are you assuming that there are not many hardliners in China?
> One side says the equipment isn’t secure
after so many years with so many Huawei equipments used in the west, when all kinds of security experts and law enforcements officials all have 24/7 access to those devices, when the state of the art analysis tools and procedures are all available to them, any actual backdoor intentionally placed by Huawei got busted?
What about future firmware upgrade or hardware replacement that isn’t vetted today. What triggered all this was BT found the equipment was too chatty
same question for all Cisco/IBM/HP/Apple devices used in countries not that close to the US/UK. should they use the same cheap excuses to ban all those devices? or maybe the standard is simply different here?
> What triggered all this was BT found the equipment was too chatty
please define the term chatty and what is the acceptable threshold? or maybe get the best expert to look into it and present the smoking gun evidence to the world to actually prove something with solid evidence?
before that, what you mentioned above is nothing but fear mongering.
For a government who wants to spy, the difference between inserting your own exploit in a piece of equipment and paying $50k to find an existing exploit is insignificant.
Using an existing exploit is preferable anyway, because then it's harder to trace the origins of the exploit back to you.
I've wondered how the security experts privately regard nation state security personnel and teams? For example, no government was competing to employ Barnaby Jack. And of course government is notorious for inefficiency and incompetence when producing goods and services.
Of course nation states also have enormous advantages over any other individual or group.
That risk can be mitigated by just hiring someone in-house to find exploits. Security services employ lots of exploit finders for that reason.
: https://zerodium.com/program.html (scroll down)
totally agreed, that is exactly how NSA works with Cisco.
I find it interesting that these kinds of verbal games are continually played out in the public eye despite everyone involved knowing exactly what's going on. And that goes for all APT / nation-state actors.
The article at  directly addresses the claim:
> Huawei denies having any ties to the Chinese government beyond those of being a law-abiding taxpayer.
Articles at  also provide more in-depth analysis.
From the report:
"HCSEC is a facility in Banbury, Oxfordshire, belonging to Huawei Technologies (UK) Co Ltd, whose parent company is a Chinese headquartered company which is now one of the world’s largest telecommunications providers.
HCSEC has been running for seven years. It opened in November 2010 under a set of arrangements between Huawei and HMG to mitigate any perceived risks arising from the involvement of Huawei in parts of the UK’s critical national infrastructure. HCSEC provides security evaluation for a range of products used in the UK telecommunications market. Through HCSEC, the UK Government is provided with insight into Huawei’s UK’s strategies and product ranges. The UK’s National Cyber Security Centre (NCSC, and previously GCHQ), as the national technical authority for information assurance and the lead Government operational agency on cyber security, leads for the Government in dealing with HCSEC and with Huawei more generally on technical security matters."
"Due to areas of concern exposed through the proper functioning of the mitigation strategy and associated oversight mechanisms, the Oversight Board can provide only limited assurance that all
risks to UK national security from Huawei’s involvement in the UK’s critical networks have been sufficiently mitigated."
The publication triggered headlines in multiple news outlets at the time, e.g.
5 eyes alliance wants the monopoly on selling backdoored telecom equip is my cynical take from all the Huawei shenanigans lately like their CFO getting arrested yesterday.
Official Secrets act only applies to people who signed it.
A journalist would have to be insane to sign the official secrets act as it is hilariously broad.
If you don't sign it then you can print (almost) whatever you want.
Even the much vaunted "D-Notices" are not mandatory, it's an informal agreement between the press and the government that occasionally the government will ask them not to print something and the press will (mostly) trust them, it seems to work fairly well, one thing I've wondered is that because the D-Notices are voluntary rather than mandatory the government can't abuse them the way they could if they where mandatory (since if they did the press would stop ignoring them).
No it doesn't. It's a law, not a contract. They only get you to sign to it in order to remind you of the fact you're bound by it.
They have to either sign it or be notified that they are covered under it generally by employment contract that you sign.
Without either of those you are not bound by it.
> It is not necessary for a person to have signed the Official Secrets Act in order to be bound by it. The 1989 Act states that a person can be "notified" that he or she is bound by it; and Government employees will usually be informed via their contract of employment if they must observe the Act. 
Since I've never signed it nor a contract notifying me that I'm bound by it, I'm not bound by it nor would a journalist be.
This is how you end up in the somewhat funny situation of a government employee not been able to confirm something because they are covered but the person asking for confirmation not been.
It Was/Is the equivalent of Bell Labs.
The story has not changed since five years ago:
It would be commercial suicide for Huawei to have backdoored their export products. For the Chinese domestic market they may have 'Great Firewall' extras to them but for export products it simply makes no business sense.
There is zero evidence in the public domain to support the hysterical allegations of the crazy folks in our domestic military-industrial-espionage complex.
In former times there was this quaint notion of innocent until proven guilty. It is time we grow up a bit and stop slandering our Chinese friends. Xenophobia has never helped.
Edit: Instead of downvoting, please explain the flaws in my comment, whether they be based on unsubstantiated claims, tone of voice or just personal grudge. Thank-you.
GCHQ/NSA don't need to add their own backdoor capabilities. Huawei gear ships with support for what is refered to as Lawful Interception.
I agree with the rest of your comment and I said something similar myself a few days ago. But the idea of Huawei being barred by a British carrier because of GCHQ not being able to snoop on it is absurd.
Full disclosure: I am a Huawei employee.
And this isn’t a courtroom so the whole innocent until guilty concept makes no sense.
In fact, if anything, the opposite principle should apply in the context of systems security.
Hell, the U.K. should be just as worried about American products, tbh. Having a home grown electronics manufacturing industry seems like it should be a national security priority for everyone.
America moving all of its electronics manufacturing to China was complete madness, imo, though I understand the chain of events that led to it.
Key phrase "in the public domain". As someone with access to info that is NOT in the public domain.......every organization basically has one of two choices: either your data ends up on an NSA server, or your data ends up on a server in China. Which you choose largely depends on your government's politics and which superpower they are currying favor with.
Reasons factory-installed backdoors could NOT negatively impact business:
-customers that aren't tech-savvy enough to notice
-customers that feel data security isn't important
-customers who are too cheap for more expensive alternatives (overlaps with the last category)
-customers who have an antagonistic relationship with the US, so Chinese backdoors are "more secure" than US backdoors by default
I think you'd be surprised how many people, globally, fall in those above categories. But major UK telecom companies certainly don't.
The ability to wiretap does not depend on every bit of kit on the chain being wire-tap-able. From what I understand Huawei provide the radio access network components that work with existing 'Cisco/Ericsson' core infrastructure, with the core bit being where the wire tap happens and not the radio access bit.
As yes. The problem is the Chinese kit is too free.
Old paranoia filled post left below for reference. Thanks to saaaaaam for pointing the above link out.
There's something going on here, political or technical.
O2/Telefonica subcontracted out a lot of their core to Huawei in 2012 . Literally today, after their CFO was arrested in Canada , we've been hit with a massive telecoms outage here in the UK which has taken out data / SMS. O2 have stated that it's due to one of their technology provider's software .
Edit: Giffgaff (virtual provider) have also stated that this is a global problem which is even more worrying 
I hope this is a coincidence.
We've had data down here in UK from 0500 to 14:00 so far...
China stock is falling, this happened, Huawei already have a somewhat iffy reputation and now BT is throwing out news about jumping ship from them suddenly.
But it's sad to see that Chinese scaremongering propaganda is so effective even on educated people.
“The company said that the problem stemed from a global software issue at a third-party supplier, understood to be Ericsson, which has also affected other mobile operators around the world.”
Edit: also apparently confirmed by Ericsson themselves.
They're virtual, but wholly owned by the same parent as O2 (Telefónica).
So apparently phone masts aren't "core" to a _phone network_?
At least for 4g some layers of the control plane and all the user plane data are encrypted when passed through the eNodeb's. Albeit an eNodeb can probably do a lot of nefarious things if it wants to.
Or they mean literally just the phone masts and antennas - which are just inert components.
Is this really the best they can come up with? I've never heard any more specific accusations, in any media. Sounds pretty racist.
(I have seen specific accusations that Huawei is violating sanctions, but that is a separate concern from national security in infrastructure.)
This is arguable less of the case in other countries, which is why people in other countries don't understand what is going on right now (i.e. why Huawei is seen as a security threat). The concern is, if you in the future cross the will of the Chinese Communist Party, your national infrastructure may suddenly...behave differently.
Any specific examples or accusations????
Always remember: you’re almost certainly talking to a software engineer with an active imagination using Wikipedia to selectively back up their stories.
> It is believed that Chinese espionage is aimed at the preservation of China's national security through gaining commercial, technological, and military secrets.
As for fears, they could mandate open source with reproducible builds for all security critical infrastructure hardware.
Neither the US nor the UK have any interest in protecting Samsung from competition.
My guess is that there's been some discoveries related to how aggressively Huawei is spying.