
UK Defence Secretary Gavin Williamson Sacked over Huawei Leak - jmsflknr
https://www.bbc.com/news/uk-politics-48126974
======
expressrunning
Relevant discussion a day ago:

Vodafone Found Hidden Backdoors in Huawei Equipment

[https://news.ycombinator.com/item?id=19786102](https://news.ycombinator.com/item?id=19786102)

~~~
gnode
While this is being touted as a smoking gun, calling it a "backdoor" may be
reaching:

[https://www.theregister.co.uk/2019/04/30/huawei_enterprise_r...](https://www.theregister.co.uk/2019/04/30/huawei_enterprise_router_backdoor_is_telnet/)

~~~
sp332
I think this article is disingenuous. It's telnet on a nonstandard port with
hardcoded credentials, that was added back in after being removed when it was
spotted in previous security testing.

Edit: this according to one of the sources in the Bloomberg article, who
claims to have read internal Vodaphone documents
[https://twitter.com/raistolo/status/1123283199348621312](https://twitter.com/raistolo/status/1123283199348621312)

~~~
strainer
A telnet service responds to a plain port scan. So it was categorically not
hidden. Vodaphone explain this themselves in the linked register article:

>It added the Telnet service was found during an audit, which means it can't
have been that secret or hidden: "The issues were identified by independent
security testing, initiated by Vodafone as part of our routine security
measures, and fixed at the time by Huawei.

~~~
DelightOne
So a backdoor is okay incase it's not hidden?

~~~
gnode
A vulnerability is not as damning if it wasn't intentionally inserted to be a
backdoor. It being easily discoverable suggests that there was no intention to
hide it, and thus it was not intended to be a backdoor.

If conversely the vulnerability was difficult to find externally, was
publically unknown, and was seen being used for attacks, that would be
suggestive of a deliberate backdoor, and far more damning.

------
te_chris
The same Gavin Williamson who threatened China with military action while the
Chancellor of the Exchequer was there trying to hold trade talks? I’m shocked.

[https://www.theguardian.com/politics/2019/feb/16/gavin-
willi...](https://www.theguardian.com/politics/2019/feb/16/gavin-williamson-
china-warship-threat-philip-hammond)

------
insomniacity
I'd love to know how he was caught. Not enough security on his phone - or old
school interviews and sources?

~~~
mtgx
They probably couldn't even tell him how they caught him, because then they'd
have to admit that GCHQ is spying on most government members, too.

~~~
jsty
Given the technical aptitude of most politicians in the UK, he may equally
likely have used a government-issued device

~~~
westiseast
This sprang to mind:

[https://www.bbc.co.uk/news/uk-
politics-15396956](https://www.bbc.co.uk/news/uk-politics-15396956)

Letwin had a habit of reading correspondence whilst in a public park in the
mornings and then dumping it in public bins once dealt with. Mirror reporters
just followed him around and fished sensitive material out of the bins.

------
supergirl
maybe conspiracy but I have a feeling this is part of US strategy to kick
Huawei out of Europe, from the last few countries that didn't already ban
them, UK and Italy. I can't imagine any way for UK to allow Huawei to build 5G
once US said it is forbidden

------
rb808
The concern I dont understand. If all traffic is encrypted, what is the risk
of Huawei equipment handling traffic? Are people worried about spying or being
able to switch interrupt service?

~~~
rwmj
One worry is that in a war situation (cyber or shooting) the Chinese govt
might be able to disable UK networks, for example by sending an obscure
sequence of plaintext bytes which is understood by the routers.

------
make3
isn't the fact that she was trying to have Huawei participate to the
infrastructure without people knowing it the actual scandal worth being sacked
for? that's crazy

------
emilfihlman
I wonder, if Huawei is really spying for China and May (and other politicians)
know about this and endorse that, shouldn't that be treason?

~~~
M2Ys4U
I'm not sure it qualifies under the Treason Act 1351:

> When a Man doth compass or imagine the Death of our Lord the King, or of our
> Lady his Queen or of their eldest Son and Heir; or if a Man do violate the
> King’s Companion, or the King’s eldest Daughter unmarried, or the Wife of
> the King’s eldest Son and Heir; or if a Man do levy War against our Lord the
> King in his Realm, or be adherent to the King’s Enemies in his Realm, giving
> to them Aid and Comfort in the Realm, or elsewhere, and thereof be probably
> attainted of open Deed by the People of their Condition, and if a Man slea
> the Chancellor,Treasurer, or the King’s Justices of the one Bench or the
> other, Justices in Eyre, or Justices of Assise, and all other Justices
> assigned to hear and determine, being in their Places, doing their Offices:
> And it is to be understood, that in the Cases above rehearsed, that ought to
> be judged Treason which extends to our Lord the King,and his Royal Majesty.

or the Treason Felony Act 1848:

> If any person whatsoever shall, within the United Kingdom or without,
> compass, imagine, invent, devise, or intend to deprive or depose our Most
> Gracious Lady the Queen, from the style, honour, or royal name of the
> imperial crown of the United Kingdom, or of any other of her Majesty’s
> dominions and countries, or to levy war against her Majesty, within any part
> of the United Kingdom, in order by force or constraint to compel her to
> change her measures or counsels, or in order to put any force or constraint
> upon or in order to intimidate or overawe both Houses or either House of
> Parliament, or to move or stir any foreigner or stranger with force to
> invade the United Kingdom or any other of her Majesty’s dominions or
> countries under the obeisance of her Majesty, and such compassings,
> imaginations, inventions, devices, or intentions, or any of them, shall
> express, utter, or declare, by publishing any printing or writing or by any
> overt act or deed, every person so offending shall be guilty of felony, and
> being convicted thereof shall be liable to be transported beyond the seas
> for the term or his or her natural life

------
stiffnovigrad
I love that people are rationalizing for a dictatorship-lead China with
concentration camps in the west (xinjiang), religious oppression in the south
(tibet), democratic oppression in the east (hong kong), and aggression in the
east (artificial islands in south china sea, nearly crashing into US
battleships, massive buildup in warships), that is seeking to invade Europe
with spy technologies from its state firm is:

huawei doesn't have backdoors => the backdoors are (easily?) found by security
audits. nothing to see here.

~~~
dang
Please don't take HN threads into nationalistic flamewar. It's not what this
site is for. Please read the guidelines:
[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html).

We detached this comment from
[https://news.ycombinator.com/item?id=19800040](https://news.ycombinator.com/item?id=19800040)
and marked it off-topic.

------
13415
In general, this is one of the news threads that I persistently don't
understand. There is too much information missing. Why are European countries
so keen on allowing Huawei to build some critical infrastructure? Do they face
threats from China? If so, how are these made? And then there is the other
side of the coin, that the US allegations look credible overall, but it is
also known that the NSA and GCHQ built spying tools into existing European
infrastructure. Is the US trying to do this again but this wouldn't work if
Huawei was involved?

Which companies can actually build these kind of networks? Couldn't e.g.
France and Germany build them on their own? Or would that be too expensive?

Questions over questions...

~~~
user5994461
It's geopolitics. In short, when there is only a choice between US and Chinese
manufacturers, whichever doesn't matter because they're both considered
equally hostile. Chinese is cheaper though.

~~~
pkaye
There is a third option... the EU countries develop its own technology.

~~~
cf498
Which would be quite expensive

