N.B.: This won't stop them, except the one-time pad. But it
Re: Funny, ha ha ha (Score:1)
Once you've solved the distribution effort for a one time pad (good luck) DON'T bother with extra layers. it's security theater at that point. If you argue that it isn't, then you clearly don't have your distribution system for your one time pad worked out, since you can't use another form of encryption to transmit a pad without violating the security proof and reducing the security of the pad to the distribution system. Since it IS theater, you're STILL weakening security by introducing a false layer of ex
Re: (Score:3)
The extra layers are so that it's not immediately obvious which messages are encoded with the one-time pad version. That can be important information, and delaying it's recognition can be an important plus. (And only a few messages should really require a one-time pad. For most a lighter level of security should suffice.)
US trying to make allies chose to use US made gear (Score:3)
Ya, don't use Huawei (Score:1)