
Huawei Backdoors Explanation, Explained - known
https://blog.erratasec.com/2020/03/huawei-backdoors-explanation-explained.html
======
badrabbit
Not huawei but I have worked with networking gear from china and other
countries (cloud scale) that has similar backdoors. Basically an account where
a whitelisted ip can use to ssh to the device. It was basically a "support"
account. If you have a critical problem you get on the phone with their
engineers and have them help you troubleshoot with the backdoor access. Of
course no one calls it a backdoor,more like a side door for support.

I suspect that's what they're talking about here. I also suspect a much more
clever actual backdoor in their products. People think a backdoor is something
that gives direct shell access,but in reality compromising data integrity or
compromising something else so that the attacker can access it easily or a one
way "back window" where the device or other devices are taken offline is also
a "backdoor".

Huawei is distracting from concerns of actual backdoor. They can easily say
"would you consider windows auto-updates a backdoor? How about windows remote
assistance?" ,they're basically misdirecting to a defensible side door by
calling it a backdoor.

~~~
DoofusOfDeath
Not to dimimish your main point, but I do actually consider Windows Update to
have _some_ similarities to a back door.

It was abused by Microsoft to push unwanted telemetry and advertisements to
mostly unsuspecting users of Windows 7.

~~~
badrabbit
Sure, that does not diminish my main point at all. For public opinion "MS does
it too" is enough of a defense.

~~~
mycall
Except all of Microsoft updates are meticulously reviewed by security teams
around the world and would find any backdoors being installed, activated or
manipulated.

~~~
badrabbit
Reply to the parent commenter. I never disputed that. But since you replied to
me: MS never allowed external security teams to audit its auto-update
infrastructure. Can they not deploy any software with auto update? Until
recently,their crypto api had a bug (backdoor? Lol) that allowed forging
signatures for auto updates...so.. I don't see your point. Much like huawei,
the speculation is that these types of backdoors will be used in times of war
or severe political tension.

~~~
mycall
US Government has audited Microsoft's infrastructure.

------
milanove
Maybe I was expecting a technical overview or reverse engineering of how their
backdoors work, but really the article was non-technical. If I understand
correctly, it can be summarized as: The WSJ made a claim that Huawei was using
a backdoor into a backdoor, so that Chinese intelligence would have access to
their devices globally. However, the claims were unsubstantiated and
attributed to anonymous U.S. officials. Then, Huawei made a video clarifying
what backdoors are, stating that a "backdoor" which is used by law enforcement
is really a "frontdoor".

------
NotSammyHagar
I thought that blog post on explaining the explaining was very misleading,
what am I missing? He or she says that if the us related leaker about Huawei
was legit, they allow use of their name. But maybe it's a secret that say the
us govt figured out that there really is a back door there? There is too much
meta here. Yes, the us has been claiming that we can't trust Huawei. But
keeping what the us knows unclear can be to our advantage.

~~~
weare138
I agree, I have no clue what point the author's trying to make here. After
criticizing the WSJ's reporting and heavily implying it's reporting is
inaccurate, even going so far as to suggest the WSJ article is unethically
false and labeling it "fake news", the author then goes on to confirm the key
accusations in the WSJ article but reframes them in a way that minimizes their
significance. The author goes on to building a straw-man argument that all
telco manufacturers/operators do similar things for law enforcement so we
shouldn't be concerned about Huawei's practices but then goes through some
mental gymnastics explaining China's authoritarian government surveillance and
intel operations are sanctioned by Chinese law so Huawei aiding the Chinese
government is no different than a US telco honoring a request from law
enforcement. This article is disingenuous at best and comes off as blatant
astroturfing. It's also interesting to note, the author mentions working
directly with Huawei engineers in the article.

~~~
robertgraham
> I have no clue what point the author's trying to make here

You mean, you don't know the agenda. The "point" was data, namely: \- the
Washington game that leads to unreliable journalism \- the fact that all
Huawei's competitors have the same law enforcement backdoors, the same support
contracts, and there's no evidence or even accusation that Huawei is doing
anything different \- my own personal experience watching Huawei support
engineers using their "backdoor" "sidedoor" "frontdoor" access to gain
intelligence information.

> implying it's reporting is inaccurate

Unreliable, not really inaccurate. It's clearly bad journalism violating
clearly expressed ethical standards. That doesn't mean it's wrong, it doesn't
mean the government official's accusations are false. It instead means that we
can't rely upon them.

> straw-man argument that all telco manufacturers/operators do similar things
> for law enforcement so we shouldn't be concerned about Huawei's practices

I'm not sure you read the article. I make it clear that we should be concerned
about Huawei even if their hardware, software, and support access are no
different than any other vendors, because the Chinese government can lean on
them in ways democratic governments cannot lean on their own vendors.

> comes off as blatant astroturfing

One of us does not understand "astroturfing". This is clearly an anti-Huawei
piece that nonetheless tries to understand things from Huawei's point of view.
I haven't worked with Huawei's engineers, I was working on a mobile companies
systems when I saw Hauewei's support people log in via their VPN and gather
national intelligence information.

The point is that everything can be true: Huawei can in fact be no different
any competitor, doing at least as good a job preventing backdoors, and yet
still be a national security threat due to backdoors. I believe it's good
policy to forbid Huawei equipment in 5G deployments even if I doubt they have
any special technical backdoors.

~~~
pbhjpbhj
>"because the Chinese government can lean on them in ways democratic
governments cannot lean on their own vendors." //

In comparison with USA this is where you lost me, aren't NSA's national
security letters just as much a way for the government, or whoever has weight
at the NSA, to access so-called front-doors? Depending how you define
democratic the NSA can "lean on vendors in ways democratic governments
cannot". And you intimate that access "from China" might equally be being done
on behalf of USA's secret agencies.

That's fine if you trust USA, and it's leadership (covert and public).

To me, in the UK, when USA are saying "don't use Huawei" the reason that seems
to be most likely is 1) financial, 2) because then we would potentially be
subject to Huawei's backdoors instead of USA's backdoors. And as a citizen I'm
pretty certain Five-Eyes/GCHQ have every tiny bit of meta-data about my tech
use for the last year: so China can know who I call and when too, giving up
that as well in exchange for reliable 5G seems like it's not really losing me
much.

Seems in the UK we're more at risk from USA's financial meddling than from
China's?

------
md_
To be slightly snarky, Rob is arguing two points here:

* The WSJ allegations--that Huawei has allowed unauthorized use of its lawful intercept capabilities by Chinese intelligence--are anonymous and therefore unreliable.

* Rob personally knows (based on his own experience, omitting any details that would enable us to validate the story)that Huawei has allowed unauthorized use of its lawful intercept capabilities.

...er, what?

In a less contrarian framing, this could be rewritten as, "The WSJ article is
accurate, and I'm even willing to put my name on the public record as having
seen similar things."

It's fashionable these days to criticize anonymous sourcing--and, hey, I agree
a reader should be cautious about such things--but this has to be the first
time I've seen someone criticize an anonymously sourced article while
explicitly validating its claims.

------
KiDD
Don't care what they call it.

------
peter_d_sherman
There is something very, very disturbing here, sort of like a "(legal)
disturbance in the (legal) force", to join a Star Wars quote with Law...

Let me explain.

First, let me get across that I am neither for nor against Huawei, neither for
nor against The Wall Street Journal, neither for nor against this
article/video nor the claims made in it.

My first problem, if I have a problem, begins with human language...

You see, we can call something a "front door", we can call something a "back
door". We can say that "front doors" are used lawfully, by law enforcement (or
others), for the purpose of "lawful interception". And we can say that there
are "back doors" (generally associated with illegal, unlawful activity -- but
this may not be the case in all circumstances), and that there are
"maintenance doors", that workers use.

 _But the problem is, this use of language dumbs down our conversation._

A simpler view of the universe would say that there are methods which can be
used to access data, and that actors employing such methods are either
authorized or not authorized.

In other words, you have "access method", and "authorized" or "unauthorized".

That's it.

Authorized is you have permission to use it.

Unauthorized is you don't.

That would be the simplest view of things.

But this is not what's disturbing...

You see, there's a fairly deep legal question in relation to this...

To understand it, let's suppose I was a manufacturer of network equipment. And
let's suppose I was coerced by a government (U.S., Chinese, Other Government),
by whatever means (legal, sanctions, threat of violence, threat of loss of
commerce, ?) to add a backdoor/front-door/access method (call it what you
will) to the network equipment, for this government's law enforcement
community.

OK.

So now that backdoor/front-door/access method (again, call it what you will)
-- is there and all.

Now, here's the legal question...

If it's there, by virtue of it being there, by virtue of the government actor
knowing how to use it as a means of access, is the government (foreign or
domestic) then legally authorized (do they have permission) to use it?

?

In other words, if I, as a network equipment producer, then sell my
backdoored/front-doored/access method enabled product to a service provider --
do the legal rights for that backdoored/front-doored/access method -- go to
the service provider, who must again explicitly grant them to the government
(again, foreign or domestic) in order for them to use that backdoored/front-
doored/access method, and still be authorized?

To make the story short, authorized access, (from a legal point of view), is
not just one, but a series of contracts and contractual agreements (and the
interpretation of those contracts!) made between many parties, including, but
not limited to the manufacturer, the service provider, and the users to whom
service is provided to.

In other words -- there's no easy answer!

The devil is in the details!

Even a Lawyer could not answer this question... it would have to be determined
by the Courts, and then it could go many ways, depending on the number of
actors involved, the contractual agreements between them, and the legal
arguments raised...

We have FISA Court -- but even FISA is not a blanket authorization _in the
presence of other contracts_! (FISA might be a blanket _presumed_
authorization if no other contracts were present, but generally speaking, that
won't be the case...)

In other words, two cases involving a lawful intercept from two different
equipment manufacturers could go two seperate ways in the courts!

A legal mess, to be sure...

