
Huawei set for limited role in UK 5G networks - goatinaboat
https://www.bbc.co.uk/news/technology-51283059
======
loudmax
I think the Economist had a good take:
[https://www.economist.com/leaders/2020/01/25/huawei-is-a-
cyb...](https://www.economist.com/leaders/2020/01/25/huawei-is-a-cyber-
security-risk)

There is a real risk in using Huawei equipment, but the risk can be mitigated.

If the Chinese government tells Huawei to insert a backdoor, Huawei will
certainly comply. But state actors don't necessarily need backdoors to exploit
equipment. They're going to look for bugs, which they're just as likely to
find in competitor's equipment as anything else. So the real solution is not
to exclude Huawei because they're Chinese, but to make sure engineers fully
understand the system from the hardware on up. This means insisting on open
source systems and then conducting thorough audits.

~~~
KaiserPro
This is missing the point.

All Comms kit has back doors in it. Its about choosing whom you allow to put
them in.

Cisco was riddled with backdoors, and if you were interesting, the five eyes
would specially intercept your kit and put extra bits in before it was
delivered to you.

The issue here is geopolitical. Who has control of your friend's internet.

Now there are few ways to look at this:

1) this is the present government's master plan to use this as a bargaining
chip in negotiations

2) The kit is going to be at the edge, which if the network is designed
properly, will mitigate attempts to snoop or spoof

3) GCHQ et al, can't plan for shit.

4) The government and civil service can't plan for shit, don't understand how
tech can influence geo politics

5) Trump is trying to get allies to buy shitty expensive kit from the USA.

Out of all of these 4 is my favourite hypothesis, but there are bound to be
more factors. Yes, Huawei have sponsored a lab to prove that their kit is
secure. But of course they would, they are not going to ship gimped kit to be
tested.

Also, As Huawei kit already operates vast parts of openreach's network (the
company that runs the vast majority of landlines and fibre) the point is kind
of moot. The decision to allow this is why marconi bit the bucket, killing the
last bit on comms design the UK had. (like every other pioneering
electronics/computing company in the UK.)

~~~
Bendingo
Maybe UK would rather be spied upon by Chinese Gov. than by US Gov. I know I
would.

~~~
Lio
Why would you want that?

The USA is our long time ally. Yes, I can roll things off the top of my head
where they’ve stitched us up but I can also do the same for areas where mutual
cooperation with the US has greatly helped us.

That’s everything from military cooperation during the Cold War to the
original Human Genome project.

I can’t easily do that with China. I can point to the constant cyber attacks
coming from China or their closed markets but I can’t think of many ways China
cooperates with us.

Perhaps I’ve missed some examples and someone could enlighten me where China
has acted in the UK’s interest?

------
Nokinside
In Europe Huawei have been under constant scrutiny from government spooks and
telecom companies for at least 10 years (without news about it). Nothing has
never been found and US has never provided any evidence. They are just
worried. Some of that worry is reasonable but going all or nothing is not.

For years now, some European network operators (especially if they have
government contracts) have silently limited what they buy from Huawei. Base
stations and most hardware is OK. Operating services, network control, visitor
and location registers, mobile switching centers, network monitoring, and
related software dealing with the core network can be bought from others if
there is need. Interfaces are standardized and you can buy different
components from different vendors. Many EU countries just "happen" to have one
or two carriers with strategically shielded core networks.

The real problem with Huawei has been lower quality software relative to
competition. If I had to guess, I would say that NSA exploits holes in Huawei
software to spy European allies at least as much as Chinese do or as much as
Europeans spy each other.

~~~
badrabbit
Only someone working to promote Chinese influence would say this.

It's no different than Russia and China govs having a blanket ban on Windows
and some western hardware.

Interesting twist at the end there, so the NSA is the big concern even with
China designed and built hardware eh? Exactly how gullible do you expect
readers of your comment to be? Let's say for a moment that even though China
(a nation very hostile to the US and UK with a myriad of APT groups who focus
on different goals such as corporate espionage,strategic
compromise,misinformation and state espionage!) has the advantage of being
able to instruct (not coerce since in China this wouldn't be against Huawei's
rights) Huawei to implement layers of hardware and software backdoor,they
somehow exploit Huawei devices at the same rate as NSA,let's say that's true,
so what? Do you expect people to believe the NSA would target the UK as much
as China does? Haha, let's say even that is true,so what? The UK are the US's
closest ally, while China is probably the most hostile nation to the UK right
now, vulnerabilities mean nothing without a threat that causes their
exploitation to reduce a security property right??

You're essentially using clever wording to say "Hey, that's just a wooden
horse,so what if our enemies left it at the gate? Even our allies send us
gifts sometimes,they are just as likely to use it to a malicious end"

And no wonder your comment is top! I use to see this a lot when I was using
quora a few years ago. Chinese "trolls" are so different than russian,they're
always intelligent,word things well and very very subtle with good knowledge
of western context but the propaganda angle is always clear like this. They
specifically target influential academic(ish?) sites to exert influence. I am
not fully sure you're one of them,but your comment is uncanningly similar. I
never thought about an influence operation on HN,but man it makes so much
sense.

~~~
dang
You've broken the site guidelines badly here. Please read
[https://news.ycombinator.com/newsguidelines.html](https://news.ycombinator.com/newsguidelines.html)
and stick to the rules when posting to HN.

There's years' worth of further explanation at
[https://hn.algolia.com/?query=by:dang%20astroturf&sort=byDat...](https://hn.algolia.com/?query=by:dang%20astroturf&sort=byDate&dateRange=all&type=comment&storyText=false&prefix=true&page=0)
if anyone wants it.

------
zaro
Since this topic with Huawei started, I keep thinking that the US doesn't want
Huawei to sell equipment to anybody, not so much because , you see, the
Chinese will use the equipment to spy, but rather that they(the US) won't be
able to spy using this equipment.

edit: remove paste garbage from the beginning

~~~
president
I think it's common knowledge that every nation state spies. The real question
is - which nation do you trust to spy on you? Last time I checked, the US's
spying did not result in people getting kidnapped and tortured into black
jails for something as benign as comparing their leader to a cartoon
character.

~~~
londons_explore
As a US national, I trust China to spy on me far more than the US government.

China couldn't kidnap me - they'd get huge political repercussions from the
US. China kidnapping me on US soil would be very risky for them too.

On the other hand, the US could totally imprison me on bogus charges
constructed from spy data.

If I was a Chinese national living in China, all of the above would reverse.

~~~
president
There are Chinese political and religious dissidents that would disagree with
you here.

EDIT: By the way you are wrong about kidnappings in the US by China. This has
happened in the past and still happens today where China uses Chinese
nationals based in the US to locate dissidents or “tax-evaders” and force them
against their will to fly back to China.

------
gorgoiler
It feels like everyone is talking about national security when this seems more
like a fight over who gets lucrative contracts to supply millions of pounds
worth of equipment.

What’s the capital investment of 5G — how much money are we talking about
here?

The article doesn’t mention one, but is there a major US supplier of telecoms
equipment that is vying for these contracts, being propped up by the state
department?

 _Edit: The following report says £2.5b capex, £1.7b opex over the next
decade_

[https://assets.publishing.service.gov.uk/government/uploads/...](https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/577965/Exploring_the_Cost_Coverage_and_Rollout_Implications_of_5G_in_Britain_-
_Oughton_and_Frias_report_for_the_NIC.pdf)

------
nickdothutton
I put together this post a little while ago examining the HSEC report and
letter from the ISC. It is, I hope, a fairly unbiased take. There aren’t any
good options and the time to do something about this was 20 years ago.
[https://blog.eutopian.io/huawei-5g/](https://blog.eutopian.io/huawei-5g/)

------
LeonM
I understand the concerns here given the track record of the Chinese
government. But, there is (AFAIK) not a single proof of a backdoor currently
installed on Huawei telco equipment. Whereas there is a huge number of
security bugs, hardcoded passwords (looking at you, Cisco), dubious certs and
other nastiness discovered in equipment of other manufacturers. .

So really, given the amount of auditing that has been done on Huawei equipment
recently, we could almost say that their equipment can be trusted more than
that of other manufacturers.

~~~
eddieplan9
Are you even looking? I did one Google search, and found this [1]:

> The results of the analysis show that Huawei devices quantitatively pose a
> high risk to their users. In virtually all categories we studied, we found
> Huawei devices to be less secure than comparable devices from other vendors

[https://www.scmagazine.com/home/security-
news/vulnerabilitie...](https://www.scmagazine.com/home/security-
news/vulnerabilities/huawei-products-riddled-with-backdoors-zero-days-and-
critical-vulnerabilities/)

~~~
yorwba
That article is based on Finite State's report, who sell static analysis
software and are highly incentivized to not check too closely whether
everything flagged by their tool is actually a vulnerability. They probably
did find a bunch, but not nearly as much as they claim.

There was some good discussion on the report 6 months ago:
[https://news.ycombinator.com/item?id=20421148](https://news.ycombinator.com/item?id=20421148)

------
mrtksn
Is anyone familiar with the economics of the 3G,4G,5G ... XG rollout?

Are the margins thin and production slow so that multiple suppliers are
needed? If someone does not trust a supplier why it is hard to just keep them
out completely? Is it more about politics beyond the network rollout?

~~~
fuzzyset
I work for a major wireless provider in the US (as a wireless engineer).
Huawei equipment is almost an order of magnitude cheaper than the Scandinavian
companies. Samsung is such a small player in the US that they don't really
matter.

Personally, I'm worried (not sure that's the right word) that China will just
do it's own thing in the near future. It was a miracle that LTE phones work
worldwide, IMO. China had/has its own 3G CDMA tech. I wouldn't be surprised if
the market gets fragmented in later releases of 5G or with 6G.

~~~
blackrock
I recall reading that China went with CDMA (which is Qualcomm intellectual
property) as a condition on entering the WTO, as mandated to them by the
United States.

So they were allowed to join the WTO, and Qualcomm made billions in IP
royalties.

I don’t have the evidence at hand. Perhaps someone else can find it.

------
dghughes
What is the urge to use Huawei is there no other alternative no competitor
with equivalent hardware? Does Cisco not make 5G hardware at all or at the
same level as Huawei?

My concern is the 23.8GHz frequency used by 5G being devices so close to the
24GHz used by meteorology satellites.

------
mzs
FWIW how this happens is Huawei gives still influential former gov folks cushy
jobs:

[https://twitter.com/_JakubJanda/status/1222496191897731073](https://twitter.com/_JakubJanda/status/1222496191897731073)

------
jdkee
How did the U.S. lose out on advanced telecom design and manufacturing so
badly?

~~~
tpmx
GSM started in Europe. Qualcomm continued betting on CDMA way too long. It
ended up with Ericsson buying the infrastructure part of Qualcomm back in
1999:

[https://money.cnn.com/1999/03/25/europe/ericsson/](https://money.cnn.com/1999/03/25/europe/ericsson/)

[https://www.wired.com/1999/03/ericsson-qualcomm-
accord/](https://www.wired.com/1999/03/ericsson-qualcomm-accord/)

The americans won the really lucrative (and powerful - witness Trump/Brexit)
application layer though (e.g. Google/Facebook/Amazon) so they shouldn't feel
that bad.

------
jpkeisala
Interesting decision. I interpretate this either UK does not believe US that
China is spying or little spying doesn't really matter since the price is
better and we can control it.

~~~
arethuza
I think it's a compromise to try and avoid annoying both the US and China at
the same time - not sure if it has worked though.

~~~
samwillis
The UK is also at the beginning of post-Brexit trade negotiations with the US
trade agreement being a central one. This is going to be part of those
negotiations going forward and is all part of the governments strategy.

~~~
arethuza
You think the UK will offer to drop Huawei as part of a US trade deal?
Wouldn't that mean a remarkable loss of face for the current UK government?

~~~
michaelt
Not if it's a good enough trade deal.

The US will be looking for the UK to pay US-style inflated prices for
pharmaceuticals, change food safety standards to accept subsidised US farm
produce, and install an ISDS court to protect corporations' anticipated future
profits.

Compared to these, banning Huawei - which isn't even a British company - would
be a trivial concession.

------
mzs
just yesterday, Senators John Cornyn, Tom Cotton, and Marco Rubio to Boris
Johnson: "The facts on Huawei are clear. We hope that your government will
make the right decision and reject Huawei’s inclusion in its 5G
infrastructure."

[https://www.washingtonpost.com/opinions/2020/01/27/congress-...](https://www.washingtonpost.com/opinions/2020/01/27/congress-
warns-britain-stay-away-huawei/)

------
tpmx
My interpretation: UK is kind of desperate for allies post-brexit.

------
devnullbyte
Strikes me as a good decision.

The deal is that core networks are supplied by European NEP's mostly Nokia and
Ericsson and radio elements are supplied by Huawei. There is very little
information can be gleamed from from RAN, its all encrypted between the end
point and the core network. Anyone wanting to harvest data will want to
backdoor core network elements.

Another factor is that Huawei code has been provided and audited for a number
of years now. Sure that is not full proof, but its way more than we have had
available from any US vendors. I will be honest, as it stands I would trust a
huawei box, way more than a cisco box.

On another note I expect this is a political play. The UK gets to not piss off
the Americans too much (well putting aside Trump and his crazies) and the
Chinese see us as favorable still. It's also quite interesting how this is
coming off the back of Trump stating his displeasure at the UK governments
plans to tax the tech giants more, with most of them being companies who are
spying on global citizens at a volume never seen before.

------
aldoushuxley001
An unfortunate decision.

~~~
ainiriand
I thought that we were beyond that. The whole issue about spying was a hoax.
It was a Bloomberg fake.

~~~
swebs
Huawei was on the danger list for years before the Bloomberg article. This is
unrelated.

~~~
rat9988
What proof de we have against it.

~~~
swebs
Accusations have been going around since the early 2000s but I don't think any
governments released the hard evidence to the public.

[https://en.wikipedia.org/wiki/Criticism_of_Huawei#Espionage_...](https://en.wikipedia.org/wiki/Criticism_of_Huawei#Espionage_and_security_concerns)

~~~
cobookman
Huawei stole the Cisco iOS source code. I'm also sure the CIA/NSA has other
information. However leaking such info might compromise a source.

Guess we'll need to wait 50 years to get an idea.

[https://www.wsj.com/articles/SB10485560675556000](https://www.wsj.com/articles/SB10485560675556000)

~~~
frandroid
"Cisco iOS source code"? What are you talking about?

~~~
popz41
Cisco "IOS" with a capital I, the operating system that runs Cisco hardware.

~~~
frandroid
Ahhhh thanks

------
pbhjpbhj
AIUI Huawei supply a lot of the current infrastructure (so it's unlikely to be
getting worse?). Also, a GCHQ spokesperson gave an interview on BBC Click late
last year and said, basically, there's very little risk. The programme pointed
out that China are ahead on the technology.

I trust the Chinese more with our data than USA, tbh. Businesses should be
end-to-end encrypting any way, so ...

I'd like to have seen them [UK politicians] tell Trump to go suck it, like
"we'll use the technology we want and aren't going to be bullied into using
USA companies just so you can get access to our data through NSLs". That would
have been a display of this mythical sovereignty we're burning the country
down for.

------
ngcc_hk
Still do not get it. A networked device can revolt anytime. It is in the flash
code they can change anytime. There might be a war one day and if so, you will
be dead NT he ware.

------
burnJS
Didn't the NSA get numerous backdoors put in by US tech companies? Didn't some
guy last name Snowden, first name Edward, disclose some of that?

Don't take this as sticking up for China. It's more, shitting on all
governments.

------
pastor_elm
What's it matter to the UK government if private citizens get spied on by
China.

~~~
jaywalk
The UK government is using the same networks...

