←back to thread

Huawei 5G kit must be removed from UK by 2027

(www.bbc.com)
293 points doener | 9 comments | 14 Jul 20 12:06 UTC | HN request time: 1.28s | source | bottom
Show context
rich_sasha ◴[14 Jul 20 12:42 UTC] No.23831166[source]
If this is just Realpolitik/hardware independence, fine, but security..?

Any worthwhile Internet traffic should be encrypted in 2020, and if it isn’t, Huawei probably isn’t the most immediate concern.

And if it is encrypted, does it really matter who is listening?

Comments welcome, I know zilch about telecoms hardware.

replies(8): >>23831214 #>>23831232 #>>23831380 #>>23831415 #>>23831424 #>>23831435 #>>23832103 #>>23838304 #
TheAdamAndChe ◴[14 Jul 20 12:48 UTC] No.23831214[source]
Your questions aren't about telecoms hardware, but about politics and the international flow of power. China is slated to take over the world economically. Their political model has the potential to spread around the world. These are attempts to limit China's capacity to grow as fast while inhibiting their capacity to knock out, intercept, or backdoor critical infrastructure.
replies(3): >>23831319 #>>23833862 #>>23836761 #
1. rich_sasha ◴[14 Jul 20 12:56 UTC] No.23831319[source]
Yeah, this I get and, well, sympathise in a way. There is no war, but an ongoing struggle for staying ahead economically, and if this is a part of it, at least there is a logic to it.

I’m asking, is there really a security risk that Huawei might listen in on telecoms. Is traffic at the low level more vulnerable somehow? Is it the prevalence of unencrypted communications? Is it leaking of metadata that people are worried about?

replies(3): >>23831609 #>>23836696 #>>23837350 #
2. TheAdamAndChe ◴[14 Jul 20 13:23 UTC] No.23831609[source]
Yes, the risk is real. Imagine the US made phones for Russia during the Cold War, and the phones were so complicated and full of microcontrollers that reverse engineering and ensuring that a backdoor wasn't in place was impossible. Do you really think the US wouldn't have taken advantage of that?

The specific technical risk is unknown, though. There are thousands of microcontrollers in a modern advanced electronic device. It's nearly impossible to inspect each one and see what exactly is backdoored and how.

replies(1): >>23836232 #
3. sudosysgen ◴[14 Jul 20 19:03 UTC] No.23836232[source]
The phones have access to the raw data. The towers shouldn't have access to the raw data, because presumably it's encrypted. If it isn't, it's game over anyways. Not really comparable.

You could make an argument about metadata, which is much more questionable from the get-go.

replies(1): >>23837509 #
4. shostack ◴[14 Jul 20 19:36 UTC] No.23836696[source]
Is there no war? Or has the nature of it changed due to MAD and such that it is just a cold war taking on a new form with the battles being fought over economies, politics, infrastructure, and culture as the opening salvos?
replies(1): >>23837475 #
5. lozf ◴[14 Jul 20 20:24 UTC] No.23837350[source]
There's more to it than merely listening in or gathering metadata. In the future we'll all be used to widespread 5G, and increasingly dependent on it - it's already commonly touted as enabling self-driving cars, IoT etc. and even replacing WiFi.

People are concerned that Huawei / the Chinese could effectively shut down important chunks of infrastructure that would cause chaos in a city like London, and many other places, and furtermore that the implied threat of such a mishap, might be used as a form of coercion.

6. ◴[14 Jul 20 20:34 UTC] No.23837475[source]
7. filoleg ◴[14 Jul 20 20:37 UTC] No.23837509{3}[source]
I think the parent comment wasn't talking about intercepting traffic and being able to know what your enemy is talking about.

The parent comment was talking about being able to take advantage of the situation by making the enemy use your devices and then incapacitating their infrastructure at the perfect moment by activating the killswitch on those devices.

replies(1): >>23839048 #
8. sudosysgen ◴[14 Jul 20 22:49 UTC] No.23839048{4}[source]
The solution for that isn't to boycott Huawei, it's to have multiple networks with many providers.

A country using Nokia, Ericsson and Huawei is much better protected to such an attack than a company using only Nokia or only Huawei or only Ericsson, or both Nokia and Ericsson but not Huawei.

replies(1): >>23839136 #
9. filoleg ◴[14 Jul 20 23:00 UTC] No.23839136{5}[source]
Sure, I am not arguing one way or another regarding whether this ban is good or not. I am just saying that the cold war analogy had nothing to do with encryption, unlike what the post I am replying to is attempting to imply.