
ZTE confirms backdoor in U.S. phone - mjfern
http://www.reuters.com/article/2012/05/18/us-zte-phone-idUSBRE84H08J20120518
======
gmig
I feel that the word "backdoor" is incorrectly used here. ZTE confirmed a
vulnerability discovered in the phone, not something they placed in the phone
intentionally (backdoor).

~~~
cleverjake
How is a hardwired password to allow remote access a vulnerability rather than
a backdoor?

~~~
ajross
Last analysis I saw, the access was not remote. It was a local root
escalation; you need to have code running on the device before you can use it.

------
drivebyacct2
Is that this: <http://news.ycombinator.com/item?id=3994054>

Because yeah, this has been known for a while...

~~~
twelvechairs
Nope. Its this: <http://news.ycombinator.com/item?id=3968041> from several
days before your link.

~~~
drivebyacct2
Right, that's what I was saying. The ZTE problem has specifically been
known... so if that employee posted that SO post ("my" link)... he probably
found out about it via Reddit/HN, thus posting "anonymously" would have been
rather silly.

~~~
twelvechairs
Oh I see your point now. I'm not sure I'd assume so, probably just
coincidental timing. It would seem pretty silly/pointless for your link's OP
to ask advice on a (by then) publicly known exploit after all.

------
loverobots
Let's just say that, generally speaking, Russian and Chinese companies work
very differently from those in USA. If their "CIA" shows up and wants
something added, you either add it or you may be out of business...and that's
if they're feeling generous. You can't exactly file a whistle blower lawsuit
or go public with the info.

