I suspect that's what they're talking about here. I also suspect a much more clever actual backdoor in their products. People think a backdoor is something that gives direct shell access,but in reality compromising data integrity or compromising something else so that the attacker can access it easily or a one way "back window" where the device or other devices are taken offline is also a "backdoor".
Huawei is distracting from concerns of actual backdoor. They can easily say "would you consider windows auto-updates a backdoor? How about windows remote assistance?" ,they're basically misdirecting to a defensible side door by calling it a backdoor.
It was abused by Microsoft to push unwanted telemetry and advertisements to mostly unsuspecting users of Windows 7.
Not sure why they’d even need that, this stuff is buggy as shit as is.
You mean, you don't know the agenda. The "point" was data, namely:
- the Washington game that leads to unreliable journalism
- the fact that all Huawei's competitors have the same law enforcement backdoors, the same support contracts, and there's no evidence or even accusation that Huawei is doing anything different
- my own personal experience watching Huawei support engineers using their "backdoor" "sidedoor" "frontdoor" access to gain intelligence information.
> implying it's reporting is inaccurate
Unreliable, not really inaccurate. It's clearly bad journalism violating clearly expressed ethical standards. That doesn't mean it's wrong, it doesn't mean the government official's accusations are false. It instead means that we can't rely upon them.
> straw-man argument that all telco manufacturers/operators do similar things for law enforcement so we shouldn't be concerned about Huawei's practices
I'm not sure you read the article. I make it clear that we should be concerned about Huawei even if their hardware, software, and support access are no different than any other vendors, because the Chinese government can lean on them in ways democratic governments cannot lean on their own vendors.
> comes off as blatant astroturfing
One of us does not understand "astroturfing". This is clearly an anti-Huawei piece that nonetheless tries to understand things from Huawei's point of view. I haven't worked with Huawei's engineers, I was working on a mobile companies systems when I saw Hauewei's support people log in via their VPN and gather national intelligence information.
The point is that everything can be true: Huawei can in fact be no different any competitor, doing at least as good a job preventing backdoors, and yet still be a national security threat due to backdoors. I believe it's good policy to forbid Huawei equipment in 5G deployments even if I doubt they have any special technical backdoors.
In comparison with USA this is where you lost me, aren't NSA's national security letters just as much a way for the government, or whoever has weight at the NSA, to access so-called front-doors? Depending how you define democratic the NSA can "lean on vendors in ways democratic governments cannot". And you intimate that access "from China" might equally be being done on behalf of USA's secret agencies.
That's fine if you trust USA, and it's leadership (covert and public).
To me, in the UK, when USA are saying "don't use Huawei" the reason that seems to be most likely is 1) financial, 2) because then we would potentially be subject to Huawei's backdoors instead of USA's backdoors. And as a citizen I'm pretty certain Five-Eyes/GCHQ have every tiny bit of meta-data about my tech use for the last year: so China can know who I call and when too, giving up that as well in exchange for reliable 5G seems like it's not really losing me much.
Seems in the UK we're more at risk from USA's financial meddling than from China's?
Officials can and do cite intelligence without anonymity with some regularity.
These discrepancies are circumstancial evidence against the backdoor story being factual.
(Whose advantage do you mean?)
* The WSJ allegations--that Huawei has allowed unauthorized use of its lawful intercept capabilities by Chinese intelligence--are anonymous and therefore unreliable.
* Rob personally knows (based on his own experience, omitting any details that would enable us to validate the story)that Huawei has allowed unauthorized use of its lawful intercept capabilities.
In a less contrarian framing, this could be rewritten as, "The WSJ article is accurate, and I'm even willing to put my name on the public record as having seen similar things."
It's fashionable these days to criticize anonymous sourcing--and, hey, I agree a reader should be cautious about such things--but this has to be the first time I've seen someone criticize an anonymously sourced article while explicitly validating its claims.
Let me explain.
First, let me get across that I am neither for nor against Huawei, neither for nor against The Wall Street Journal, neither for nor against this article/video nor the claims made in it.
My first problem, if I have a problem, begins with human language...
You see, we can call something a "front door", we can call something a "back door". We can say that "front doors" are used lawfully, by law enforcement (or others), for the purpose of "lawful interception". And we can say that there are "back doors" (generally associated with illegal, unlawful activity -- but this may not be the case in all circumstances), and that there are "maintenance doors", that workers use.
But the problem is, this use of language dumbs down our conversation.
A simpler view of the universe would say that there are methods which can be used to access data, and that actors employing such methods are either authorized or not authorized.
In other words, you have "access method", and "authorized" or "unauthorized".
Authorized is you have permission to use it.
Unauthorized is you don't.
That would be the simplest view of things.
But this is not what's disturbing...
You see, there's a fairly deep legal question in relation to this...
To understand it, let's suppose I was a manufacturer of network equipment. And let's suppose I was coerced by a government (U.S., Chinese, Other Government), by whatever means (legal, sanctions, threat of violence, threat of loss of commerce, ?) to add a backdoor/front-door/access method (call it what you will) to the network equipment, for this government's law enforcement community.
So now that backdoor/front-door/access method (again, call it what you will) -- is there and all.
Now, here's the legal question...
If it's there, by virtue of it being there, by virtue of the government actor knowing how to use it as a means of access, is the government (foreign or domestic) then legally authorized (do they have permission) to use it?
In other words, if I, as a network equipment producer, then sell my backdoored/front-doored/access method enabled product to a service provider -- do the legal rights for that backdoored/front-doored/access method -- go to the service provider, who must again explicitly grant them to the government (again, foreign or domestic) in order for them to use that backdoored/front-doored/access method, and still be authorized?
To make the story short, authorized access, (from a legal point of view), is not just one, but a series of contracts and contractual agreements (and the interpretation of those contracts!) made between many parties, including, but not limited to the manufacturer, the service provider, and the users to whom service is provided to.
In other words -- there's no easy answer!
The devil is in the details!
Even a Lawyer could not answer this question... it would have to be determined by the Courts, and then it could go many ways, depending on the number of actors involved, the contractual agreements between them, and the legal arguments raised...
We have FISA Court -- but even FISA is not a blanket authorization in the presence of other contracts! (FISA might be a blanket presumed authorization if no other contracts were present, but generally speaking, that won't be the case...)
In other words, two cases involving a lawful intercept from two different equipment manufacturers could go two seperate ways in the courts!
A legal mess, to be sure...