Hacker News new | comments | ask | show | jobs | submit login
Pompeo Hints at Huawei Ultimatum to Countries Buying Equipment (bloomberg.com)
48 points by eznoonze 4 days ago | hide | past | web | favorite | 38 comments





> The administration has argued for providers of next-generation mobile gear to rely on U.S. companies such as Cisco Systems Inc.

Please stop using their backdoored equipment, use ours instead!

https://www.schneier.com/blog/archives/2018/08/backdoors_in_...


Yes, but is officially an ally, (the states where Pompeo mentioned this are all parts of NATO imho).

But still there are european providers such as nokia networks, ericsson..


Pompeo's ex-CIA background coming to the fore- My way or the Huawei.

This guy just said yesterday that Hezbollah is in Venezuela, so reality doesn't seem to matter much anymore. Who knows?

Yeah... this guy, and that other guy in the white house, they have their own reality. But wait, Obamas department of state said in 2015 "There were credible reports that Venezuela maintained a permissive environment that allowed for support of activities that benefited known terrorist groups". Also CNN, that media company that is best friends with the current US president, had an article(1) alleging that Venezuela was selling Venezuelan passports in the Middle East, amongst others to Hezbollah members.

What is mind blowing to me is the "reality" that given that, and all of the other stuff happening in Venezuela, Venezuelan passport holders can still enter the EU without a visa, just a valid return ticket.

(1) https://edition.cnn.com/2017/02/08/world/venezuela-passports...


Interesting. Are you a domain expert in this area? Did you do some research before posting?

http://articles.latimes.com/2008/oct/22/world/fg-cocainering...

From Wikipedia: "There are small but influential Muslim, Buddhist, and Jewish communities. The Muslim community of more than 100,000 is concentrated among persons of Lebanese and Syrian descent living in Nueva Esparta State, Punto Fijo and the Caracas area."

Is it hard to imagine a terrorist organization would expand it's operations into drug smuggling?


Fwiw, any vet will tell you the craziest firefights in Afghanistan were always when we went for the opium. Terrorism has been in bed with drug smuggling since the beginning.

The world isn't nearly as dangerous as you've been lead to believe. Not even like within an order of magnitude.

There's a lot of Lebanese immigrants in Venezuela. Do you think they're all members of Hezbollah?

Yes. That is what I was implying. Every single one.

Or I was providing context, showing that Hezbollah connections to Venezuela are not implausible in this particular reality


That is a horrible racist argument. to imply that it’s arguable that 3,4,5 generation muslims living in South America are terrorist just because they are.

A quick look at your comments says you are not thou. The statement is missguided

lamarpye 3 days ago [flagged]

I get the sense that detecting sarcasm isn't your strong suit.

I realise the 1st paragraph is sarcastic, the original post and the 2nd paragraph is what I’m replying to

Despite demands to other countries, the US telecom providers still use Huawei equipment. The US government has made demands for them to stop using Huawei base stations but ultimately the economics don't make sense. I don't see the US government ripping out domestic equipment anytime soon, yet alone being able to enforce any kind of demands internationally.

Is there any concrete evidence of Huawei backdoors?

Telecoms equipment from Huawei and others are no different to desktop OSs and consumer IoTs in that they do require software and firmware updates from time to time. And given that these updates come in a form of binary blobs, in some risk scenarios it’s a fair argument that you’re ‘just’ one [‘security’] update away from backdoor running in your system. Damned if you don’t [apply patches], damned if you do [and get more than you bargained for].

Another consideration altogether is what is a backdoor to begin with? A hard coded password? Absolutely! Some other obviously nefarious code that can be proven to be left there for one possible reason only? Absolutely. But what about a buffer overflow kind of programming ‘mistake’ deep in protocol stack that just happened to be missed by QA? Most of the telecoms gear highly likely is running SW written in memory unsafe languages and runs on OSes lacking [many of the] modern protections such as w^x or aslr. I think it would be hard to definitively say if these were left in intentionally with someone possessing ready made exploit, or just because of mistake.

So when we talk about evidence of backdoor, it’s as usual, not a simple black and white yes or no question. It’s more of a risk question, with a twist of international power plays.


Also fundamentally you can look at it like this: If I (as a nation-state) had the ability to embed a kill switch embedded into the telecoms hardware on which other nations depend, and over which I had exclusive knowledge and control, would it be in my interests to do that? Of course it would. Irrespective of which nation state we're talking about that's a Good Idea.

Also, technically such a backdoor capability is almost undetectable (down to a sub-microcode analysis level), as per the Ken Thompson compiler hack.


It doesn’t even need to be a killswitch. If the hardware checks firmware signatures (as it reasonably should), then I can just hold a critical patch hostage. You can’t patch against some nasty bug until $DEMAND is met - and meanwhile I can sell the exploit to some other enemy of yours and let them have fun with your systems.

I was thinking that there might need to be some strategy for punishing 'too big to fail' companies that do nasty tricks like this.

We can't just boycott because these companies are too big to fail often.

I was thinking about some sort of Etherium based capital escrow.

Basically every device you purchase has like a reward on it that's backed by capital in a wallet that Hauwei would purchase.

It's theirs and their can earn interest on it BUT it's also backed by a smart contract.'

If the customers all agree that their routers have been rooted they can unlock the wallet and take the money from Huawei effectively punishing them.

... this is just my rough thinking for now.


No. The US wants tech and equipment from the US-based companies to be the standard across the world because it would allow more influence over those countries. They would also be able to intercept the equipment as it leaves the US. [0]

[0] Infamous "NSA intercepts Cisco equipment slide" https://archive.fo/7Zosk


Yes, as does China.

https://qz.com/africa/1192493/china-spied-on-african-union-h...

I suppose what it boils down to is, which “silent partner” would you prefer?


It's worth noting that none of the telecom providers for wireless gear are from the US.

The top 5 equipment manufacturers for 5G gear are — Nokia, Ericsson, Huawei, ZTE and Samsung.


Cisco? I don't think the NSA has any issues with Nokia, Ericsson or Samsung. It's just the ones based in China that seem suspicious.

There's money for Qualcomm in there somewhere, isn't there?

Huawei is banned from an infrastructure point of view. Qualcomm does device chips for phones and whatnot, not network infrastructure.

The US government hasn't banned consumer devices of Huawei (except for government purchases). So you can still buy a Huawei phone or laptop.

Also, Qualcomm basically had a monopoly in the US due to patents applying to CDMA phone tech (it's why most phones had different SKUs in the US versus the rest of the world, as you effectively needed a Qualcomm chip to get on Verizon's or Sprint's networks.)


I assumed they had some patents this time around too and if you had to license it for the handset you had to license it for the other side also. But I guess not.

China wants tech and equipment from the China-based companies to be the standard across the world because it would allow more influence over those countries. They would also be able to intercept the equipment as it leaves the US.

Is China imposing an international ban on US made equipment?

Pick a side, hipster.

I forget who it was but I remember someone commenting along the lines of: They don't need to add back doors they just need poor security. Or, to double paraphrase. Any sufficiently bad firmware is indistinguishable from back doored.

Other than the Chinese government's rabid obsession with controlling information?

I guarantee you'll never see a story titled

"Chinese law enforcement frustrated with high security/encryption of Huawei devices" like you do in the US with iPhones.

Whether that's because Hwawei has backdoors in their phones that allow the government to check for dissension at their pleasure or whether they simply use the xkcd wrench solution to get into any citizen's device is still in the air.


Using the wrench solution just doesn't make sense when Chinese people care about privacy in general even less than American people.

Not at this time, and you probably won't ever see any.

The press coverage, of course, leaves you free to let your imagination run wild.


They have before cloned Cisco Vulnerabilities.

If in this case they modified an existing backdoor to point somewhere else, evidence of the backdoor would also expose the original.


[flagged]


[flagged]


Nope. That wasn't why the second Iraq war was declared as your own article says:

> The United States had gone to war declaring it must destroy an active weapons of mass destruction program. Instead, American troops gradually found and ultimately suffered from the remnants of long-abandoned programs, built in close collaboration with the West.

Nobody ever claimed Iraq had no WMDs, since that was in no small part what the first Iraq war was about. The claim was that Iraq was actively developing WMDs and that the US+allies had to intervene in the 2000s, a claim that has been debunked heavily.

I'd go so far as to call it an established fact that no WMD program existed that required international intervention in 2003. Most of the evidence otherwise has been debunked, and no additional evidence was found during the war itself.


I can't imagine China wouldn't retaliate on such a ban? Maybe Apple will have to scale back those expectations on sales in China again?

With such a severe trade imbalance, any retaliation would be shooting themselves in the feet.

I hope not. I have AAPL.



Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: