Hard News: The Huawei Question
159 Responses
First ←Older Page 1 … 3 4 5 6 7 Newer→ Last
-
Matthew Poole, in reply to
Paul, without repeating what I just wrote, I think that what’s being expressed by the various members of the alphabet soup shows a significant cultural ignorance of how things work in, dare I say it, the real world. In real network operations centres for ISPs, the unexplained appearance of large-volume data flows would trigger all kinds of investigations. You cannot hide real-time network tapping, especially when it originates within the customer “edge” network (an ISP network is divided into the customer-facing “edge:, the ISP “core”, and the internet-facing “border”) and must traverse the core in order to get across the internet to its destination.
Either the packets get billed to the customer, who will probably notice when they start getting stung for about double the data usage they expect, or they just appear as they transit the core and the ISP suddenly has a massive outflow of data with no apparent source. In both cases there will be investigation to figure out why there is a discrepancy, and for a major customer like a government department or the likes of Tait or Rakon (or large volumes of un-sourced data) there will be a lot of effort put into establishing the cause. Eventually someone will notice that for various routers and switches packets out > packets in, and then all hell will break loose. This is not fanciful rumination, this is how things actually work.
-
Just posted to Matthew on FB "You mean they're going to install ghost chips???"
</hat_coat style="running">
-
James George, in reply to
Simon I suggest you do some more recent research on Lang. The worm has turned is one way to describe it. Prolly more correctly that the leopard never changes his spots. Lang may not have been a major proponent of the invasion of Iraq, but once it happened and the US found itself in the quagmire of 04 and 05, Lang stepped in with his strategy to drive a wedge between the Sunni and Shia populations. Sure it already existed in some parts of outlying Iraq, but in the major metro areas, where the worst slaughter eventuated, people had learned to live with each other.
I'm wary of many false flag claims (the ones that get publicised are too often not false flag, just the other side trying to de-emphasise a tactical defeat. e.g. The claims by redneck americans that 'those people couldn't have destroyed the world trade centre from their 'caves') but there was considerable speculation about the way that the bombing of the Golden Mosque in Samarra, the event which triggered Iraq's civil war, went down, because not only was the US agenda the only one that was served, there were eyewitness accounts of the area being cleared by US special forces before the explosion and the extent of the demolition was more than a couple of car bombs could have achieved.
There is even a piece in that blog run by the dem party half of the american imperialist party that you linked to. It is here.
Maybe Lang is a dem party supporter, I neither know nor care. I do know he is a supporter of the US imperialism that kills millions around this planet every year.
Spend some time reading his poison on Sic Semper Tyrannis if yer stomach can stand it. His latest offence was to campaign Zimmerman’s innocence of the murder of Trayvon Martin.
Last year it was to call for the intervention in Libya which resulted in the destruction of most of that nation's infrastructure and the replacement of a stable society with an on-going anarchy that prohibits darker skinned Libyans from walking the streets lest they be murdered on sight by the european armed racist militias who are hell bent on the ethnic cleansing of Libya.But the 1955 Libyan Petroleum Law, the legislation which kept Libya free of transnational energy corporate dominance from long before the arrival of Col Gadhafi, has now been subverted & ignored and will soon be repealed, allowing the major US & European energy corps free hand in the anarchic failed state Libya has become. Thanks to Lang and his ilk - aforesaid spook scum.
This is what intelligence agencies do. They further their nation's economic agenda at the expense of others. e.g. NZ. The only reason we don't have more trouble from em, e.g. deposed Prime Ministers and the like, is that unlike Oz, we don't have much anyone else wants.
Huawei are grabbing a swathe of business off the US Cisco; so the american intelligence communities' corporate masters have told them to go in hard.
One issue overwhelms network dominance; the IP, no not internet protocol, intellectual property. The motive for so much US interference in other nation's domestic affairs.
cont. -
James George, in reply to
Continued from above
There may be a number of hardware makers snapping at Cisco's heels, but the last time I looked, Cisco still controlled the bulk of IT networking & communications software. OpenFlow the open source tilt at Cisco & is probably more of a long term threat than any single corporate entity. Still there is no doubt Huawei does have Cisco concerned. I apologise if someone has already posted this article on the Huawei challenge to Cisco.True, the US intelligence community have a special interest in this case; Cisco et al have been at Homeland security's beck and call since 911.
In return for which they have grabbed a mob of new business. Spies spying on spies spying on spies. None of em use much HumInt nowadays; it's nearly all electronic, and very expensive.
There is much about the $1 Billion taxpayer subsidy of Telecom's fibre to the door rollout that is worthy of trenchant criticism, but the Huawei purchase is not one of those instances.
-
Jonathan Hunt, in reply to
I think it’s a given that the NSA has gone over the source code in Huawei hardware with a fine-toothed comb, but there doesn’t seem to be anything there.
I'd be impressed if the NSA had access to the source code of Huawei's products. Is there any evidence of this? More likely, they can probe the chips and seek to determine patterns of behaviour, and possibly try and reverse engineer code but not from source.
-
Continued from above
I think the post size limit is there to encourage brevity. Just sayin.
-
Jonathan Hunt, in reply to
Obviously a network-wide monitor would be easily detectable traffic wise. But a dormant trojan that can be awakened as necessary by sending a specific command sequence would be straight forward to hide and might only return small amounts of data so be essentially undetectable under most conditions.
-
Matthew Poole, in reply to
a dormant trojan that can be awakened as necessary by sending a specific command sequence would be straight forward to hide and might only return small amounts of data so be essentially undetectable under most conditions.
It’s not anything like that simple.
1) Any “magic packet” to wake up said trojan must be able to be routed through the wider internet. That is, it must be valid under the rules that govern packet structure and layout for IP networks. And on any network connected to the internet, there is always the possibility that such a packet could be generated through ordinary use. That’s why I’m leery about the idea that a kill switch could exist, because if a device suddenly went tits-up for no obvious reason and with no discernible hardware fault people would start with the wondering and the question-asking.2) This is not customer premises equipment (CPE) that we’re discussing, it’s equipment within the distribution and aggregation networks that CPE connects to. Which means that the best a tap might achieve is to monitor a whole neighbourhood, and that’s a lot of data. You cannot surreptitiously monitor a network at the level that the Huawei kit is being deployed, because it’s serving tens or dozens of customers. Even if the supposed Chinese intelligence services controllers of Huawei knew precisely which neighbourhood a given device was in they would still have to monitor all the traffic through the device in order to get the interesting bits (I’ll get my coat.)
ETA: Putting something into hardware, which would be the level something like this would have to be done in order to avoid code-review detection, also places significant limits on how sophisticated it can be. You can make silicon do some pretty amazing things, but those amazing things mostly rely on software. If you cannot do things in software, tapping a network as a sub-function of a wider network device is subject to quite drastic limits on just how fancy you can get.
-
Rich of Observationz, in reply to
If I was asked to build a backdoor into a router, I'd look at a few options:
- create an overlooked buffer overrun vulnerability, buried in some complex protocol parsing code. Inadvertent buffer overruns have been found (including by me) in code that's been repeatedly tested and audited in the past.
- implement some kind of broken higher level protocol
- play around with the encryption math
Having got access, it wouldn't be hard to gather selective data, such as connections to servers in a certain country, login packets, etc. It also wouldn't be hard to mount a denial-of-service attack - though this would have an obvious reputational impact on the equipment manufacturer.
(Login packets would only be useful if the agency collecting the data had SSL decryption abilities. That gets increasingly possible as time goes on).
-
Matthew Poole, in reply to
Having got access, it wouldn’t be hard to gather selective data, such as connections to servers in a certain country, login packets, etc
You still have to get that data back to you, though, and in sufficient volumes to allow gathering of useful quantities of interesting data you’re going to rise above the noise thresholds for network operators.
Yes, SSL decryption will probably become widely* possible within the next few years. However, the juicy nation-state stuff (ETA: which is not going over UFB, unless McCully goes back to his old tricks with classified diplomatic cables) is not encrypted with SSL and as much disdain as I have for the culture of the NSA I have no doubt that their cryptographers are outstanding. Devices that they have approved for use in securing their own government’s communications are going to be using much more complex encryption systems than anything available for free over the tubes. Even at the corporate level the interesting stuff is going over VPNs if it leaves the company network, based on what I’ve seen looking at the network security of some of our household names. It’s possible the Chinese can break those systems, but I think the word would have got out if there was believed to be a systemic weakness in any of the products. After all, a lot of those things are protecting networks used by US government contractors.
* widely at the level of well-resourced nation-state operator.
-
Jonathan Hunt, in reply to
there is always the possibility that such a packet could be generated through ordinary use.
The awake sequence can be small but sufficiently complex as to not likely occur in regular traffic; and it has to be sent to a specific device and port to do its thing (not necessarily port 80). If an awake sequence was encountered at random it might enable the monitoring but if no further commands are received it may simply do nothing. Even if it locked up a device, the standard response would be to restart or replace, not undertake an investigation.
I was talking CPE. Aren't many of the ADSL modems, 3G modems distributed by Vodafone by Huawei? But in any case, a network router can still be directed to hunt for specific patterns of interest, or monitor a specific IP or port, without having to take the whole stream.
It would be quite feasible to have a backdoor in silicon that can have the monitoring software delivered over the wire to run in local memory then be deleted. That way you can deliver precise code to do just want you want with very little detectable surface in silicon.
-
Russell Brown, in reply to
I’d be impressed if the NSA had access to the source code of Huawei’s products. Is there any evidence of this?
British Telecom says it gained such access and I gather MI6 and everyone else got to go through Huawei's security evaluation centre.
-
Simon Grigg, in reply to
Simon I suggest you do some more recent research on Lang. The worm has turned is one way to describe it.
I've been reading his blog since about 2006 thanks James. I think I have a fair handle on what he says and has done.
-
Matthew Poole, in reply to
I was talking CPE
Maybe so, but the hardware of concern with UFB/NBN is not the CPE. So we're back to discussing aggregation and distribution systems that handle dozens of customers at a minimum. Suddenly it's a whole hell of a lot harder to discriminately monitor flows. Doing it at the CPE level is absolutely feasible, and I hope I haven't given the impression that I think it's not, but unless I've misunderstood horribly the ASIO decision relates to Huawei supplying kit for the "in the street" parts of the deployment.
-
Russell Brown, in reply to
but unless I’ve misunderstood horribly the ASIO decision relates to Huawei supplying kit for the “in the street” parts of the deployment.
And as I noted in the original post, no government, agency or company has ever actually suggested banning Huawei CPE -- and I'm pretty confident no one's going to.
-
You still have to get that data back to you, though
Send apparently legitimate traffic through the target network and "corrupt" it with the gathered info (which would not be large - a million login packets is only a gigabyte).
I doubt any state would actually do it (and certainly Huawei would be very unlikely to do it knowingly).
SSL decryption will probably become widely* possible within the next few years
I'm waiting in hope for the first government operative to realise quite how much money they can steal.
-
nzlemming, in reply to
I'd be impressed if the NSA had access to the source code of Huawei's products. Is there any evidence of this?
I thought I read recently that GCHQ say they've seen the source and it's okay.
ETA Snap Russ
-
Steve Barnes, in reply to
“You mean they’re going to install ghost chips???”
Ha ha ha h.....
Well, I thought it was funny.
Meanwhile in other China Hating News...
Shoebox shops 'the ruin of Queen St'
Yellow Peril indeed, I am more fearful of fat rich white middle class greedheads. Look at the damage they have engendered. -
Kumara Republic, in reply to
Shoebox shops ‘the ruin of Queen St’
If Cr Brewer had his way, Queen St would probably look like just another cut-and-paste shopping mall minus the roofing. I’d have Cuba Street over that any day.
-
Sacha, in reply to
everywhere should look like Newmarket :)
-
Matthew Poole, in reply to
No, I think his vision is more like the premier shopping streets in Australian state capitals and major European shopping cities: lots of medium-to-large shops (instead of lots and lots of little shops) that sell high-value goods.
The discussion has become about some imagined racist vision that wants no small Asian retailers, which wasn't, as far as I could tell, Brewer's real issue. His issue is that the street has lost its position as the premier shopping street and is, instead, becoming more like the shopping strips in the likes of Otahuhu. We already have a bunch of strips like Otahuhu, all over the city, but we only have one Queen Street.
-
Steve Barnes, in reply to
We already have a bunch of strips like Otahuhu, all over the city, but we only have one Queen Street.
I may be a bit out of touch with current retail therapy theory and the main protagonists in that field but I can't think of many of our own established Big Name Stores that could possibly satisfy Mr Brewer and that means attracting big offshore retailers to suck even more out of the economy. So, we have some migrants coming over here and setting up shops, eking a living and offering the consumer unlimited variety. What would we rather have, "People coming over here and going on the dole" and an EazyBuy or a Costco every 100 mtrs along Queen Street?
Like I've said before, I fear the corporate white guy more than the "Yellow Peril" -
Sacha, in reply to
the street has lost its position as the premier shopping street
Happened years ago, spurred on by woeful transport/urban planning that encouraged shoddy chicken-coop apartments for predominantly Asian tertiary/language school students and made free parking at suburban malls more attractive.
Swing in the other direction in last few years with intensive development, but mainly at the bottom of town. Some high-end global brands there too, not catering much for locals day-to-day. New CBD supermarkets might help, and gradual change in composition of residents but available apartment stock now not matching that well.
-
Chris Waugh, in reply to
His issue is that the street has lost its position as the premier shopping street and is, instead, becoming more like the shopping strips in the likes of Otahuhu.
The article linked above specifically mentioned allegations that some of those shops were opened for visa/immigration/residency purposes at least twice, although without naming any particular ethnic or national group. That suggests that there is more to the issue than any councillor's desire for Queen St to be high-end retail.
I don't know Auckland well enough to know what "in the likes of Otahuhu" means. Clarification?
I do know I really enjoyed being in the Queen St area last time we were in NZ and seeing signs in Korean, Japanese, simplified and traditional Chinese, and whatever other languages and scripts there may have been. That had me thinking, "Now here's a place I could bring my family to live in." But then again, I probably have a very different world view from anybody on the Auckland City Council.
-
Simon Grigg, in reply to
Happened years ago, spurred on by woeful transport/urban planning that encouraged shoddy chicken-coop apartments for predominantly Asian tertiary/language school students and made free parking at suburban malls more attractive.
And at least there are people back in the street. A decade back you could roll a runaway steam engine down the footpath from top to bottom on a weekday afternoon without causing human harm.
Now it bustles along quite well.
that means attracting big offshore retailers to suck even more out of the economy
We don't have the population to attract most, and even if we did bring in the global chains like Armani Exchange, Zara or proper Top Shop they'd head straight to the malls.
Post your response…
This topic is closed.