Hacker News new | past | comments | ask | show | jobs | submit login
Google suspends some business with Huawei (reuters.com)
466 points by samsonradu 60 days ago | hide | past | web | favorite | 480 comments



This isn't surprising. What the US government wants the government gets. I was working for a large ISP in 2010-2011 and we were considering long haul transport gear between Huawei and Infinera. All things being equal Huawei had a better cost/performance value prop. That was, until the FBI came in with a heavy handed opinion. You see at that point in time the best place to siphon data was at large ingress/egress. As I understand it there are two reasons the FBI wanted Infinera: 1) Infinera is a US based company and had to abide, like Cisco, to provide "LE" (law enforcement) capable firmware/software and 2) to keep a Chinese firm from generally gaining that position in a large ISP.

So while it's huge Google was told what to do, it's not surprising as this is business as usual. And back to an earlier point... The best place to siphon data in 2019? Your phone. Times have changed, data collection by governments hasn't.


>The best place to siphon data in 2019? Your phone.

But can't you reverse engineer your phone and see what it's doing? And can't you monitor the network data it's sending? With a backdoor in long haul transport gear, academics, researchers, random hackers, watchdog groups, journalists, competitors, etc, don't have the ability to monitor for bad behavior.


AFAIK nobody has reverse-engineered even parts of the radio-firmware, the separate OS which has memory access to your other OS. Linux/Android/Iphones OS, is really just a guest, a side-show to what the radio-firmware can and is doing, ie spying.


This is not true anymore. Some android phones (samsung, google), have DMA disabled and modern iphones (around 2016?) use USB or SDIO without DMA.

I honestly believe that the theoretical DMA backdoor attack (and most other similar attacks) have been mitigated thoroughly. I am much more concerned about secretly held 0days (RCE) and most concerned about warrantless orders against cloud storage.

https://www.apple.com/business/site/docs/iOS_Security_Guide.... p41


> without DMA [...] 0days (RCE) > https://www.apple.com/business/site/docs/iOS_Security_Guide.... p41

Are you citing "To protect the device from vulnerabilities in network processor firmware, network interfaces including Wi-Fi and baseband have limited access to application processor memory. When USB or SDIO is used to interface with the network processor, the network processor can’t initiate Direct Memory Access (DMA) transactions to the application processor. When PCIe is used, each network processor is on its own isolated PCIe bus. An IOMMU on each PCIe bus limits the network processor’s DMA access to pages of memory containing its network packets or control structures."? Correct?

The attention to hardware isolation and separation is appreciated, but I don't hold my breath for iBoot and SEPOS protecting an iPhone from powerful adversaries.


Blocking DMA is separate from 0days. One is a design decision, the other is a still-unavoidable consequence of complicated software.

I think that these mechanisms completely frustrate "bulk" in-field collection efforts; for example, scanning all phones at DUI checkpoints.

No technical control is perfect. If you personally piss off a nation state adversary, they are more likely to yeet you off to a black site and hit you with a wrench until you cough up your passcode.

Surely, someone will break iBoot, and surely, someone will break SEPOS. And surely, someone will chain a kernel exploit with a userspace exploit [0]. And surely, someone will leak the signing keys for a widely deployed cheap android phone [1]. And surely, someone will push 777 permissions to a cloud provider [2]. And most surely, powerful government adversaries will hold brutal exploits close to their chest in the service of power and politics [3].

So I guess, if you want to breath freely: host your infrastructure yourself where feasible. Choose providers who respect your privacy. Make a modest but financially fair donation to the EFF. Become politically active. Use better practices - not best - to avoid fatiguing yourself in the windmill chasing effort of being Perfectly Secure. Most importantly, stay awake and aware and ready to fight.

0 https://github.com/Cryptogenic/Exploit-Writeups/blob/master/...

1 https://www.theregister.co.uk/2017/11/16/dji_private_keys_le...

2 https://www.cnbc.com/2019/05/17/salesforce-says-a-major-issu...

3 https://www.wired.com/story/eternalblue-leaked-nsa-spy-tool-...


By LE capable firmware you mean that the FBI had a backdoor to eavesdrop? Wow.



Lawful Intercept is not a backdoor:

> The surveillance is performed through the use of wiretaps on traditional telecommunications and Internet services in voice, data, and multiservice networks. The LEA delivers a request for a wiretap to the target's service provider, who is responsible for intercepting data communication to and from the individual. The service provider uses the target's IP address or session to determine which of its edge routers handles the target's traffic (data communication). The service provider then intercepts the target's traffic as it passes through the router, and sends a copy of the intercepted traffic to the LEA without the target's knowledge.

Responding to lawful warrants and subpoenas is everyone’s obligation, and has been for hundreds of years under American law, and English law before that. The government is entitled to almost any evidence—it just has to follow the proper process to get it. Lawful intercept just supports that process. That’s also why the FBI having access to US data is fundamentally different than Chinese back doors in US networks. US law enforcement has legal ways to access data flowing in networks to perform their legitimate law enforcement functions. The Chinese have no legitimate reason to access data in US networks.


Lawful intercept isn't itself a backdoor, but it did provide one that was exposed via Snowden. In this case I'll call a spade a spade: many lawful intercept tools were used as backdoors, or overreach of legal authority. Again, keep in mind the context of my original comment: the years 2010-2011 which was pre-Snowden. The FBI may have stepped in with a heavy hand for many reasons but those reasons may have included inclusion of another large ISP in programs like PRISM.


PRISM was literally a system for handling the paperwork for lawful intercepts. There are instances of the USG exceeding its authority, but you've somehow managed to cite one of the few leaked programs that had an almost purely lawful purpose.


While I respect your opinion I don't agree.

First of all PRISM was not purely "a system for handling paperwork for lawful intercepts", see [0].

Second your assertion assumes that somehow all requests within these programs abided by "lawful purpose", which we also know is not true. Whether FISA rubber stamps were lawful is subjective and your opinion but not fact. Your answer purports a black and white perspective on the past which I simply don't find appropriately represents all the shades of grey presented by all of the legal angles during this time.

[0] https://dzone.com/articles/nsa-prism-%E2%80%93-mother-all-bi...


It's not a 'just your opinion, man' sort of thing - more or less nobody seems to have thought PRISM was unlawful. Rand Paul, I think, made some noises about suing at the time and eventually did file some sort of suit that ended up not being about PRISM.


But it is... You're conflating two different things: the legal position accepted by the government and the reality. I don't think PRISM was legal, in my opinion, you can have an opposing view. People write opinions on lawfulness of all kinds of topics prior to making legal arguments regarding. And many do think it is unconstitutional / illegal [0] [1].

[0] https://www.theregister.co.uk/2016/04/20/public_advocate_fbi...

[1] https://www.aclu.org/blog/national-security/privacy-and-surv...

Just because it was never settled that way doesn't change the history of it.


It wasn't legal because it completely violates the 4th amendment in the mind of any reasonable person. The government said that was okay, but really it wasn't okay, and we all know that it was unConstitutional under even the most liberal interpretation of the 4th amendment.


No, I'm sorry, what's happened here is that you (and "el Reg") don't know what PRISM is, but only innuendo about it, and so you've mistaken it for other USG programs that do offer instances of the government enabling "unlawful intercept". PRISM is a paperwork handling service for FISA 702 directives, not the backdoor into Google that Glenn Greenwald initially thought it was. But a lie travels halfway around the world while the truth is still grinding its way through the top of your "Read It Later" list.

You could have made the argument you were trying to make colorably and defensibly. All you had to do was not try to sound like you'd been "read in" to NSA's SIGINT programs. But, like I said above: you managed to cite one of the few NSA program examples that is in fact totally banal and, ironically, an almost perfect example of lawful intercept.


So... 702 and PRISM aren't still being litigated? It's fun to watch you twist reality with this type of non-informational response. I get with the above you'd like people to assume that, instead, you've been "read in" on the subject matter. <golf clap> But not all of what you've outlined here is the _whole truth_.


These are words, I acknowledge that they are, but they're assembled in an order that make it hard for me to understand what they mean.

As I said above: it's not hard to come up with cases where NSA is doing things that appear to contravene US law, but you managed to cite the one instance where all they're managing is paperwork.


Meh, if there is a backdoor it will be used, a warranty is a nicety and not required when the government steps in, including the US government. They break the law all the time, as was indicated by PRISM and numerous other illegal surveillance processes. All governments do it, it's just that China is turning it into an art form and flagrantly doing it and letting us all know they are building up a database on their own people to decide whether they are good people or not. Blocking Huawei is strictly to protect the USA's military interests, it's not about privacy. Cisco and Qualcomm may build in back doors but they are the USA sanctioned backdoors. That why Big H is getting the boot during 5G rollout


Doesn’t seem like a backdoor AFIACT—just support for handling a request from the government. (Distinction being that the ISP manually tells their equipment to intercept data instead of the government having technical access.)


So, the US having freedom really was just a meme after all.


TLS is still legal. So is routing all your traffic through Tor if you think the metadata is relevant.

I can't imagine much useful material comes from wiretapping these days. Maybe once in a while, but the real value largely exists in the application layer, which is obtained in a different way.


When TLS is everywhere, what's the most reasonable way for law enforcement to surveil suspects?


Bottom-up. The FBI sees that you're having a TLS conversation at X time with a server in Facebook's IP range, so they just go ask Facebook for what you were doing at that time.

Foreign-hosted services seem like they'd be hard to crack, but it's extremely likely their data flows though Cloudflare, Amazon, GCE, or a similar US-based company.


Following the requirements of a judge is not necessarily antithetical to Freedom. Even in societies where freedom is values, conspiracy to murder (say) tends to be frowned upon.


But Cisco hasn't conspired to murder anyone.


No, not at all. It was an extension of lawful wiretaps in to the digital age. CALEA required that manufacturers add the ability for lawful intercept to be done on their equipment by the providers that purchased them.

Law enforcement still had to go to a judge, get a court order, and take it to the ISP. The ISP could then configure the devices to siphon off traffic from a single customer to a collection device.

The same functionality and process has existed in phone networks basically since they became electronically switched.


While your statement on CALEA is true it also isn't the correct history. What CALEA put in place was designed for lawful intercept but we also know there were programs in use going against said law [0].

Remember the context of my conversation was 2010-2011 which was pre-Snowden. It's likely state, local and national agencies have less of an interest, today, at route/switch infrastructure simply because of the post-Snowden crypto push.

[0] https://www.vice.com/en_us/article/mvp8ga/the-fbi-wants-to-w...


PRISM was a confusing program because neither the people reporting on it, or the tech companies impacted understood how it worked. The claim was the NSA had direct access in to providers networks, and the companies claimed they did not - the "logical" conclusion was an abuse of CALEA or similar access granted to FBI.

It was later discovered the NSA capability was the direct result of tapping fiber optic cables between international data centers, nothing to do with lawful intercept capabilities.


We never got the full picture on PRISM. We do know that at least a part of the program was a direct result of tapping fiber much of the program also went redacted. I've posted this before but during 2010 the main data center I had access to was closed one evening and the next morning we had a mobile server rack tied back to main routing gear via fiber which was in a mobile rack, blacked out and fully tamper taped. We knew a three letter agency was installing it and all floor access was revoked for that evening as well as being in the building. This was not off long haul fiber but was off of main routing infrastructure. I don't believe PRISM was purely fiber taps and that these programs had deeper hooks. Unfortunately I don't have any evidence beyond the assumption based on the facts I had been given and what I physically saw. I've used and installed a lot of long haul gear and have seen and installed many fiber taps in my day, this implementation was hardly passive in nature. But, that's just first hand knowledge of a random patron of the Internet.


I can assure you that every telecom equipment has lawful interception capabilities. Some countries even mandate a standard log format for metadata (Turkey does that). It's just one of the features that the operators ask for when getting their equipment, because they have to comply with local law enforcement.


Pretty much every developed country has some framework for collecting electronic data pursuant to legal process: https://tmt.bakermckenzie.com/-/media/minisites/tmt/files/20.... Country after country has decided that the government should have access to that information to perform legitimate government law enforcement functions. (The process can be abused, sure, but the functionality must be present to permit entirely proper and lawful requests for data.) And that is deeply rooted in precedent and practice. If you were a maritime shipper in the 1700s, you’d have to respond to law enforcement requests for information about the goods you transported on behalf of suspects. What’s not proper is when a foreign country that performs no law enforcement function in a jurisdiction tries to “siphon data.” Trying to draw an equivalence between the two is entirely fallacious.


> If you were a maritime shipper in the 1700s, you’d have to respond to law enforcement requests for information about the goods you transported on behalf of suspects

Tell me if I am mistaken, but in these specific case it looks more to me like forbidding customers and companies from using foreign made secure vaults because the government can't force them to secretly provide a master key.

Then sure, the argument is also valid that these vault makers could be providing a master key to their respective governments, but that would be a different argument and different enforcement.


This is fine as long as they get a warrant. As long as that's not the case then such searches should be considered unconstitutional.


What most people forget is that in a war the other party shoots back. It may take some time but it will happen and sometimes when you do not expect it. I think that Trump's move with banning Huawei is bad for the US in the mid and long run.


>What most people forget is that in a war the other party shoots back

Yes, and these actions are the US finally shooting back after enduring years of industrial espionage, forced technology transfers, and market access restrictions.


Would any down voters care to expand?

The assertion that there's going to be consequences seems... inevitable? To me at least.


sometimes whoever shots first wins


I’m not betting on US, pun intended.


Anything to substantiate that? Or do you mean "not betting" in the sense that you have no insight into either side being an obvious winner?


The competency of the current U.S. administration is my substantiation.


This might provide some context as to why: https://www.youtube.com/watch?v=4JrF2X4Db84

After 9-11, the FBI's mandate was expanded from investigating terrorist attacks to include preventing them from occurring.


In a way, this helps Apple (and other Android vendors) and in a way, it hurts it. Huawei phones recently have shipped market leading cameras that blow pretty much all other Android and iPhone cameras out of the water. They took a commanding lead as a premium device manufacturer. Hurting their non-China markets gives breathing space to others.

However, if I were Apple, I'd be really worried about retaliation. Apple is wholly dependent on manufacturing in China and its supply chain, and even small disruptions could cause huge mounts of pain.


The last thing China wants during a trade war is to have the 3 million people in Apple's supply chain unemployed and angry.

This particular leverage is also why iMessage isn't blocked in China.


iMessage isn't blocked in China because it doesn't need to be. China passed a law forcing Apple to put all Chinese users' iCloud data in a Chinese datacenter. Since Apple allows for account recovery, they store account keys in that datacenter. Anyone with privileged access to certain production resources in iCloud China should be able to access basically all Chinese users' data.

The one exception is apparently Apple's keychain as per https://blog.cryptographyengineering.com/2018/01/16/icloud-i.... But, if the hardware used to enforce the security is different in China, even that could be cracked.


IIUC if you disable iCloud backup of iMessages, you're safe here. This is because iMessage is E2EE enforced by the Secure Enclave when iCloud backup of iMessages is disabled.


More likely because Apple gave China the master encryption keys: https://techcrunch.com/2018/02/25/apple-moves-icloud-encrypt...


iMessage is end-to-end encrypted.


If you really believe that China doesn't have a deal with Apple that nerfs this in China, I have a bridge to sell you.

China, a country which mandates spyware be installed on phones. Which uses deep packet inspection to block access to foreign websites, that bans VPNs in app stores. China, a country which forces the population of Xinjiang to install Jingwang (https://en.wikipedia.org/wiki/Jingwang_Weishi), a spyware app so they can grab your on-device files. Which has deployed facial recognition cameras in many cities. Which blocked access to Wikipedi because it switched to HTTPS.

That China, you think, is going to allow all of that to be circumvented just by buying an iPhone? Right. Chinese Government: "You're not allowed to use VPNs. But if you're in Xinjiang, and you need privacy, we recommend buying an iPhone, since it doesn't work with Jingwang, nor deep packet inspection. Just tell the police you have an iPhone, and we'll wave the usual regulations we impose on Android devices."

Last time I was in Xinjiang, people there had iPhones. No one believes iMessage would be snoop proof.


It doesn't matter what you believe because Apple said that was the case in court filings during the FBI legal fight. Tim Cook reaffirmed that in an interview with Vice last fall.


What Apple says about what they do in the US, and what they do in China, are two different things. And what Tim Cook reaffirmed is irrelevant, what matters is how the iMessage protocol works.

As far as I can tell, the way iMessage works according to Apple's documentation, is that endpoints generate 1280-bit RSA encryption keys, hold the private keys on the device, but publish the public keys to a centralized IDS Directory Server. Note that their published security documents curiously don't say anything about man-in-the-middle mitigation, and indeed, MITM attacks against iMessage on IOS9 were publicly documented.

Now, what do you know about where the IDS servers are located in China, and who controls them? Because if Apple doesn't control them, and control them in a way that makes them impossible to spoof, then it is easy for the Chinese government to attack iMessage.

Thus, Tim Cook could say "We haven't put any backdoors into iMessage for the Chinese government and it is end to end encrypted" and it would be a true statement, but also Apple engineers could know full well the IDS in China could be subject to a MITM.

A plausible way this could happen, after Apple moved the iCloud keys to China, is that the Chinese government could request to intercept communications from a particular user, and the public keys of every recipient that user communicates with could be replaced with a MITM key so they can rely the messages and see the unencrypted content.

We don't know, but what we do know is that iMessage has been attacked with MITM before, and we know the PRC isn't going to let unbreakable encryption be sold to Uighurs in Xinjiang. It defies logic.


So they said and you believed.


iMessage is encrypted in transit and at rest. However, that doesn't matter if your attacker (the Chinese government) has the encryption keys


The article refers to icloud encryption keys, not imessage keys.

If imessages are backed up to icloud, then the govt will have keys to see them. But if a user doesn't back up, I was under the impression not even apple could decrypt iMessages.


Correct, for data that isn't backed up, you would need to have root access to the user's device.


i do believe rubber-hose decryption works wonders in china.


Not even root access would suffice. You'd need the user passcode.


iMessage (public) keys are "backed up" to IDS directory services. This is how Apple devices do key-exchange with one another. If there is no man-in-the-middle mitigation for IDS, then all the Chinese government needs to do is return spoofed keys for anyone you're communicating with. Remember, when you send messages to other people, you encrypt with THEIR key, not yours (on device). Your key is used for signatures and decrypting messages sent to you by them. THEIR Key comes from the cloud, and thus subject to attack if key exchange wasn't secure.


Doesn't matter if you backup messages to icloud.


That's no different anywhere else in the world.


How do you think iMessages are "restored" when you lose your iPhone and get a new one?


> The last thing China wants during a trade war is to have the 3 million people in Apple's supply chain unemployed and angry.

As an autocracy, China could easily compensate workers for any loss of work. But another obvious answer is that if Apple were banned in China, Huawei and Xiaomi would pick up the slack.

If China really wanted to, they could shut down all iPhone production for the immediate future.


If China shut down apple then you would see company/capital flight from China like you've never before seen in history. The communist party is powerful but I doubt if they could handle a 20% spike in unemployment of some of the best jobs in the country.


Apple isn't the only company in China, plus they could buy-back or eminent domain closed factories and assign them to SOEs.

https://www.wikiwand.com/en/Foxconn#/Major_customers


Once the population boycott a brand or a country the Chinese propaganda and people really do boycott them. Read the news about South Korea and Japan trade wars. The Chinese even tried to burn down a Toyota factory.


Apple's been losing marketshare (and unit sales) while Chinese domestic companies' market share has been growing, so that balances things out. The world's #1 smartphone maker Samsung moved much (50%>) of their smartphone assembly operation out of China and hardly anyone noticed it.


They could still hazard it.


The only thing the Chinese government has to do is explain that American imperialist white piggus are trying to destroy the Chinese people and they wouldn't even be lying for once.

Nationalism is a play card in every country.


> However, if I were Apple, I'd be really worried about retaliation.

I think this view is too narrow. For the Chinese government, there is something more important than revenge. Why kick that cash machine out of your country if it still paying your people paid and make then happy?

I guess the retaliation will come in a different form, even something out of the trade section maybe, depends on what's on Xi's table.


How much more expensive would an iPhone be that’s assembled in the US?


Cost is not the reason all consumer electronics are made in China. Actually, manufacturing there is now more expensive than Estern Europe.

They build them there because all the supply chain is already there. In Shenzhen, the capacitors, resistors, PCBs and most chips are sourced in bulk from around the block. That's something no other country in the West or even East has and it's such a complex interconnected ecosystem that you can't replicate it anywhere else right now.

Most of the CNC, tooling and moulding craftsmen are there as well, the west has far too few left to be able to take over such volumes. Training so many can take years and that's assuming you even find enough people willing to be trained.


I've been watching a lot of videos on Shenzhen and it's just mental. There's basically same day delivery by bicycle or truck of anything your supply line might be running low on.

It's like their transport latency is so low and reliable that they don't need as much buffering. It's amazing to see what small and large quantity production lines can look like.


> It's like their transport latency is so low

Reading this, I begin to scratch head hearing people complaining about factories being squeezed out towards boundaries of Shenzhen municipality.

I remember people thinking of that as some end of the world event.


Can you please share those links here


Strange Parts YouTube channel offers some insights into Chinese electronics industry: https://www.youtube.com/channel/UCO8DQrSp5yEP937qNqTooOw


The bigger issue is that the nature of smart phone releases is that each time you want to bring out a new model, you need to employ a few tens of thousands of people for a relatively short time to assemble them. This isn't possible in most countries due to labour laws and/or shortage of workers.


tesla is starting to automate car manufacturing and seems to be making progress. can you comment on the feasibility on automating smartphone manufacturing? do elements of smartphone manufacturing render automation intractable, or harder than car manufacturing?


As I understand it, the majority of individual smartphone components would be manufactured using automation, and the primary step that takes place in Shenzhen is someone physically putting all the pieces together. I couldn't make an informed comment on the feasibility or cost effectiveness of trying to automate this process as well (I'd guess it's fairly low due to the relative uniqueness of each phone model) but maybe someone else can.

And Tesla is well behind the major car manufacturers in using automation.


the car/tesla analogy was a mistake as it's secondary and evidently not true, but too late to edit the comment. thanks for sharing about smartphone manufacturing. it seems like foxconn is already moving toward this, though naturally slower than projected: https://qz.com/1312079/iphone-maker-foxconn-is-churning-out-...

can you recommend any sources for learning more about the state of automated CE/smartphone manufacturing, or this based on personal experience?


“Yes, excessive automation at Tesla was a mistake,” Musk said via Twitter a few months ago. “To be precise, my mistake. Humans are underrated.”


Wow. Look at Tesla go!

Why hasn't any other auto manufacturer thought of this?!


The other auto makers are too busy rolling around in their billions in profit.

Tesla doesn't have this problem you see.


Haha. Yes. That they really don't. Good point


This is ridiculous. You are making it sound like those suppliers are immovable and somehow only available in China. But let's face it, Apple is in China because of almost unlimited cheap, unskilled rural labor force that can't be found elsewhere. Samsung was also in same spot years ago, but found a much better deal in Vietnam years back and in fact moved much of their smartphone operation there (along with some 200+ subcontractors and suppliers). Unlike Samsung's AMOLED displays, Corning's Gorilla glasses, or SONY's cameras, there is nothing in China that can't be produced elsewhere.

Vietnam also has hundreds of thousands of CNC, toolings and craftmen to produce in Samsung's volume. This supply chain narrative is something Apple marketing folks invented to justify their outsourcing. Trump's trade war with China, as many contract manufacturer move out of China, will prove none of that supply chain myth is true within a year or two.


Everything you've mentioned is basically synonymous with "cost."

An iPhone built in the US from domestic components would probably cost more than most peoples' cars.


While you're right that the logistical issues can all be reduced to cost, it removes a lot of nuance to act as if logistical superiority is the same as the vernacular low-cost.



In what world is Huawei a leading premium device manufacturer? Do you have a source?


Do you consider Samsung a premium Android manufacturer? I assume you're not defining "premium" == "Apple". If you admit that there are premium Android phones, and that Samsung is one of the manufacturers, well, Huawei is on track to surpass Samsung in units sold, AND it has the best reviewed camera. It blows away the iPhone X series, especially at low light, but also produces incredible night/low light protography beating even the Google Pixel Night Sight mode.

in China, they are now the most expensive phones, people are willing to pay more $$$ to get the top of the line Huawei than an iPhone which used to be the previous "look am me, I'm rich and trendy" device to own there. It's one reason why iPhone sales in China have declined.

There's no world in which you can't claim they are not a world leading phone manufacturer and that their devices aren't premium. Sure, the heavy modded Android sucks and is probably spyware and you can't get vanilla android on it, but hardware wise, it is premium. The P30 Pro runs for almost $1000.

People who live in the US kind of live in a reality distortion field around Apple, and are somewhat blind to what is happening in Europe and Asia. And this complacence is a pretty bad way to evaluate your competitors.

https://www.notebookcheck.net/Huawei-threatening-Samsung-for...

https://www.theverge.com/2019/2/12/18221598/huawei-apple-chi...

https://www.theverge.com/2019/4/10/18285123/huawei-p30-pro-r...


Would Xiaomi be a leading premium manufacture if they had a devices running for $1000, when their Smartphone ASP is below $200?

>People who live in the US kind of live in a reality distortion field around Apple, and are somewhat blind to what is happening in Europe and Asia. And this complacence is a pretty bad way to evaluate your competitors.

It isn't RDF, it is "leading premium manufacture" does mean what you think it means. It would be more accurate if it was "leading premium Android manufacturers".


I agree they are a world leading manufacturer (#2 behind Samsung), and I agree that some of their devices are premium. I'm just saying they are not a leading premium manufacturer. Those are 2 different things. Apple and Samsung are by far ahead in volume sold for premium devices globally.



This doesn't show they are a leading premium smartphone manufacturer. This says they are a 2nd largest smartphone manufacturer.

Leading premium manufacturer means largest volume of premium smartphones sold. Huawei doesn't sell a lot of P30 (although I agree it's a premium device).


This. And I am surprised at the amount of downvote and I quote "an assertion that is a fairly well-known fact."


Where’s your citation on P30 sales figures? If apple doesn’t sell as many iPhone X’s as P30s in China does that make Apple not a premium manufacturer if most of their sales are lower end?

https://www.huaweicentral.com/huawei-p30-series-single-day-s...

https://www.cnbc.com/2019/05/01/huawei-ahead-of-apple-in-q1-...

In 2018, they shipped 16 million P20s in 9 months. And they shipped 100,000 in a single day which could translate to 3 million units a month or 27 million in 9 months, but even if they ship 20 million in 9 months which is 25% more than the P20 you can’t wave you hands and act like no one is buying these phones.


Because Apple report their Smartphone ASP, ( at least in iPhone X era ) And you will need to look up even the worst of iPhone X estimate shipment figures.

No one, me or the previous one who replied said anything about P20 not selling. Nor the P30. It is simply not leading premium Smartphone, where Smartphone here is inclusive of iOS. Not by commonly used matrix, where the word leading would directly referred to market ASP and not leading as in technically. And I said this again, it would be correct if the sentence was leading premium Android Smartphone. Or Leading Smartphone ( Excluding Android ) or Leading Android would also be correct.

And I am out.


In a world outside the US, where the Huawei P30 Pro has the best camera combo, one of the fastest processors and a premium. build (and price).


He is right.


Source? And how do you define premium? The sentence implies leading as in market shares, and not technological.


Huawei p30 leads Apple on camera quality by far. It has premium build quality and battery life.

In market share they lead Apple in China, and they ship more units.

Trying to act like they’re a low end bit player is ludicrous. They’re the Samsung of China now, and on track to overtake Samsung globally.


In this one.


Asking for a source for an assertion that is a fairly well-known fact is simply lazy.


Fact?

Huawei is #2 or #1 by unit shipment. That doesn't immediately make them a "leading" Premium Smartphone maker. I could sell 200M of $200 Phones and 10M of $700 Phones. Would that make them leading? Would that make them premium?


To all those stating that Huawei should just make their own OS, it's nowhere near that simple. Forking Android is the easy part, building an app ecosystem that thousands of developers across the globe actively partake in is incredibly difficult. Microsoft couldn't even pull it off with Windows Phone.

I predict their own Android fork and China-focused app store will do fine in China, but struggle big time in other markets.


The difference between Huawei's situation and Microsoft's situation is that Microsoft's app store is not compatible with Android or IOS (obviously, different OS)

While if Huawei uses the Android open source base, the only thing they have to do is entice developers to submit another copy of their app to their store, which is a much lower barrier than the one MS faced to develop a whole new ecosystem


Not if that app depends on Google Play Services, which most developers targeting "Android" take for granted.


Perhaps Huawei will assist in the development of microg (https://microg.org/) - a free (as in freedom) drop-in replacement for Google Play Services.


There's going to need to be a mechanism for in-app purchases and a substitute for SafetyNet as well.


Huawei will never do that, the very concept of free or open-source is absolutely alien to them. But they could develop some kind of their own Play Services, compatible with Google.


Huawei contributes to open source projects right now. I know they have been contributing to OpenStack for years and likely other open-source projects. https://www.stackalytics.com/?company=huawei&metric=commits&...


> Huawei will never do that, the very concept of free or open-source is absolutely alien to them.

The Shenzhen ecosystem has taken the idea of 'Open' and 'Open Source' further than perhaps anywhere else in the world. Huawei the company is built on that kind of information sharing. I highly doubt it's alien to Huawei.

[1] https://www.szoil.org/

[2] https://convidera.com/article/shenzhen-chinas-ecosystem-for-...


"the very concept of free or open-source is absolutely alien to them"

white people have a way of saying incredibly insulting, demeaning things about non-whites in a way that it is acceptable in common discourse.

statement such as these need to be called out for what they are - biased opinions based on an irrational fear of "the chinese"


I would not agree with the statement you've quoted either, but can you see that you've posted a comment shot through with the same attitudes that you believe tainted his comment?

You've assigned a race to another poster based on your own preconceptions of the attitudes and behaviors of members of that race (kicking off your reply to snaky with "white people have a way of [...]") and lumped all members of a race together (accusing all white people of making derogatory statements regarding other races).


Odd that you think this is about 'white people' v 'non-white people' rather than about a company's culture. I see to recall very robust discussions about Microsoft et al's position on open source without race getting dragged into it.


> white people have a way of saying incredibly insulting, demeaning things about non-whites in a way that it is acceptable in common discourse

How do you even know he or she is white? Why racialize a comment in this manner?


I guess they could provide their own implementations of the Google Play Services API's?


It's already done: https://microg.org


The barrier would be that many Android apps also leverage Google's in-built services, which would be unavailable on the upcoming generation of Huawei phones. The question then becomes to what degree could someone replicate those services, and how quickly.


One thing to note is that the whole Chinese Android ecosystem currently works without those Google services or Play Store. It's still challenging to push system without Google globally, but at least they have experience with that locally in China.


How do they replicate the functionality that Google Services provide? And could they bring that functionality to the rest of the world?


It's just very different.

For example, there are a ton of SDKs that provide push notifications, such as Baidu, Tencent, etc...

There are also "super apps", such as WeChat, that offer their own API surface and can be preferable to some app devs.

Then there are some things, such as "advertising id", which none of these SDKs provide (at the moment?).

So yeah, the answer is somewhere between "it's complicated" and "no one".


They use massive mega apps e.g. WeChat


There is already microG: https://microg.org


While true, this is also the case for Amazon's app store, and their app selection is a fraction of the Play store to this day.


Well, if Huawei would say a) here is our store b) your app will be marketed to Chinese population (as long as your backend servers run on Chinese infra)

then, I think they have a chance to attract app developers. Otherwise, I doubt it.


For Chinese market, Huawei don't have anything to worry about. It is likely gain more "Chinese" market share from this.

For the rest of the world, it would be completely different story. It is hard to imagine Huawei won't loss huge market share from the EU and rest of the world without Google's Play Store.


Windows Phone was in a way worse situation. They had to solve an M to N problem, getting apps to attract users while also getting users to attract developers. They tried to leverage their PC install base, but that apparently failed.

The Chinese market on the other hand will always have users, is huge and I presume most developers won't be willing to give up on it. If they do, someone else will serve their customers and might become a future competitor globally.

China-focused apps will only have to re-implement google services. That sound a lot easier to me than supporting an entirely different OS. If those versions can run on google phones as well, devs have the option to drop the play store version down the line to save cost.

I wouldn't bet a lot on it, but this might be the best chance we ever had to get a real play store competitor.


Win mobile was a dominant mobile platform until Microsoft didn't nuke itself with non backward compatible, rewritten from scratch WinMo 7

Palm was a dominant mobile platform until Palm nuked itself with 5 years of clownade with Palm OS 6

Symbian was the biggest, most dominant mobile OS globally until Nokia didn't decide to simply trow it away.

JM2E was the most largely adapted app platform, even into early Android years, until Oracle/Sun simply stopped licensing it...

Now think just how thin is the ice Google is on now with it flirting with idea of "rebooting" Android with Fucsia


For each example, weren't there viable alternatives lurking around to take advantage of the situation?

I'm not familiar with Palm OS, but Symbian and JM2E both has the iPhone and Android OSs as growing threats. Google hasn't officially stated that it is rebooting Android, and even if they did (and did it right), there isn't a major alternative lurking around the corner...


There are a lot of alternative OS and playstore on different part of the world. Huawei has the resources and experience (including other Chinese companies experience since that's how they operate) to offer an alternative to the whole world.

They have experience on chat and payment software and infrastructure system used by millions of people in their country.


Domestically within China, Huawei and other phones already use non-google-app-stores.

https://technode.com/2018/08/13/android-china-q2-2018/


Well, not only in China, but pretty much every other country where demand for Gaps is not an issue, and it was from day one for them as an Android vendor.

It was the one and only Chinese brand with whom Google made a Nexus phone in the past — at least in part to lessen their enthusiasm in throwing out Google market in Western countries


Well Play Store is not accessible in China, so they kinda have to.


Will Huawei still have access to TSMC, Samsung fabs etc? I think Hardware should be more of an issue for them than software. Chinese phones already use some alternative to play store iirc.


It appears they're only losing access to American hardware and software. So that would mean Android, Gorilla Glass screens, Qualcomm processors, etc.


This could actually be a boon for China. Now they have to start developing their phones completely in-house. On the longer term that could be the end for American tech.

If one thing the last 50 years has taught us is that whatever the US can do an Asian competitor can do as well.


>If one thing the last 50 years has taught us is that whatever the US can do an Asian competitor can do as well.

Generalized, I think it's safe to assume any developed country willing to invest in manufacturing is capable of doing what any other country can do [in manufacturing] as well.


That’s entirety the point of their Made In China 2025 initiative


Minor correction: It doesn't mean "Android", it means Google services.


Well they already have their own processors so I imagine that won't be a huge loss.


What about the ARM license? Sure they design their own processors but that doesn't help if ARM doesn't let them use the instruction set.


Arm Holdings is a British company and United Kingdom' relations with Huawei is complicated matter.


Arm was bought by Softbank, which is Japanese, so still doesn't improve potential relations.


> I predict their own Android fork and China-focused app store will do fine in China, but struggle big time in other markets.

Why would they need it to be popular anywhere other than China?


Because they have spent years trying to increase market share in Europe and South America, and are only now seeing the fruits of that labor. In the Chinese market they have to compete on price against Xiaomi, Oppo and many, many others, whereas in overseas markets their offerings (minus the P30 flagship) have a big price advantage over Samsung and Apple.


the could make the phone an actual computer. that can download and run apps from where-ever. many of us are starving for that.


There are plenty of open source third party stories such as FDroid and Aptoide and Amazon's own store. On Android, you can even load APKs directly.


Agree in principle, though can't we get that by just allowing unauthorized sources?

I guess you don't get the relative security of app stores, and there's no widespread culture of free apps on phones like on PCs.

I'd really love, not a new phone or OS, but just an app store that works under a different model. Cheap or free for developers to post, but curated to exclude the most predatory forms of monetization.


I thought about this more this week.

How do we solve the trusted app problem on PCs?

We don't install whatever random thing comes up in google. We look for a trusted recommendation.

App stores are just teaching us that it's ok to install any app, which is not necessarily the best security model.


what if all Chinese companies create an appstore? Might have to do it. These things, and I'm not passing judgment on them, are simply pushing the Chinese to be self-sufficient on everything. Stroke of the Trump pen and X chip for your hardware is denied.


Huawei already saw this coming; at least that's what the company signaled last march when they announced they have a 'backup OS': https://www.engadget.com/amp/2019/03/14/huawei-confirms-os/



HN really should auto-convert AMP links because many HN users still post those.


From comment by StudentStuff, hidden below:

> SCMP is owned by Alibaba, they're far from impartial: https://en.wikipedia.org/wiki/South_China_Morning_Post .


And Engadget is owned by Verizon and they are closer to the smartphone industry. (Hardly impartial too)

https://www.wikiwand.com/en/Engadget


They're the source for the Engadget article, so still a better choice in any case. The change in ownership also hasn't affected the quality of their reporting, as far as I can tell.


I was just reiterating the comment, it was hidden. Also kinda silly for you to say so definitively that being owned by what is effectively a state venture of the PRC doesn't have an effect on their reporting. I wouldn't say that about basically any news outlet, because they all at least have a headquarters somewhere.

And given the PRC's enormous, well-documented investments into perverting the truth and framing the narrative worldwide, more developed than most; even an arm's length relationship is too close for me to put that sort of trust into a a venture like this.


OT: What's wrong with AMP?


I'm not sure why this is being voted down. I'll take a well-known Hong Kong newspaper (in this case the South China Morning Post) over a tech blog re-writing other people's journalism any day.


SCMP is owned by Alibaba, they're far from impartial: https://en.wikipedia.org/wiki/South_China_Morning_Post


Engadget is owned by Verizon, they're far from impartial: https://en.wikipedia.org/wiki/Engadget


Sure, they were. This is the closest thing to Baghdad Bob's bluster, I have heard in my life.

Here is a helpful read, http://zeihan.com/my-way-or-the-huawei/


It would be nice to see Sailfish on there; it might finally help it gain some traction.


If it is an optimized version of Linux, then they should just release it. It will probably be better than Android.


Huawei still uses outdated, insecure versions of OpenSSL through their basestation code, and has successfully avoided using version control despite promising to address both issues back in 2012. This seems like an optimal environment to engineer an optimized version of Linux!

https://www.fiercewireless.com/wireless/uk-says-huawei-equip...


As an Australian with a Hauwei phone, the writing is on the wall for me.

Google Android in no longer a universal platform and moving forward, I doubt I'll ever buy anything again Google or US related again in terms of tech.

This si no longer a China vs US issue, it's the US vs the world.


It's a China vs. the world issue. China has been spying on everyone, for years. Political, military, commercial, makes no difference.


For the EU it's really just the question if you want to be spied on by the US or by China. In recent years, trade with China has probably helped the economy much more than trade with the US. At the same time, China (while certainly acting out of self interest), is somewhat predictable in their actions.

Europeans are really critical of China and their policies (esp. their human rights record). But they don't like the US that much more (apart from the Brits) and with a struggling economy you really don't want to make them choose between money and ideology.


As a european, I'll take US over China any day.

Anti-US circlejerk is mostly confined in Western europe (sans Brits). Eastern europe has totally different sentiment.


>China, is somewhat predictable in their actions

Yeah, wow, it must be completely impossible for someone without decades of US residency or decades of intense interest in the US to understand the US government!

I like to flatter myself that after 58 years of living in the US, I have recently started to be able to predict most of the major decisions of the US government. (Youtube videos of speeches and interviews by Peter Zeihan and George Friedman helped me in my understanding. Most of the senior editors and reporters at, e.g., the New York Times and the Washington Post, although passionately interested in the US government, have only a shallow understanding of it IMO.)


Correct me if I’m wrong but if you get an Apple phone you’ll be spied on by no one. Relatively speaking, of course.


Seems like we have forgotten all about Snowden.


You can easily find examples where you can replace China with the US. And now with the current American leadership I can't say personally that I trust the US more than China at this point.


Would you prefer daily life like in US or China?


I haven't been to US, but all my friends that visited it were quite disappointed with quality of life there (coming from Poland). But I've recently spent a few weeks in China and I'm really impressed with how advanced it is in terms of infrastructure and technology, I don't think US or even EU is anywhere near where China is right now. So it's not as simple a comparison as it first appears.


It's not only about QoL. Personal freedom, government accountability and democracy is as important. If not even more important. Coming from ex-Soviet state you should be aware of that (saying this as your neighbour from Lithuania).

Even if democracy in West (or at home) is far from perfect, it's lightyears ahead of China.


My guess is that during your visit you never left the Tier 1 cities of Shenzhen, Shanghai, Guangzhou and Beijing.


Your guess is wrong, other than big cities (Shanghai, Beijing, Chengdu and Xi'an) I've also visited smaller cities (under 100K) and villages in central China.


I wouldn't want to live in either country, but for entirely different reasons for each.


lol you watched too many hollywood movies growing up that you can't imagine daily life an another country being as good or better than living in America you silly goose


They weren't talking about simply any other country, but China specifically. In terms of government interference and freedom of thought, at this point I think the US is still pretty clearly the better place. From the point of view of the EU, though, it is edging closer to China.


I'll take cleaner air and no social score thankyouverymuch.


Why would you live on those countries? US taxation law implementation is like the Chinese suppression of your other freedom.


So has the US.


> It's a China vs. the world issue. China has been spying on everyone, for years. Political, military, commercial, makes no difference.

So has the US though, even on it's allies as Snowden showed us.


Yep, and China has been playing the same game with its neighboring countries for a while. Remember how China responded when South Korea brought THAAD for missile defense?


Out of interest, what phone can you get that is not US or google related?


Samsung. Google services is just there because I think its required on their contract. All other services offered by Google is duplicated with their own version and variation.


A simple flip/slide phone.


That's kinda hilarious coming from an australian. a country in which some companies have said they will no longer trust their employees due to the new law enforcement bills passed.

In addition australia has the same stance as nearly every western country when it comes to Huawei, namely "only we get to spy on our people, so get out"

I'm sure that the EU/australia/the west is breathing a sigh of relief that Trump did this instead of forcing them to make up some more draconian law about foreign device mfg that would have unintended consequences.


Sad to see as they make some compelling phones with outrageously great prices[0]. I used to think about the privacy problems with buying a chinese phone but this day and age where facebook is selling your data to the highest bidder and the fusion centers crawling all over our cellphone - who cares? I'd rather have the chinese have my data than the US companies/gov't(only because I will never visit their country), though they wouldn't be exclusive in this case.

[0]:https://www.banggood.com/Xiaomi-Mi-Play-Global-Version-5_84-...


The outrageously great prices comment got me thinking about all the IP theft allegations [0]. I wonder if the relatively lower prices are a reflection of the reduced R&D overhead compared to other companies that would otherwise need to recover that initial investment.

[0]:https://www.androidauthority.com/huawei-theft-bonus-program-...


So you think Apple is still recouping R&D costs, or just padding their margins for shareholders?


Xiaomi and Huawei are not the same company


Sorry - mislinked. Still wouldn't be surprised if Xiaomi get's the banhammer from the US gov't though.


Xiaomi doesn't sell networking equipment, which is why Huawei is targeted.


It seems so, though my personal experience with their phones has been hit and miss. The specs look great on the box, but the phones themselves seem to have poor QC and support when things go wrong.

That said, others have only had good experiences. YMMV.


I may have missed this, but have there been any specific accusations against Huawei? It is clear Chinese actors hack and steal IP, but have those been connected to Huawei, or are they just the easiest victim for the US to retaliate against?


There were reports out of the UK about bad software hygiene, with some implications of bug-doors.


We are talking about Huawei and not Cisco right? They seem to have a constant stream of the problems and nobody seems to give a shit.


Nothing new this time around that I know of, though Huawei has admitted to specific allegations many times in the past (e.g. wholesale stealing of Cisco's software in 2003, got caught physically stealing Motorola wireless tech several years ago, etc). Huawei were banned from sensitive infrastructure in Five Eyes for security reasons circa 2013/2014, along with Lenovo (against which there were specific allegations IIRC).

This is just an expansion of official government policy put in place during the Obama administration to the rest of the private sector.

tl;dr: this isn't new territory for Huawei.


Huawei is effectively one arm of the Chinese government, and the Chinese state hackers are another arm of that same government.


Is Cisco that much less aligned with US government interest? I have the feeling it's just down to which government you want to trust.


Not true.


FYI: Trump says U.S. "wants to be the leader' in 5G development: https://www.youtube.com/watch?v=o_Gakw0dPvE


I'm not sure this is really about Huawei at all, so in a sense it doesn't really matter if they have (up to now) done anything wrong. It's really about the extent we feel comfortable trusting the Chinese government.

Now obviously, every country has its own agenda, but there are (arguably) stronger reasons to be concerned about China than most others. They are undemocratic and suppress significant parts of their population (the Uighurs, Tibetans, Christians, ..), don't believe in free speech or freedom of religion, but also have a large economy and military presence. Now of course, other countries are not saints, but the differences with China (and in particular its disregard for human rights) make future disagreement much more likely.


When it comes to security everyone's guilty until proven innocent.


China has apps with plenty of install base. That is probably the bigger threat noone has really noticed yet...


And it is impossible to prove innocent.


None, Australian government has banned Huawei for government work. Me and others have demanded the government to ban them from consumers but no. Huawei is allowed to sell to unsuspecting businesses/consumers in Australia.

Huawei could sue the Australian government over the ban: https://www.afr.com/business/telecommunications/huawei-won-t...


I wonder if this will be the catalyst for foreign companies to stop using US technology. For everything that the US has done to other countries over the years, US tech companies have somewhat maintained their independence. Now that US companies are being compelled to not sell to various Chinese companies, it could be a wake-up call to the rest of the world that US companies are now simply another arm of the US government.


These rules don't make US companies "another arm of the US government". US companies can (and do!) push back against the US government, through the courts, political parties, and ultimately elections.

Chinese companies, on the other hand, have no such recourse against their government.


> These rules don't make US companies "another arm of the US government". US companies can (and do!) push back against the US government, through the courts, political parties, and ultimately elections.

Show me the push back to the following:

- NSA backdooring

- The whole Prisma scandal

- The current trade war with China

And tell me how EU governments benefit from US companies avoiding taxes, and repatriating revenues generated in the European market to the US.

The US is a highly unreliable, politicized provider. The US uses technology to steal data and taxes from other countries. And abuses its position to impose its will.

We can not build our digital infrastructure like this anymore.

I assume EU governments are following this very closely.


As a European founder (small app company) it will definitely add another dimension to how I think about our strategic roadmap. You can be certain that large non-US corporates will be far more aggressive in their approach to this problem.


I can't see any Chinese phone company feeling comfortable with this move. If someone sets up a viable non-US alternative to Android and the Play Store, they could jump ship en masse.


Android phones sold in China use homebrew app stores instead of Google Play already, because of censorship.

This news, if true, will affect the devices made by Huawei and sold worldwide though.


Much more likely is a SaaS to manage distribution to various app stores from one interface.


Hmm, interesting. Does one already exist?


Yes, since each of Chinese android vendors(Huawei/Xiaomi/Oppo/Oneplus...) has their own "Google Play" alternative in China. Their are plenty of tools for uploading apps to each of these markets.


I'm sure one does but I don't know for certain. The difficulty comes in replacing the Google Services functionality. I suspect this responsibility could be pushed upstream into frameworks.


Lineage OS


Lineage isn't good enough on its own. 99% of Lineage OS users also install google play services and the google play store. You need to have a replacement for all of the closed source Google APIs for app developers to use. It's a much bigger undertaking than just recompiling the base OS from source.


You can install F-Droid or microG if you prefer; you don't need to use GApps.

Apart from that the other options you have, are (in random order): /e/, PureOS, KaiOS, SailfishOS, Ubuntu Touch, Plasma Mobile, postmarketOS, among others.


I looked at MicroG and saw this almost immediately: This is alpha-grade software and not yet ready for production use. Do not use if you don't know what you're doing.

That's not going to be good enough for Huawei.

Similarly, all of those alternative OSes aren't going to work if they're not binary, and more importantly API compatible with Android + GMS.


If microG isn't good enough for Huawei, they can make it so. I mean, Huawei is a billion dollar corporation. I hope they do.


> That's not going to be good enough for Huawei.

The question is rather: given that it is FOSS is it good enough for them to extend the functionality on the short-term?

> Similarly, all of those alternative OSes aren't going to work if they're not binary, and more importantly API compatible with Android + GMS.

KaiOS has some compatibility (by design not fully compatible).

SailfishOS has an Android emulator. Other OSes could also use one such as Anbox.

/e/ and LineageOS are binary and API compatible with Android.

GMS is an issue, but given that Google is under a magnifying glass concerning monopoly position related to Android in EU I have some hope that alternatives for GMS (or FOSS implementations) could happen.


Or YALP, Aurora, or AuroraStore.


> Lineage isn't good enough on its own.

It's good for me¹. I want a device that does no phone home to its mothership outside my control. This requires Googles Services not to be installed.

I don't doubt that many nevertheless still use Googles Services.

¹ compared to Googles Android. I'm still desperately waiting for a device with mainline Linux support without blobs.


> without blobs

Will never happen.


Look at the PocketCHIP and OrangePi boards. Allwinner's chips can run Xorg, Wayland, do gigabit ethernet, handle eMMC using mainline Linux all without any proprietary firmware or closed source software.


Huawei phones have locked bootloaders and you can't fet the unlock key from them (there are potentially questionable 3rd party sites selling those, turning this into a market..)

If you do unlock the device and install Lineage OS (which doesn't support more than a few devices), you now basically have a crappy camera app, probably your FreeBuds won't work properly anymore and you really should have bought a different phone.

I love Lineage OS and used it for years (OPO and other phones). It would ruin my P30P though.


Huawei and Honor stopped providing bootloader unlock codes last year [1]. Wouldn't this make it impossible to install Lineage OS or another AOSP-based custom ROM?

[1] https://www.xda-developers.com/huawei-stop-providing-bootloa...


Beats me why more manufacturers don't just take Lineage.


Is the license still controllable by the US Commerce Department though? Because if so I don't think the Chinese would be interested


No more updates for my Huawei phone then presumably. Really feeling more secure now!


Google have no choice but to comply with US law. This is now going to make a load of existing US owned (Huawei manufactured) devices less secure unless an exemption is agreed for things like software security updates.

Not only that, the ban encourages a long term move away from US-based tech as alternatives are needed within China. This new tech will ultimately be available worldwide, but no longer owned or controlled by US companies.

As someone from neither China or US, it seems crazy. It’s one thing to ban Huawei from your own markets for security concerns, but by making such a heavy handed ban on working with them, the US government seem to be making the US less secure short term, but also US companies will be less competitive and less influential in the world long term.


> the ban encourages a long term move away from US-based tech as alternatives are needed within China.

China blocked Google play years ago and repeatedly blocks every attempt Google tries to make to relaunch back into china [0] so they did that a long time ago.

[0]: https://www.cnbc.com/2018/01/17/google-misses-out-on-billion...


It's bigger than China blocking Google's adware/spyware crap.


> Google have no choice but to comply with US law

Like they have no choice with tax laws. Or no choice with cartel laws. Or no choice with data protection laws.

They are agressively trying to circumvent many laws all the times to extend their monopoly and grow their profits. They have multi-billion fines from the EU and several member states pending and no somewhat critical thinking citizen would claim that EU has been particularly tough on their monopoly and tax evasions.


Huawei really needs to give everyone bootloader unlocks so that people can move to LineageOS in the meantime.


They will probably lose support from mobile carriers at that point.


Why would they care now? Their devices are essentially dead in the water in western markets.


Check out the double digit growth they have in the EU.

Google is fighting hard to keep their app store on Huawei devices, because they don't want 10Ms of users to force-adopt alternative app stores.


why would carriers care about bootloader unlocks? it's different from a carrier lock, which prevents a phone from being used on another carrier.


Doesn't an unlocked bootloader almost automatically allow bypassing of the carrier lock?


if allows baseband chip firmware update, then yes


aren't those signed anyways?


even if it is, you can probably do an update with an unlocked one. (so the update is not device specific, not tied to IMEI)


Your phone was manufactured by a front for a foreign intelligence service. It was never secure.


American-manufactured devices are probably equally as infiltrated by American foreign intelligence services. Hence why they don't just use a standard Linux distro with open source firmware.


Even if it was true that American phone companies are infiltrated by American intelligence services, you have to ask yourself which government you trust more. As a New Zealander, I think there are very good reasons to trust the US government a lot more.

Heck, if you look at where Chinese officials try to stash their money and their families, it's clear they trust Western countries a lot more too.


> As a New Zealander, I think there are very good reasons to trust the US government a lot more.

As an EU citizen, idk, China seems more locally focused, the U.S reaches everywhere. Speaking of NZ, the whole Kim Dotcom situation makes it look like a U.S.vassal state, honestly.


Hardly, look at what the Chinese are doing in Africa and the "Silk Road" initiative and how they load down countries with borrowing so they can come in and clean up 10 years later.


Of course I trust China more. China never militarily supported a coup in my country.


There is no proof of this, but there is tons of proof that China state funds Huawei and has the intent of espionage and IP theft.


There is no proof at all. There are a lot accusations, but US government cannot provide any evidences to back them up.


The opposite actually


US government spying has nothing to do with why manufacturers don’t “just use a standard Linux distro with open source firmware”. There are no GNU/Linux (as in, with the GNU userland) distros that work well enough on phones to compete with Android and open source firmware removes some competitive advantage around things like image processing.


Just to play devil's advocate, do you have any citations for that statement?


I'd hardly presume Huawei is a front for a foreign intelligence service, but their software for cellular basestations is extremely vulnerable (hundreds of different vulnerable versions of OpenSSL sprinkled through) and they still can't be bothered to use version control, despite committing to address both issues back in 2012: https://www.latimes.com/business/technology/la-fi-huawei-bri...

Huawei's products are vulnerable by default, anyone can look up the applicable CVEs and run the proof of concept code for said CVE to pop a shell. China doesn't have exclusive access :)


No, I think it is, that would explain a lot of things - like how can they make/sell premium mobile phones for less? If the Chinese govt is paying you (say) $100/user to plant a back door, that would certainly help.

Remember that Huawei settled out of court to the 'allegation' that they copied Cisco's source code.

So, are Facebook a front for the CIA?


No. Although Huawei did do some shady shit, like come up with a bonus scheme based on how much IP/market intelligence their employees could "acquire" from their competitors.


Personally I would prefer it to be a foreign government rather than the one in charge of the country I reside in...


Well, OS updates weren't going through the play store anyway, no? And it appears you'll continue to be able to download app updates via the play store "But users of existing Huawei devices who have access to the Google Play Store will still be able to download app updates provided by Google.".


Some security updates will be installed via the Play Store starting from Android Q.

https://www.theverge.com/2019/5/7/18531350/google-android-q-...


Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: