UK discovers Huawei UK staff auditing Huawei kit: Govt orders probe Huawei will be probed by a top Whitehall official after the Chinese tech giant's staff in Oxfordshire were given the job of auditing Huawei's telecoms gear for Blighty's communications networks. The review was ordered following the publication of a report by an influential committee of MPs which warned of a conflict of …
Absolutely f***ing nothing is going to be audited here. It's just a distraction to US/UK wrongdoings when it comes to snooping.
What worth would an audit have anyway, if it's a) announced and b) carried out by the company who produced the kit in the first place.
This is either complete nonsense or a very very poor attempt to shift the blame elsewhere.
Huawei's UK auditing unit is specifically setup to catch vulnerabilities and is done by staff who have access to (and the ability to compile) the source code. There are code vulnerabilities showing up all the time in various pieces of code (noone writes all their own stuff) and sometimes the vulnerability is in the method used by everybody, so they have their work cut out simply making sure various issues don't show up in Huawei kit.
This is a lot more access to the internals that Cisco or Juniper give the staff of their UK operations.
If the UK government wanted to audit this stuff for internal use they should do it in house. This whole things smacks of more red scarisms to try and take attention away from the herd of elephants int he room and the man hiding behind the curtain.
Whilst the story of Huawei monitoring Huawei is rather comical, there is no security threat. The vast majority of these devices are used on private networks and any obvious data leakage would be easily detectable and if found (just once) would destroy a manufacturer's reputation for good.
How many times has Cisco equipment been packet filtered over the years for various on-site issues? Imagine if just one packet looked odd, it would instantly bankrupt a company if made public.
How would a Huawei router somehow have a hardcoded IP address coded into it, and somehow filter "relevant" data and then send it to that public IP without anyone noticing?
"The vast majority of these devices are used on private networks and any obvious data leakage would be easily detectable and if found (just once) would destroy a manufacturer's reputation for good."
Which is exactly the point I made to my employers. We do monitor what goes in and out the gateway so such activity would show up pretty quickly.
our computer system went down last week, and someone jokingly said "Chinese Hackers!"
Then someone else said "But we're owned by the Chinese, they don't need to Hack us"
"US Hackers!"
When essential utilities such as water, gas, electricity etc. are foreign owned, I can't really see the problem, just so long as we do as we're told
Speaking of the "chinese hackers" meme:
ALL the attacks I see originating from chinese netspace are from networks I'm aware are thoroughly pwned by externals (something the NSA leaks made abundantly clear btw) and are identical in form to those seen from other parts of the world.
The first rule of cracking is to cloak yourself in several false flags.
Why would the chinese be stupid enough to launch trcaeable attacks from their own territory when even the dumbest script kiddies know to bounce through a dozen proxies first?
The largest danger comes from (dis)organised crime groups, not from foreign governments.
I seem to recall from a few years back about UK selling radio equipment to the Iraqi armed forces,with bugs built in so that during the 1st action against Iraq the Allies knew EXACTLY what the Iraqis were up to and credited it with saving many lives. Everyone is guilty these days, until proven innocent.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
