I wonder if this covers Baofeng radios. (I'm not sure who their parent company is so hard to tie them to the Covered List)
Trade barriers cloaked in National Security cloth are nothing new, they were common in the old Soviet Union (a lot of US made computers were forbidden from entering, and of course the US refused to sell more advanced computers based on National Security concerns), they have been active on and off with China as well.
But the interesting thing for me is the reversal, which is as good an endorsement that Chinese industry is legitimately reached parity on a development scale with US goods as any press release the PRC would push out to the news wires. What it says is that China can deliver compelling solutions in the communications and surveillance space with entirely organic (and thus not controllable) supply chains resulting in products that US customers want to buy and US security interests can't insure aren't compromising their buyers. Having the shoe on the other foot has got to feel a bit weird right?
Banning China from having EUV today will just force them to double down. They’ll eventually get it and then surpass it. It should be obvious at this point that China will dominate the hardware space in the next 10-20 years.
Maybe. AFAIU, they've been pretty incapable of getting anywhere near high-end fabs working, and have relied a lot on western consultants to actually get what they do have up and running.
I don't think it's a foregone conclusion that they are going to dominate cutting edge computer hardware at all.
The US banning higher end devices also possibly means they are harder for the US to surveil. This may make them more valuable to people that are not Chinese and wont ever spend time in China.
Wow, you'll have to provide some evidence of that in the past. I mean, sure, the US likes to surveil as much as the next state, but the US generally favors security over surveillance. Such a position would be wildly inconsistent. I just don't see that happening. Ever.
Keep in mind, a fair amount of overlap between US military and the US intelligence community. These are the people that build things like Cheyenne Mountain and Raven Rock and ARPAnet and fund lots and lots of computer security research. They are paranoid patriots. Some might be patriotic paranoids, but the general trend is "both". They don't want leaky machines inside their borders.
Thanks for connecting the dots, I was doing this research before I found your comment. I knew I had searched for covered telecom equipment last year.
Also, I didn't know the covered list was being updated. Does anyone know what AO Kaspersky is? Is that the official corporate name for the anti-virus Kaspersky?
The prefix “AO” in the name of a Russian business entity is like the suffix “Co.” in English; it’s an abbreviation for aktsionernoye obshchestvo (акционерное общество), joint-stock company.
In reality, Chinese manufactures will just ignore FCC licensing requirements. A good amount of cheap Chinese electronics on Amazon are already unlicensed, so I doubt any new changes will affect them. Online marketplaces like Amazon really need to crack down on products and make sure they are properly licensed.
and that's fine in the scheme of things. Random one-off imports by researchers or hobbyists via AliExpress? NBD.
Deployments at-scale where vendor support engineers could theoretically use cellular gear for passive collection? Major concern.
Hytera being used for commercial 2-way radio? Similar concerns on the repeater side, not to mention questions about encryption quality if they are used by governments.
You have to name the vendor for commercial 2-way radio licenses, for USDA RUS funding, etc. Lying on those forms brings far worse penalties than what a random individual buying a Hytera DMR for ham use off Amazon would face.
Hikvision is the odd name here. AFAIK they do not make cellular handsets or base stations and were already prohibited from being used on government contracts.
Regarding Hikvision: I have a wide assortment of radio gear, and found cameras in our trailer park running on channel 12 and 13 unencrypted Hikvision ip cams.
So you reject the idea of civil disobedience, and in reality reject the idea of case law and the entire legal system as most laws are written and challenged based on violations of the law.
Laws that everyone follows, 100% of the time NEVER get changed. For example Marijuana is only becoming legalized because of MASSIVE violations of the law and the public rejecting the idea that society should be punishing people for a plant, nor that tax payers should pay the costs to lock someone in a cage because they had a plant that was not approved by the government.
Further laws and regulations are only fleshed out, solidified, or invalidated via violations of the law. Rarely would have person even have standing to challenge a law unless they first violated... This is why you often see the government drop charges if they think the person will fight a law or regulation on constitutional grounds because they would rather take the single loss, then have their regulation ruled unconstitutional
Civil disobedience is not about ignoring the law because it’s inconvenient and hoping you get away with it. It’s about breaking the law publicly and accepting the punishment to show the injustice of the law.
The only government I would vote for is the one where politicians above some level are directly responsible for the living standard of their population except that 1% part and corps. This of course does not exist. If it did stupid laws or twisting of the normal ones would not be tolerated.
It IS a fraud and a counterfeit to illegally sell a device without a proper FCC license. They are either selling the device with a license ID for a different device (Counterfeit) or selling it without any license (Fraud).
Either way, it certainly has not gone through the required tests for not producing unacceptable levels of interference, and so could at the very least create problems in your environment and other devices.
If would only be "fraud and a counterfeit" if they were to affix an FCC label on the device with out having it approved by the FCC.
However if they are simply selling a device that is not approved and registered with the FCC, they are violating FCC regulations but it is not "fraud and a counterfeit"
>so could at the very least create problems in your environment and other devices.
First that assumes facts not in evidence, there is nothing proving FCC provides any actual value to society in the realm of testing. Other standards bodies or even an international approval outside of the FCC can more than fill that void. Look at electrical safety, there is no governmental body that approves devices for electrical safety that is 2(?) private organizations the most famous being UL, but there are others
Second outside of regulatory requirements one would have to assume a consumer even cares if a device is "FCC Approved" I suspect most do not care at all.
>>If would only be "fraud and a counterfeit" if they were to affix an FCC label on the device with out having it approved by the FCC.
While I'm sure you meant "It" vs "If", it was a typo for me to write only "and" vs the intended "and/or".
I can also point out from having dealt with the FCC that it is a very common practice to do what you said and affix a label for a different approved device to a non-approved device.
As far as the FCC's value, it has been a while and may have changed, but IIRC it is up to the device manufacturer to get tests run in an approved RF lab and provide the results to the FCC (so it works/worked a lot like you are suggesting); AFAIK they do selected tests, not all tests.
And yes the FCC DOES provide significant value here. While no one cares about the "FCC Approved" label while buying, without the process there would be a huge amount of interference and most wireless stuff wouldn't work at all. There are thousands of ways to unintentionally fork-up a radio design and thousands more to fork-up a circuit design so it unintentionally emits and receives interference.
Only by being required to check and comply with emissions limits is the RF space even half-way usable — and we're talking about not only your wireless earbuds or car radio, but GPS and aircraft navigation. Even aircraft navigation systems are an issue today because of old-generation equipment and new 5G bandwidth usage creating interference, so they need to rework the standards and install upgraded devices.
Just because the average consumer doesn't know or care does not mean it's unimportant. The average consumer also doesn't know or care about the entire food safety regime, they just expect that they can eat what the get at the grocery store and not die. Similarly, because of the FCC regs, we can expect that we can bring home and turn on a new device and not have it make every other device on the street fail.
well, yes and no. Amazon most definitely has a counterfeit/stolen goods problem that they are deliberately (from outside perspectives) not doing anything about. however, if a "legit" vendor is selling devices that does not meet local regulations and it is known by the seller this is true, then the seller has blame as well.
I think there is/should be a grace period though. If a retailer is provided goods by a vendor where the vendor knows their products are illegitimate, it is possible for the retailer to be unaware. However, once it becomes known that the vendor is selling illegitimate products, it is up to the retailer to then remove those items. Most major retailers have agreements/contracts with these vendors that say they must buy back any merchandise unable to be sold. This would be a normal way of handling things. Once this avenue is not pursued and the retailer continues to sell the product, then the retailer is no longer innocent.
Amazon started requiring FCC information on RF devices this year. Late is better than never.
While Amazon -- given its vast resources -- has no excuse not be a good citizen, obviously the burden on retailers and marketplaces needs to be balanced.
The local mom and pop toy shop selling a few uncertified RF-controlled cars isn't exactly the ideal place to initiate enforcement actions. I'd suggest volume importers or facilitators of volume imports.
at some point, knowingly selling banned equipment should bring down some form of punishment to be sure. it just seems that the gov't is scarred of public outcry for going after amazon and its ilk. it's like they don't want to spill the apple cart when the apple market is in "turmoil"?
This should not come as a surprise to anyone here. The fact that people on HN still defend china when they clearly got their success through espionage and cheating just shows how much influence XI has on american institutions and social media. I hope everyone just wakes up in time so we can stop this nightmare before we lose everything we hold dear.
i’d like to hear more about how Xi is influencing the HN perception of these things. it seems a leap to go from “American HNers disagree with many actions by their own government” to “they disagree with this primarily because of foreign influence”. i think the simpler explanation is that there’s a lot of idealists here who take more of a moral absolutism view of things than is historically practical for a state to do: “this anti-China policy Y is silly because US also does terrible things relating to Y”, not caring (at least publicly) which of the two parties is a worse offender to Y.
You should read up on US history. Brits were not very happy about US ignoring their patents. Selfish people just like to kick off the ladder once they've used it to climb up.
We should criticize China for human rights violations, not for copying useful ideas and trying to learn to build tech on their own.
They seem to make a special case of modules by those brands, for example 4G or 5G modems that are contained in other manufacturers appliances, and these days employ self contained operating systems in theory perfectly capable of moving information back and forth without any intervention, or even knowledge, from the device employing them (cellphone, IoT device, industrial appliance, vehicle etc). The problem is: how do they certify them without obtaining the firmware source code along all the original design data?
FCC doesn't necessarily concern itself primarily with device functionality and security, but rather enforcing the rules of the road, so to speak, for the electromagnetic spectrum.
For example, if you sell a microwave oven, you need to use the ISM band or whatever they deem appropriate, and they won't mind whatever EMF goo it puts out. If your microwave oven deviates from allowed parameters, it will fail cert. If it interferes with telecommunications or other equipment and you sell it anyway, you can get in big trouble with Uncle Sam.
If you sell a widget that is functionally insecure but you don't lie about it in a negligent or fraudulent way, that isn't necessarily a problem. If you have a backdoor for some nefarious purpose, that could run afoul of numerous criminal or civil statutes. Some of these statutes vary by state, too, so best practice is full disclosure, of course.
Is it just me, or does the full "report and order" spend way, way too much time responding to the comments of various telecom companies and trade groups? The tone seems far too deferential, as if they're apologizing to the industry they're trying to regulate.
In “notice and comment” informal rule making under the Administrative Procedure Act, it’s standard for agencies to review the submitted comments in the final rule, to show that the data, views, and arguments of interested parties were considered as the law (5 U.S.C. § 553(c)) requires.
Hey, the national security hawks get another twist of the knife to China and the home telcos get fewer people horning in on their turf... win-win scenario for everyone concerned I guess.
While I have no doubt than basically anything from China is probably backdoored (and to the fault of western countries outsourcing manufacturing for cheap labour), what exactly has Huawei done?
How do we know that the Cisco equipment also isn't backdoored and if I send a few malformed TCP packets it opens up its control plane on the receiving port?
Compared to the last few decades, it seems like a strong hand banning these companies. Personally I would like all electronics and products to be made in countries that respect some level of human rights I am comfortable with, but that doesn't really seem like an option currently.
Huawei singlehandedly destroyed Canada's Nortel Networks through espionage and sabotage.
The CIA did an analysis and discovered that Huawei was dumping wireless equipment to small wireless providers in areas around US military basis at a loss. At the very least, the ability to disrupt communication of those military bases were easily achievable.
Look up the FuFeng project where a Chinese company is trying to purchase land in North Dakota for an agriculture project near a US Air Force base. The city of Grand Forks even approved it but people are still trying to fight it because of national security risk.
Every time I see stories like this I can't help but feel a twisted sense of respect for China, because they know how to read the rulebooks and take advantage of it all for everything we're worth.
Defeating the biggest military and geopolitical superpower known to mankind is trivial if you understand you can just ignore all that and instead buy it all up, and it becomes even more trivial if your enemy straight up gives you the monies for it. Literally free real estate.
So kudos to China, they know how to play to win and they're playing to win at all costs while we keep hoisting our own petards.
I'm not quite sure what the long game would be of buying up land. Obviously, in an escalation of contentions between the two countries, the US would simply seize said land.
We've banned this account for breaking the site guidelines.
If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://news.ycombinator.com/newsguidelines.html.
Well, money has always been the rule of law of this land. The founding father's thought they were breaking the kingship. Marx even remarked on democracy being the best way to give the illusion of fairness, while keeping capital in control.
My father worked for what was basically a bootstrapped startup at the bleeding edge of computing in the late 80's. Eventually his company, through a series of exchanges was part of Nortel Networks.
He'll tell you a different story. When you mention the "espionage / sabotage" he doesn't laugh or shake his head, it actually just outright infuriates him. Such a naive narrative only angers him because it seems to absolve the people who managed the company of outright incompetence and corruption, which is how it should be remembered.
For example: one story I vividly recall because I could never fully fathom it involved a specific female executive who was traveling for business - first class overseas. She never made her intended engagement because she was immediately arrested upon disembarking the plane. She had got drunk and (although married) decided to perform overt sexual acts with the gentleman sitting adjacent to her. On the plane. In her seat.[1]
At some point the culture of the executive at Nortel, for whatever reason, became completely incompetent and outright immoral. Rather than Huawei underhandedly perpetrating the perfect crime, it was simply the people at the head of the organization that solicited the crime to pursue their own benefit above all else.
Sorry to point out, but your father had no special insight into Huawei's espionage at Nortel. I could say the exact same criticisms of my employer, but I wouldn't know anything about espionage going on.
Huawei's espionage was well documented at Nortel, it's not within any level of dispute.
Nortel networks haven't been around for nearly a decade. I've seen lots of news about 5G/Huaewi and 'core networks' only in the recent years in western countries (UK/US mainly). However, I haven't seen anything published that really reflects new risks/major backdoored products.
I wouldn't 100% trust anything built in China, but there must be some reason people are only taking action now? Unless it's just "better late than never" response after years of this.
People are taking action now because the West spent decades underestimating China, probably for xenophobic reasons. I'm willing to bet a lot of people assumed they weren't as capable as westerners and now it can't be denied.
IMO, it was a classic mistake of underestimating a potential rival while stroking our own egos about how smart, capable and powerful we are in comparison. Reality finally trumped hubris.
The Chinese government doesn't play fair, and the West has been letting them get away with it for decades. They take full advantage of open markets available in the rest of the world, but close their markets to outsiders; at best, outsiders can get a piece of the action, but only through the oversight and partial ownership of a local company. The idea that China is still a "developing nation" and should have special status and privileges is a joke.
While I won't claim that Western nations don't have issues with censorship and freedom of speech, the Chinese government punishes foreign corporations (economically) that say anything critical of China or its government. The Chinese government exports its propaganda and censorship policies through informal economic sanctions.
I'm not particularly interested in allowing an authoritarian government that pushes pervasive propaganda and censorship to become the next world hegemon. (I'll freely admit that the US is no saint in that role, but I think it should be obvious and defensible why I'd prefer the US in that position rather than China.)
Note that this is all about the Chinese government. I have no problems with Chinese people; by and large, those I've met on my few trips to China (granted, my last trip was over 10 years ago) and those I've met who travel to and live in the US have been good, friendly, intelligent people. It's perfectly reasonable to be against the constant, widespread actions of a foreign government without being branded a xenophobe.
The parent comment isn't saying anti-China actions and suspicions by the government are xenophobic. It's instead saying more or less the opposite: that the delay in these kinds of actions is possibly down to policymakers seeing China as lesser and not worth concern.
And the US befriended China for important strategic reasons starting with Nixon. If they underestimated anything it was the ability of an authoritarian regime to retain power through such a period of economic growth. Middle classes tend to want western products and media. But the economic growth itself was a deliberate goal of US policy.
I was going to add some about at least several decades of US/Western approach being from a playbook of having the market kind of lead to liberalization on its own, and the Chinese government's ability to reap the rewards while maintaining control, but I didn't want to bloat the comment.
As for xenophobia being the opposite, I imagine the comment being referenced (now several levels above) was using -phobia in the common modern sense of including bias or prejudice and not literally fear.
If you go through my comment history, you'll see that I am critical of the CCP for many of the reasons you've listed.
However, my argument is that the West, in general, underestimated China because of beliefs of cultural, economic, political, intellectual, ethnic, moral, etc superiority. Those beliefs were ultimately weaknesses.
I don’t think it’s xenophobia. The US helped China into the WTO. The dispute is really about the status of China. The wto allows developing countries to impose import restrictions and various other protections. China—number one by gdp ppp, or #72 by gdp ppp per capita- says they are still a developing country and don’t have to give other countries equal access to their market. The US disagrees.
I know there are other complaints, but this is the core issue.. and I strongly suspect the us would look the other way on those issues if there was equal access, like they have in the past (to maintain access to the market).
The US isn’t a single consistent entity. US basically enabled modern day China by opening trade, but now that they are catching up it’s no longer advantageous to help them forward.
The US benefited from opening up to China. It returning to the dominant economy in the world was an inevitability with or without US support.
Being on good terms with them and dealing with inflation by using their labor force bought the US some time but US politicians just acted more irresponsibly (warmongering) instead of capitalizing on the temporary windfall.
It wasn't xenophobia, the West has been gradually waking up to the realization that their idea of converting countries into more ideal partners by building strong trade is not really working as the countries they're trying to influence will just take the benefits and not reciprocate.
It has become especially clear over the past few years, first with COVID highlighting the fragility of supply chains dependent on such one-sided relations and now with the invasion of Ukraine showing that such relations may also not be as strong of a deterrent against war as previously hoped.
The traded deals are very far from the charity of the west.
The traded deals by the west were based on the benefit to the western countries. It is not a charity. The low inflation, the record profit of the western companies and bonuses are from cheap labour and resources from more desperate countries.
Of course they weren't charity, they were mutually beneficial. The entire point being that offering mutually beneficial deals would lead to reciprocation with more mutually beneficial deals, building a dependency on maintaining such mutual deals.
In the same way that the US and EU going to war or even just breaking off diplomatic ties is extremely unlikely to happen due to how much they have integrated with each other on the back of mutual benefit.
I wish this this true : "deals on mutual benefit". The Relationship are based on leverage though.
There is no way my country able to ban US product or prevent US taking over strategic company based on security concern. Election interference and fake news from the West is also a normal things.
Imposition of market liberalism, to me at least, feels like an extension of that perceived Western superiority, especially combined with the hubris that The End of History drew from.
It reminds me of how the U.S. and Britain underestimated Japan just before WW2. They thought Japan was a bunch of funny little men, not really competent at fighting. This led to a very rude awakening in Dec 1941 and throughout much of 1942 when the Japanese Navy proved to be extremely competent and, together with the Army, seized a lot of territory across the Pacific (Singapore, Philippines, etc)
A rival for hegemony in the Asia-Pacific (APAC) region. The current hegemon in this region is the US. It is the strongest APAC power by far due to its numerous military bases as well as its network of strong allies (Australia, New Zealand, Japan, South Korea). China seeks to displace the US as the hegemon in APAC. Naturally, the current hegemon doesn't take too kindly to that. So they view China as a rival.
More than US seeing how PRC has significantly less disputes (normalized for acession time), both as initiator and target per WTO stats and generally abides by WTO disputes ruled against her favour. Even PRC's accession protocol was made extra onerous via US objections who still got outplayed - it isn't/wasn't PRC paying lip service while blocking WTO dispute resolution system. PRC believes in free trade more than US because she's learned to play the game better vs US flipping over the gameboard. Which is fine, globalism no longer in US interest, but lets not pretend US isn't systematically the worst exploiter of free trade even while being the most influential rule writer, and increasinly worse when as those priveleges erode.
You’re talking about the China who recently put trade sanctions on Korea for installing missile defenses (who has a now-nuclear neighbor) and Australia for dare mentioning that COVID originated in China?
>If Beijing keeps breaking free-trade rules to make its foreign-policy points against rival nations, it will hurt domestic markets and lose international stature
You eating biased media diet doesn't invalid the statistical reality that PRC, relative to her signifcant trade volume and relationships is objectively one of the better adherents at WTO relative to countries that whine about PRC unfairness. From TWO DSS database:
- PRC 65 disputes, 21 as complainant, 44 as respondant
- USA 279 disputes, 124 as complainant, 155 as respondant
- SKR 39 disputes, 21 as complainant, 18 as respondant
- JP 42 disputes, 26 as complainant, 16 as respondant
- AU 25 disputes, 9 as complainant, 16 as respondent
- EU 190 disputes, 104 as complainant, 86 as respondent
Another apt comparison: India 56 disputes, 24 as complainant, 32 as defendant, while 1/5th smaller than PRC.
Normalize for trade volume and accession time (PRC has been WTO member for 21/27 years, with again, more onerous accession requirement than typical) PRC is better than all USA, SKR, AU. In fact substantially better than other major powers. And as US has demonstrated, historically, it's completely normal to jetison trade rules for national security / foreign policy.
Forcing equal access to markets is a limit on sovereignty (freedom). That's why the TPP got shut down. Equal access to markets in many cases just means total economic subjugation of weaker nations by commercial interests like the whole India colonial period.
Yeah sure… the worlds largest economy is too weak to import roughly 300b a year in goods to balance us/China trade. 300b/yr is enough to subjugate a 27 trillion/yr (gdp ppp) economy. rofl
My point is rather than deciding which economy is large enough to decide for itself how to tariff, you let everyone decide for themselves. And in fact this is how the world works by default, and even the US chooses selective tariffs… so what does it mean to selectively cry “fair trade” only when it benefits your local corporate interests?
Think about the opposite of what you are suggesting… should China now start subsidizing US businesses by buying made in USA when they don’t have to? If we make good products, they have no choice but to buy it because their citizens will demand it.
And your last sentence is wrong— Chinese are not free to buy us made goods if they think they are better. China places heavy tariffs and other protections on imports.
Since you seem to be unaware.. that’s what you’re arguing for: the right of China to place heavy tariffs on foreign goods, while using wto rules to prevent other nations from doing the same to Chinese goods.
Counties agree to wto rules so they can export more.. those rules apply in both directions. If China doesn’t like wto rules, they can withdraw and do as you say: everyone applies whatever tariffs they want on Chinese goods; and China does the same.
Yes that is what I am arguing for… the right for sovereign nations to place tariffs. I mean, the US has tariffed Chinese goods as well now so it’s fair game. And if tariffs are so great why don’t countries do it all the time?
Despite tariffs iPhones still sell well and take a majority of profits in China, because it’s a superior product. Tariffs are just a form of subsidy and subsidies protect companies but make them less competitive. Apple wouldn’t exist if America was protectionist.
My (admittedly US-centric) understanding of the TPP's demise was that it simply found itself politically untenable in an time where globalization was very unpopular, and concerns about the influence of China were not top of mind. Both 2016 US major-party presidential candidates came out against it (though you could reasonably argue about whether Clinton really meant it).
Ironically, speaking of freedom, the Libertarian candidate was the only one to support it officially.
What about it? The US is also the hegemon in Europe. The "West" just means the US and its network of alliances. Other Western countries may want good relations with China, but they need to take US views into account because the US bankrolls their defense and is also a very important trade partner.
Large, strong countries do what they want and small, weak countries do what they must. That's the way it is and the way it's always been.
Don't you think that 's a bit too arrogant? Why should germany support the US domination over Japan, when all they want is industrial materials through the indo-pacific route.
I think the world was more fair during cold war, having 2 superpowers pushed both of them to keep each other in check. This one state world, seems worse
Since you brought it up in your example: US, Germany and Japans interests are aligned against China regarding the indo pacific trade route… china’s ambitions to claim all of the South China Sea seek to disrupt the trade route.. and the us helps protect that route by performing freedom of navigation exercises (which have a very real chance of sparking a war that the us alone would be responsible for).
In the sense that it is official US government policy to describe China as a rival, as distinct from even the neutral "partner". Most recently this is said in the US national security strategy from October, which declares that it is a central task of US foreign policy to oppose Chinas vision for the world.
Another examples is that the DoD has for quite a long time declared China as the primary adversary, or as they politely say it "pacing challenge".
Assuming you are male, if someone walked up to you, kicked you in the nuts, took your work and used it to get you run out of business, would you be ok hiring that person a decade later to perform a critical function?
Some people will pay good money to be kicked in the balls. I don’t agree with it, but those who enjoy it will make a strong case that the market be free for that sort of thing. Getting peed on also. There’s a market for everything.
>"but there must be some reason people are only taking action now?"
I am sure there are legitimate concerns as all countries spy on each other. But China has become a real industrial and scientific competitor to China and the US just simply would not tolerate a threat to their leading position. I think they are quite explicit about this. We hear all the time about "vital interests".
I hadn't heard of this before now. I will say though that Nortel had a lot of known issues, including fraudulent scheming by the executives, followed by completely screwing over the pensioners. Nortel leadership was rotten by the time it declared.
> Huawei singlehandedly destroyed Canada's Nortel Networks through espionage and sabotage.
Riiiiight. The dotcom crash followed by the accounting scam had absolutely nothing to do with it. It's not like the management pretended that they wouldn't see a downturn and then faked the numbers so that they'd get their bonuses.
Some people that worked at Nortel at that time already spoke on HN what happened - hint: it was internal Nortel's issues. Something similar happened to Nokia, better products appeared and company wasn't able to compete.
>How do we know that the Cisco equipment also isn't backdoored and if I send a few malformed TCP packets it opens up its control plane on the receiving port?
Nothing so sophisticated is required. Look at the sheer number of "default credential" and "static credential" for a whole variety of products:
This one is good too: "A U.S. indictment alleges that Huawei and [CFO] Meng participated in a fraudulent scheme to obtain prohibited U.S. goods and technology for Huawei’s Iran-based business, and move money out of Iran by deceiving Western banks."
> While I have no doubt than basically anything from China is probably backdoored (and to the fault of western countries outsourcing manufacturing for cheap labour), what exactly has Huawei done?
Some others have pointed out some Huawei incidents, but that’s not the big problem.
The big problem is, if you build your entire telecom infrastructure on Huawei gear, and then you go to war, it will then be weaponized. In the best case scenario, you have a telecom infrastructure for which you can’t get any parts, patches, or support. Replacing your entire telecom infrastructure is not something you want to do during the opening months of WWIII.
It’s the same reason why we don’t want to rely on Chinese parts for our missiles.
I think this would also cover Cisco though, perhaps not so broadly. Our entire electronics industry is critically dependent on China for manufacturing.
Thankfully the truly advanced stuff exists in Taiwan, Japan, South Korea, and the EU. But for cheap mass manufacturing, all of these parts end up in China.
The west really needs to suck it up and have electronics designed and manufactured in the west. There are some good signs with the CHIPs act (if only the American companies were as patriotic instead of optimising for share price) and the EU are also making moves to be self sufficient for silicon. However, the entire electronics chain really needs local alternatives. It's crazy that I can get a prototype PCB manufactured and delivered from China faster and cheaper than anywhere local.
The difference with Cisco is they’d want (/be required by shareholders) to continue to operate and shift production to other countries where electronics manufacturing does exist. And they have a management structure that is not beholden to CCP law.
A Chinese brand I looked at has most of their network equipment connect back via MQTT with TLS, for IoT things.
Except the agent had a pretty obvious command runner on one of the message handlers. I was a little afraid to ask them whether it was deliberate or just a really incompetently written backup update mechanism.
To be fair, I was looking for arbitrary command execution for my own purposes at the time...
I do get a decent chuckle when I see their OUI in scan results when out and about now. (About ~0.12% of the recorded results in Wigle it seems)
Supply chain management is a thing. Devices aren't assumed to get from the factory to you without interference and there is a lot of work behind the scenes to make assert they aren't interfered with.
There’s a long history of telecom equipment being backdoored by the manufacturer or their national gov. You may recall everyone losing their shit on HN about the AT&T room in NYC where the fiber trunks were mirrored to a secret NSA room.
Regardless of the whataboutism argument in Internet forums, it’s not in the national interest to give a hostile foreign power the ability to do something like that.
I agree. We should also force western companies to produce their products in the west too if they are needed for national security. A controller or motherboard in a switch or router being manufactured in China can have any number of bugs put in, up to and including making "fake" silicon that is backdoored.
I am typing on one now, but I wouldn't trust them to be used in any national security situation. Unfortunately we are beholden to autocratic countries as we have chosen cheap labour over everything else.
it is probably paranoia but not improbable. they have direct control of these companies and can totally do this. others like the US would have to go less direct routes for these things.
Your argument sounds like deflection and elementary school logic.
If Cisco has problems, that should also be dealt with.
But because Cisco has problems doesn't mean that Huawei shouldn't be dealt with.
In Western cultures, we have the notion of "Two wrongs don't make a right."
This is a classic Chinese government talking point. "Don't look at what we're doing. Look over there, instead!"
For decades it's been using the same tactic when anyone criticizes China for trade imbalances and human rights abuses. It's really boring and base at this point.
> Your argument sounds like deflection and elementary school logic.
A pessimistic and frankly rude reading of my comment.
Cisco also has it's equipment manufactured outside of the united states, making them susceptible to similar backdooring without x-raying every board produced.
> But because Cisco has problems doesn't mean that Huawei shouldn't be dealt with.
Cisco is not getting banned by the FCC - so the comparison is moot.
""In Western cultures, we have the notion of "Two wrongs don't make a right."
I do not think it is specific to Western culture. And yes two wrongs definitely do not make it right and both must be punished. Now call me back when we see the first wrong being punished. We only seem to punish countries that fit very narrow criteria and murdering say hundreds of thousands is not the determining factor. Until then yes "Look over there" is a very valid argument.
Cisco and Huawei can be subject to same set of regulations aginst having backdoors etc. But instead of general regulations and measures, what is promulgated is merely action against 2 particular firms, that is a targeted/particular regulation.
Weather such targetted/discriminatory regulation as opposed to universal regulation is a legal action is a valid question.
This particular law seems to give grant too much discretionary powers to the Executive, which never is a good idea.
About time. We need open and verifiable firmware, at the very least, to be able to trust anything.
Now if only they'd turn this lens on American-made devices which are likewise opaque, insecure, and likely to be weaponized against us as soon as security updates stop....
Any backdoor can be used by any government. It may take time, but it will be found and exploited. All they're doing is passing the buck... your buck, that is.
A cursory internet search reveals several that popped up within the past decade on Cisco's gear. Hard-coded passwords are table stakes, if that slips through, what else is lurking beneath the surface?
Network hardware is to operate in the adversarial landscape which is the open internet. It requires an extreme, exhaustive workflow to ensure bugs do not slip through. That we repeatedly see these failures does not raise confidence.
> We need open and verifiable firmware, at the very least, to be able to trust anything.
How? Even ignoring ASICs, I just don't see how it's possible. Even if you had no binary blobs anywhere (we are already in the wonderland), with process for turning source to binary, you need to trust compiler, cpu, flashing hardware and software and the whole lot of other things.
And that's all ignoring the fact that hiding bad stuff in open source is many orders of magnitude cheaper than finding it.
I don't think we have even a theoretical plan for fixing computer security, it just becomes ML bots arena.
> I don't think we have even a theoretical plan for fixing computer
security.
I think we do, but the implications of it are terrifying, overwhelming
and just make people shrug and say "That'll never happen".
How I see it there are two sides.
Those who want a functioning technological society with all the
benefits we believe in as hackers - transport, medicine,
communications, planning... For that we'll have no choice but to make
computers secure.
That side is "society".
In the other corner are those who do not want computers to be secure
(despite what they say). They benefit from insecurity. These are;
- Criminals.
- Governments.
- Industry.
They are not aligned and fight amongst themselves. Only the criminals
are honest in that they don't pretend to want secure computing.
Governments and industry want secure computing for themselves, but not
for the others, or for society.
For secure computing to ever happen three well organised, well funded
and determined groups would have to lose against a disorganised,
distributed, and poor remainder.
There are two things on our side to give us hope;
- That the enemy of my enemy is a temporary friend.
I would be much more worried about the future if not for bitcoin.
It’s the “distributed remainder” you are taking about, and what we are betting one is for the governments of the world to print so much money that everyone loses faith in them. That will act as a check on their power and they’ll need to start earning trust and support rather than taking it for granted.
> with process for turning source to binary, you need to trust compiler, cpu, flashing hardware and software and the whole lot of other things.
"We should not solve this solvable problem because other problems exist" is false.
Meanwhile the other problems have solutions, like reproducible builds, so that the attacker not only has to compromise your compiler/CPU/hardware, they also have to compromise any others the output result gets compared by, or one of them will differ and the attack will be detected.
> "We should not solve this solvable problem because other problems exist" is false.
Without commenting on the truthiness of the comment you are replying to, you have constructed a strawman argument here. They weren't saying that the problem shouldn't be solved because other problems exist, rather that it might not be solvable b/c of so and so obstacles that don't seem to have a solution.
The more accurate statement would be "we should not apply this silution because it only solves 60% of the problem. Instead we should despair abd do nothing at all"
You need deterministic builds of firmware artifacts proven to correspond to source code by multiple parties. You also need hardware purpose made to be user auditable.
This whole things looks more and more embarrassing. From the outside it just looks like the US is struggling to compete and so they create extrajudicial barriers based on "secret evidence" to block competitors.
The hypocrisy is that this is the exact anti-competitive behavior the US has been criticizing China for years.
It's possible these companies are doing nefarious things. In which case create a country-agnostic legal framework and take them to court and prove your case. If it's all super-secret-spy-stuff then just do the damn parallel construction and show all these secret backdoors you claim to have found.
If you don't like foreign equipment near military bases or whatever else, then make laws against it
After the Bloomberg microchips-embedded-into-motherboards fantasy stories you can't help but think all this is the product of some CIA director's overactive imagination and isn't based on reality. It does feed into the US frothing-at-the-mouth anti-China rhetoric of the past few years so people eat it up - but cutting out the judicial process and singling out companies/countries just looks horrible imho
> It's possible these companies are doing nefarious things. In which case create a country-agnostic legal framework and take them to court and prove your case. If it's all super-secret-spy-stuff then just do the damn parallel construction and show all these secret backdoors you claim to have found.
Are OTA software updates considered a “backdoor”? Because they essentially are one, even if the company is not doing anything nefarious yet.
Yeah I saw Minority Report. I know about future crime :) Now I'm imagining clones in vats at CIA headquarters telling them which companies will turn evil.
I dunno man, in the US you don't just ban people and companies for stuff they haven't yet done. Sure potential attack surfaces are important and you should think about stuff like that. But that's kinda my point.. you should make laws about that and regulate critical infrastructure. (maybe networking equipment shouldn't get OTA updates at all? Maybe that's too simplistic..)
Or just ban the PLA owned companies and go back to working on more important stuff. Keep it simple. No need to bend over backwards to help CCP owned and controlled companies (that are legally mandated to serve the CCP's requests) make a quick buck selling commodity hardware.
I think singling out China or the PLA is kinda the problem... Just any government/military controlled company from any country arguably is an issue. If you make it more country agnostic then it's going to be taken more seriously
I feel like I don't really have any moral problem with US passing laws to protect US interests, as long as the laws aren't super unreasonable or evil. They're, like, unfair to some people, but not.. really... morally wrong? The moral complaint about China isn't that they have anti-competitive laws, it's the Orwellian thought-suppression psy-ops stuff.
"it's the Orwellian thought-suppression psy-ops stuff."
I mean that's like a "bigger" issue. I think it's a completely fair to decide you should just not conduct business with companies under authoritarian regimes (see N.Korea Iran Myanmar etc.). If you wanna blacklist the whole country then okay.. but here it's some indefensible middle ground where you continue to do business with them, until it's inconvenient and some bureaucrat decided it's making you look bad so lets just ban some of their strongest companies to cripple them. We will do business with you as long as you only make low end widgets thankyouverymuch.
That might not be what's actually happening, but that's how it looks
I don't see why the middle ground is indefensible. We'll buy your widgets, but not if they're sophisticated enough to be backdoored and cause a national security issue? That seems okay to me.
B/c there is no sense of justice about it. It's just the arbitrary fickleness of some decision maker and it can't be appealed.
The US government alleges they (Huawei ZTE etc.) colluding to put backdoors in infrastructure equipment. The companies say "no we don't" and the US government just says "well.. we think you're lieing!" - and that's the end of the story. It's all just amateurish and undermines the rule of law and sense of fairness when dealing with America and the American market.
If there was some formal process where countries are semi-sanctioned and all thing made in some super long list of authoritarian countries was not allowed to be used in some other long list of "critical infrastructure" .. well at least there would be a sense of impartiality.
The way things stand.. it looks like Huawei's 5G and infrastructure technology got too good, it threatened the pseudo-monopolies of some big American companies with deep government connections, so the US bureaucrats curb-stomped them as best they could .. and now they can't even sell their laptops/cellphones in the US? It's just completely nonsensical, arbitrary and vindictive.
There is also just very little logic to it, b/c even if all the allegations about their tentacles in networking equipment are true and were proven to be true, why should I be prohibited from buying some completely unrelated consumer good - like a Huawei laptop, but an Apple or Lenovo laptop (also made in China) is totally fine? It's like the US government is in some state of war with these firms and is out to destroy them (based on no public evidence or accountability) - and the threat on US infrastructure seems to have devolved to be a convenient pretext.
Maybe the intentions of the US authorizes are good and pure and they have a good reason for all of this. But they way they're going about it is vindictive, authoritarian and undermines the impartial fairness of the American system
Well there is much more that goes on to make and uphold these decisions. It's not like one person somewhere arbitrarily made the call, it's a massive organization ostensibly overseen by Congress.
It's not just the US which has adopted this approach. Iirc Germany for example doesn't allow Chinese tech for telecom infrastructure over concerns about security.
The Covered List (which lists both equipment and services) currently includes communications equipment produced by Huawei Technologies, ZTE Corporation, Hytera Communications, Hangzhou Hikvision Digital Technology, and Dahua Technology (and their subsidiaries and affiliates).
Nope, he is right. If you use that chip you have to get it certified because the traces on the PCB can cause EM interference. Changing the housing of the product can also chance the EM interference so you have to get it recertified before you can sell it.
The FCC is a massive regulatory moat against hobbyist electronics. You have to make something expensive enough or with enough scale to make enough profit to be able to pay for the expensive testing. If you fail the test and aren't able to fix it on site all of that money will be a waste and that will have been a waste of money.
Also in order to use Bluetooth you will have to pay a few thousand dollars in SIG fees to properly license it without infringing their IP.
Yes, but I don't believe to achieve that with a less restrictive and expensive system. Right now if you upgrade your graphics card in your computer you can not sell your computer to someone else without paying $$$$ to get it certified. I think some rules about what kind of derivatives works you can make from already certified electronics would be beneficial.
Yes, you can use pre-approved modules, but your new assembly still requires a spurious emission test (in place of a full emission test). It's a cheaper, faster, simpler test, but approval is still required to sell the new product legally.
This is FUD, not actionable information. Device management services are not backdoors. Forwarding traffic you don't understand and can't verify the fix is just cargo culting random advice. I'm not saying you shouldn't pay attention to this issue, but this comment is extremely low quality.
> If your NAT router/gateway keeps this port open and you are sure you want to filter it (potential interference with ISPs pushing firmware updates), try the following. Navigate to your router's admin interface and disable TR-069. If that does not work, look under "port forwarding", or "virtual servers", and forward the port to an unused local IP address, like (192.168.1.252)
From the source that was linked. So the original author doesn't recommend 192.168.1.252 but just uses it as an example
From the link they posted, the guide says to forward the port to any unused IP address, like 192.168.1.252. I think this effectively causes an attacker's traffic to get dropped.
the video surveillance bans all seem to target billion dollar companies, so its safe to say this is just your friendly lobbyists at ring, nest, and amazon getting an early christmas gift. the security argument is pretty flimsy considering how many american companies are just as bad (looking at you nest)
the usual suspect, huawei, has been on americas shitlist ever since they beat US telcos to market with 5g. their cellphones all meet or exceed the build quality of a samsung or iphone and to date america has failed to produce any real evidence of a security issue except 'china scary.'
toward the end of the presser its refreshing to see an octogrnarian made sure to remind us all these companies are to some extent "government funded" as if americas subsidies to auto and airlines are somehow any different. "government owned" also gets condescendingly asserted as if the reader isnt familiar with how a planned economy under post soviet marxist theory works.
ever since the net neutrality fiasco ive lost a lot of faith in the fcc. largely a toothless organization of corporate business interests.
>lobbyists at ring, nest, and amazon getting an early christmas gift
This has no impact on sales to the consumer market for Video, the covered list [1] limits the ban to "the extent it is used for the purpose of public safety, security of government facilities"
Ring, Nest etc are used for personal home and small business not likely covered under that ban, and the people buying Hikvision as an example most likely are not the target consumer of Ring devices. Hikvision is / was popular is commercial segment of professionally installed products, I know of zero professional installers doing commercial deployments of Ring. Companies like Axis however do get a boost as Axis is often many times more expensive than Hikvision
"The action we take today covers base station equipment that goes into our networks. It covers phones, cameras, and WiFi routers that go into our homes. And it covers rebranded or ‘white label’ equipment that is developed for the marketplace. In other words, this approach is comprehensive," said Jessica Rosenworcel, chair of the FCC.
I would would say the "Jessica Rosenworcel, chair of the FCC." need to read the law and regulations they are enforcing, as well as their own published documentations.
Like with most government officials I care less what they say in Press Conferences, that has ZERO regulatory weight, or validation and is often hyperbolic or out right false
I care about the actual regulation, and rules as implemented and enforced.
Also even if they are expanding the devices, this would only apply to camera's with WiFi, Most commercial camera's are POE ethernet not wifi. Using WiFi security camera's is just asking for trouble since it is easy for criminals to take out wifi remotely
> the video surveillance bans all seem to target billion dollar companies, so its safe to say this is just your friendly lobbyists at ring, nest, and amazon getting an early christmas gift
How does that logically follow? Can billion dollar companies not be security threats?
> the usual suspect, huawei, has been on americas shitlist ever since they beat US telcos to market with 5g. their cellphones all meet or exceed the build quality of a samsung or iphone and to date america has failed to produce any real evidence of a security issue except 'china scary.'
No one and not even Huawei believes that.
By your logic, you admit China has banned all these US websites as they are afraid of competition and not any other reason?
Well he is right in that Huawei source code has been reviwed by Uk gov, and they found nothing. The accusations do appear to be based on nothing at this time.
I would like tonsee rigorous benchmarks for vode quality and trustworthyness, not arbitrary and whinsical political decision-making
Just because UK found nothing doesn't mean others also found nothing.
> "We have evidence that Huawei has the capability secretly to access sensitive and personal information in systems it maintains and sells around the world," Robert O'Brien, national security adviser, reportedly said.
UK government has takes GCHQ to review source code and make spesific conclusions.
The links you provide have unspecified official sharing his views of intelligence of unspesified quality. There appears to be no code review and no spesific information about what information Huawei has access to, which equipment is affected, etc.
I am not sure we can treat this level of intelligence with complete trust, it could be a PR excersise
This might make some sense if you knew what the hell you were talking about, but Hikvision and Dahua are not at all in the same market segments as Nest and Ring - and this does not apply to the consumer market.
Not saying there isn't lobbying efforts underway, but trying to limit Chinese-based video and audio equipment that's unaccountable to US laws or oversite from government locations seems like a reasonable thing to do. Dahua and Hikvision have a long history of backdoors. Many of these things chat like crazy to servers in China if not firewalled properly.
I'm not sure how to tell you this but if your CCTV cameras can get to the internet you've done so many things so completely wrong that you just ought to stop doing whatever it is you're doing.
Though the argument is more fair in relation to their DVR/VMS products, but it's difficult to see a reason to use those as better alternatives running on your own hardware exist.
As a gov't installation your worries are different of course. I'd worry about, say, a specialized firmware finding its way to me, which can be commanded to disrupt surveillance in response to QR codes or other visual or auditory signals.
> "government owned" also gets condescendingly asserted as if the reader isnt familiar with how a planned economy under post soviet marxist theory works.
Most readers of the article can be fairly assumed to know this. Most consumers (including b2b) outside of various tech and policy circles cannot, and the policy is aimed at short circuiting the banned functionally SOE’s from embedding themselves into the communications infrastructure. Gathering intelligence from automotive and aerospace dominance yields substantially less actionable information than from dominance of communications infrastructure.
The subsidies you are comparing are fundamentally, qualitatively different.
It isn’t just the FCC. The entire US government at all levels down to local is captured by corporate business interests. Doesn’t mean every policy decision solely caters to those interests and ignore national defense interests. Also doesn’t mean the US intelligence apparatus isn’t in bed with Western communications technology manufacturers.
> has been on americas shitlist ever since they beat US telcos to market with 5g
Serious question, have the the likes of Ericsson and Nokia managed to catch up with Huawei when it comes to 5G telco equipment?
Last I dived into this was about 2-3 years ago, when that Huawei executive got arrested in Canada or some such, and if I remember right the discourse back then was that Huawei's 5G equipment was both cheaper and better compared to what the Western companies were able to provide at the time.