Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
The Military China Politics

US Nuclear Lab Removes Chinese Tech 125

Rambo Tribble writes "Reuters reports that Los Almos National Laboratory has removed switches produced by Chinese firm H3C, which once had ties to Huawei. This appears to be a step taken to placate a nervous Congress, rather in response to any detected security issues. From the article: 'Switches are used to manage data traffic on computer networks. The exact number of Chinese-made switches installed at Los Alamos, how or when they were acquired, and whether they were placed in sensitive systems or pose any security risks, remains unclear. The laboratory - where the first atomic bomb was designed - is responsible for maintaining America's arsenal of nuclear weapons. A spokesman for the Los Alamos lab referred inquiries to the Department of Energy's National Nuclear Security Administration, or NNSA, which declined to comment.'"
This discussion has been archived. No new comments can be posted.

US Nuclear Lab Removes Chinese Tech

Comments Filter:
  • by wvmarle ( 1070040 ) on Monday January 07, 2013 @12:35PM (#42506735)

    If they don't want made-in-China equipment, what are the alternatives? I don't think that doing without is much of an option.

    • by AndyKron ( 937105 ) on Monday January 07, 2013 @12:44PM (#42506849)
      The option would be to have a US company build them for 10X the cost plus the usual 1000% kickback. /s
      • by boulat ( 216724 ) on Monday January 07, 2013 @12:47PM (#42506893)

        And the 10x the cost is worth every penny. Cisco and Juniper routers and switches are the backbone of many serious enterprises. Serious about security and performance. I don't know of any Chinese product that is worth spending money on.

      • Why not just have a "home grown" firewall that doesn't allow communication to anything but specific controlled sites? I mean, the data has to go out of the building somewhere and they can control which destinations are acceptable. Even if the someone happened to slip in some code to "spy" on specific data it would have no way outside the network besides that firewall. Unless of course they embed some wireless communication chips in the switches, but that would require that someone in the building have a

        • by AmiMoJo ( 196126 ) *

          The downstream routers are also Chinese. It wouldn't be hard to tag a packet in some way to be copied quietly back to a listening post once it is well past the firewall. Dedicated lines all the way are the only way to be sure.

          Not that this isn't anything but paranoia...

      • by Jawnn ( 445279 ) on Monday January 07, 2013 @02:05PM (#42507941)

        The option would be to have a US company build them for 10X the cost plus the usual 1000% kickback. /s

        [citation needed]
        ...crickets...

        The reality, of course, is nowhere near the numbers you suggest, but hey, who's counting. This is /. and hyperbole is the order of the day. Rational discussions? Supported by actual facts? Pffffff....

        • FWIW, (NOT in the USA) the differebce between Huawei 10Gb/s TRILL kit and the equivalently specified Cisco stuff is a factor of 6-8 after discounts are offered (and significantly higher if list prices are looekd at ) Huawei's performance levels are significantly higher. I am a CCNA by necessity but IMO Cisco trade on their name, not on their acual performance. It's a bit like the old "Nobody got fired for buying IBM" mantra.
      • by AdamHaun ( 43173 ) on Monday January 07, 2013 @02:16PM (#42508115) Journal

        The option would be to have a US company build them for 10X the cost plus the usual 1000% kickback.

        I've heard the cost difference between Chinese vs. American manufacturing is about 15% for an iPhone (or presumably something like it). Don't have a good source for that, though.

        • by GodfatherofSoul ( 174979 ) on Monday January 07, 2013 @03:40PM (#42509419)

          I've heard similar figures as well. The overhead for building in the US isn't as huge as you'd think. Actually, the overhead for many alternatives to cost-saving measures (like illegal immigrant workers in lieu of Americans) isn't as high as we've all been lead to believe.

          • by Anonymous Coward

            Don't go ruining corporate propaganda with facts. That would mean the whole race to the bottom this country has been waging on workers since Reagan has all been a scam to take money from the poor and middle class and give it to the rich. That would never happen--not in The Greatest Country on Earth (TM).

    • by us7892 ( 655683 )
      Hardened Cisco switches.

      Just make sure they aren't the counterfeit Cisco switches circa 2008...which were from...China.

      http://www.homelandsecuritynewswire.com/china-may-have-back-door-us-military-computer-networks [homelandse...wswire.com]
    • by vlm ( 69642 ) on Monday January 07, 2013 @12:54PM (#42506993)

      I know of a couple alternatives from gossip with industrial controls type people. Please don't secure your nations nuclear secrets based on my /. post.

      Google for "Garrett" they make industrial switches. Industrial as in weird DC voltages (for railroad, telco, etc) and supposedly good rep WRT interference protection. Like if you're running on the factory floor and the network goes bonkers when someone arc welds, rewire the run to a garrett and supposedly that'll fix it most of the time. The reputation of the prices is high, but when you need ethernet connectivity to the PLCs on a railroad engine or whatever, well...

      Google for a place called "wideband" if you want a local. Low to mid end office gear. Really not that expensive, like a couple billable consultant hours for a switch or about three 3rd party wiring calls. My point is complaining about something from wideband costing $800 vs noname for $600 or Cisco for probably about $1000 is kind of pointless for a $100K/yr network admin and $50/hr electrician and all that, but for home its going to be hard to slip a $800 purchase by for a 24 port managed switch. I have no rep info on this although I've heard they work.

      You need like ten centuries of switch*years before reports about reliability and such change from "anecdote" to "information" so onesie-twosie stories about "I heard of one that worked" isn't terribly useful.

      • by Anonymous Coward on Monday January 07, 2013 @01:20PM (#42507339)

        Good thought, but check out the GarrettCom backdoor that was discovered by a curious researcher in 2012:

        http://www.us-cert.gov/control_systems/pdf/ICSA-12-243-01.pdf

        Looks like in some cases the 'american company' is worse! And why did it take this researcher named in the advisory to dicsover it? Why didn't any of the major corporations or government agencies who rely on this equipment discover it?

        • The same reason why you don't discover all the flaws with your software and hardware rather than hearing about security researchers finding them; neither they nor you have the time or budget to hire full time security people to thoroughly go through every piece of hardware, firmware and software in use.

          • For a government doing stuff in name of national security, cost shouldn't be an issue. Just look at the cost they spent on "regime change" in Iraq and Afghanistan, just to name some. Hiring a few of the brightest security experts to thoroughly test their equipment is just peanuts compared to that.

            The only reason I can think of why they do not do that is political: wars are much more visible, and electors like to see results.

    • by AmiMoJo ( 196126 ) *

      It would be more accurate to say they don't want switches made by $enemy_of_the_us. Once that was the Soviet bloc, then when that collapsed it became Iraq, then al-Qaeda. The latter has been decimated by drone strikes and a long grinding war, so now the Neo Cons need a new bad guy and China fits the bill.

      The Chinese are in many ways the perfect Enemy of the US(TM). Funny looking and speaking an incomprehensible/angry sounding language, over a billion of them and happy to do all the necessary posturing and m

      • by khallow ( 566160 ) on Monday January 07, 2013 @01:22PM (#42507371)

        for a successful and perpetually unwinnable cold war.

        The last cold war was winnable. We know because the US-side won it (and squandered that victory in a way that probably will be talked about for centuries). But while I pointed that out, it's not the point of a cold war. The point of a cold war is to slowly resolve conflicts without sinking into a hot, nuclear war.

        • by AmiMoJo ( 196126 ) *

          If you mean "won by default because the Soviet Union collapsed" then yeah, we won.

          The point of a cold was is to scare the shit out of your citizens and spend lots of money on the military. Come on, everyone knows that.

          • If you mean "won by default because the Soviet Union collapsed" then yeah, we won.

            Oh we gonna redefine 'win' now? For many centuries if your opponent defaults... that is a win. Time honored tradition in chess which is older than most of western civilization.

            No it is not a clear a win as having your boot on the opponent's throat, but hey that must be an intelligent opponent, who recognizes that, 1( victory is not possible. 2(Surrender is not acceptable. 3) Capitulation is the best way out.

            L: Ok so we just stop this nonsense. Yes? :(

            W: Yuuuush!! We Wiii... :D

            L: Unless you desire bloo

    • Screw the switches, think about all of the iPhone floating around LANL (and Congress)!

      • Screw the switches, think about all of the iPhone floating around LANL (and Congress)!

        Probably 0. Hopefully 0. These facilities have lockers where you are supposed to leave all phones, cameras, and anything else that could be used to steal data. You're not supposed to be able to get in without emptying your pockets. You're even supposed to leave your car keys, etc, in the locker.

        • by icebike ( 68054 )

          Seriously, You know this? How?

          As recently as 2007 this was clearly not the case.

          It was only after several years on the job that she was caught with bomb designs in her trailer and fired. But the investigation reveals that Quintana had taken her cell phone into a vault filled with secret documents where she worked — another major security violation. She also had access to a high-speed classified printer, even though such access was "not required by her job," and used the device to run off hundreds of copies of classified documents that she also brought home.

          See: http://www.time.com/time/nation/article/0,8599,1612912,00.html [time.com]

          • by jittles ( 1613415 ) on Monday January 07, 2013 @02:17PM (#42508133)

            Seriously, You know this? How?

            As recently as 2007 this was clearly not the case.

            Because I've worked in a facility like this before. Not Los Alamos, but with classified data.

            It was only after several years on the job that she was caught with bomb designs in her trailer and fired. But the investigation reveals that Quintana had taken her cell phone into a vault filled with secret documents where she worked — another major security violation. She also had access to a high-speed classified printer, even though such access was "not required by her job," and used the device to run off hundreds of copies of classified documents that she also brought home.

            See? She violated security protocol by bringing her phone into the vault. It says so right there in your own quote. So as I said there should be 0 iPhones around there. Whether people actually follow the rules is up to the site security officer, but the rules clearly state no cell phones.

            See: http://www.time.com/time/nation/article/0,8599,1612912,00.html [time.com]

          • by s.petry ( 762400 )

            Read the NISPOM and JFAN security guides. No external devices can be brought in to secured areas. No USB sticks, no media without a lengthy process to scan and check in the data. Nothing leaves the secured area without being shredded. We had some hefty machinery built to munch up everything from memory and CD/DVD media to hard drives and LTO tapes.

            So "congress"? Yes, but we already know that cesspool for what it is. Secured areas like LANL? Not a chance.

            • by icebike ( 68054 )

              Please just Google Los Alamos and Security Breach, or, I don't know, maybe click the link in the message you replied to?

              Don't pontificate about standards that appear to be honored only in the breach.

            • by 1729 ( 581437 )

              Read the NISPOM and JFAN security guides. No external devices can be brought in to secured areas. No USB sticks, no media without a lengthy process to scan and check in the data. Nothing leaves the secured area without being shredded. We had some hefty machinery built to munch up everything from memory and CD/DVD media to hard drives and LTO tapes.

              So "congress"? Yes, but we already know that cesspool for what it is. Secured areas like LANL? Not a chance.

              Times have changed. Dunno about LANL, but at LLNL:

              https://csp-training.llnl.gov/CS0149-W/non-gov_respons.html [llnl.gov]

    • by Anonymous Coward

      I guess they mean designed in China vs designed in the US. Huawei chips designed in China could have all sorts of backdoor functions built in. At least the CIA knows about the Cisco backdoors.

    • by kelemvor4 ( 1980226 ) on Monday January 07, 2013 @01:46PM (#42507683)

      If they don't want made-in-China equipment, what are the alternatives? I don't think that doing without is much of an option.

      I think the concern was specifically with Huawei and the recent hubub surrounding that outfit. Probably only for the reason you are alluding to. If there are any switches manufactured in the US, then I think it would be prudent to use those for high value operations like this one. Actually, if there weren't any - I think the needs of this particular operation would warrant the government manufacturing their own. Control of our nuclear arsenal is somewhat important ;).

  • by account_deleted ( 4530225 ) on Monday January 07, 2013 @12:38PM (#42506769)
    Comment removed based on user account deletion
  • Most HP A-Series switches are just rebadged H3C hardware. Some still come direct from HP with the H3C badge on.

    Given that the A-Series firmware is present across even the HP badged hardware, are they going to throw out all HP A-Series switches?

    • by Shoten ( 260439 )

      Most HP A-Series switches are just rebadged H3C hardware. Some still come direct from HP with the H3C badge on.

      Given that the A-Series firmware is present across even the HP badged hardware, are they going to throw out all HP A-Series switches?

      They'd have to have HP-made switches in the first place...I recall HP's market penetration, and from what I recall, neither of HP's customers are a National Laboratory...(snicker)

  • by jsepeta ( 412566 ) on Monday January 07, 2013 @12:44PM (#42506847) Homepage
    We have the know-how, and a patriotic, knowledgeable, and capable workforce. If congress instituted taxes on foreign made goods to help fund jobs in America, we'd be safer.
    • by vlm ( 69642 )

      It would be cheaper, simpler, and "fairer" to enforce US EPA, FCC, FDA, and OSHA laws on the foreigners and then see who's more productive...

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        Ok, I'll bite vim. How can we enforce the rules of those agencies on Chinese manufacturers? The bunk beds Foxconn stacked their workers in were an OSHA violation before they even started their work day.

        I would recommend we sythesize your and jsepetas theories. We tax imports based on an estimated cost of the imported product if the company in question were to be OSHA, EPA, FDA, and FCC rule compliant, and as they come into compliance with each we drop that portion of the tax.

        Aside from enormous difficult

        • by vlm ( 69642 )

          Aside from enormous difficulty of managing the import taxation-register and verifying compliance, what do you think?

          Only enforce on companies larger than X personnel or Y sales volume or something like that?

          I think people overestimate how common inspection is in our homeland. Unless the boss committed a political offense, its rare to be inspected for anything more than once every couple years for anything, unless someone gets hurt on the job or an anonymous report is made. I'm guessing that the inspection cost will not be very high.

          Another interesting way to save money is to provide an industry standard assumption. If

        • "The bunk beds Foxconn stacked their workers in were an OSHA violation before they even started their work day."

          USA employers solve this by requiring workers to find their own damned accomodation.

          Any real incentive to "buy american" went away when the social contract inherent in the New Deal was torn up.

    • Re: (Score:1, Funny)

      by Anonymous Coward

      There would also be more pollution in the environment. Keep it in China. That way it's not in the environment.

    • If congress instituted taxes on foreign made goods to help fund jobs in America, we'd be safer.

      Like the way Smoot-Hawley kept us out of WWII?

    • Re: (Score:3, Insightful)

      Sure, break all the WTO agreements and see if SA keeps buying US bonds ... a country with energy and food independence can do whatever the fuck it wants with it's trade policies, the US not so much.

    • "If congress instituted taxes on foreign made goods to help fund jobs in America, we'd be safer."

      No, you'd just be naked and gadgetless and the WTO would grant China the right to copy all the movies and music they want and sell it at will.
      The WTO already gave Antigua and Barbuda the go-ahead to punish the US by violating copyrights and trademarks.

  • Trusted Foundry (Score:5, Insightful)

    by Scot Seese ( 137975 ) on Monday January 07, 2013 @12:51PM (#42506937)

    They will most likely be replaced with equipment provided by vendors who are on the U.S. military's "Trusted Foundry" schedule. It doesn't matter if half the chips in those "Trusted Foundry" switches are manufactured in China - as a result of careful research, you can be "reasonably" sure they don't contain backdoors or malicious code.

    "Reasonably."

    • Re:Trusted Foundry (Score:5, Insightful)

      by Shoten ( 260439 ) on Monday January 07, 2013 @01:18PM (#42507321)

      They will most likely be replaced with equipment provided by vendors who are on the U.S. military's "Trusted Foundry" schedule. It doesn't matter if half the chips in those "Trusted Foundry" switches are manufactured in China - as a result of careful research, you can be "reasonably" sure they don't contain backdoors or malicious code.

      "Reasonably."

      There's another factor in this. A company like Huawei (founded by former members of the PRA, specifically ones from their cyber warfare capability) or H3C (owned by HP as a subsidiary, but otherwise entirely Chinese, top-to-bottom) can easily be argued to have interests that align with China. Cisco, on the other hand, is an American-founded company with American management.

      If a Chinese national in China puts some nastiness into a switch/router/espresso machine that is then deployed in a sensitive location in the USA, well, it'll make a stink, but nobody will be all THAT shocked either, as the people behind it will be acting in their own nation's interests. Furthermore, they do not have the same market position in the West, and thus have less to lose economically. But if Cisco does this, they are really in deep trouble. I guarantee that the upper and middle management would have to prove their lack of knowledge of it. And that's a losing proposition right there: either you can't prove you knew about/controlled it (in which case you are now on the hook for espionage and other nasty things) or you successfully prove that you have no real control over your own products. At that point, you've proven either that you will screw your own customers AND countrymen, or that you really have no way of keeping your underlings from doing the same. So Cisco has an enormous incentive to make sure that no hanky-panky goes on at their manufacturing facilities, wherever they may be.

      • Re:Trusted Foundry (Score:5, Insightful)

        by johanw ( 1001493 ) on Monday January 07, 2013 @01:30PM (#42507487)
        Cisco already made backdoors in some products we know of (the recent hazzle about their IP-phones). And they won't even fix some of them. Unless you're connected with the Dalai Lama I think you're much safer with Chinese hardware than with American. At least the Chinese don't give a damn if I download movies for free.
        • "Safer" is a pretty relative term. A home user may be "safer", in the sense that their online traffic data would only go to the Chinese, who wouldn't really care about what they're doing online. For a government user, sending a copy of their traffic to China is not safer. Likewise, for a government user they don't really care if all of their traffic is being sent to the NSA, because they're the NSA. But for a home user, you probably don't want all of your traffic going to the NSA. Home users might be s

      • A company like Huawei (founded by former members of the PRA

        People's Riberation Army? :p

        • by Shoten ( 260439 )

          A company like Huawei (founded by former members of the PRA

          People's Riberation Army? :p

          (grin)

          I was hoping someone would catch that :)

    • They will most likely be replaced with equipment provided by vendors who are on the U.S. military's "Trusted Foundry" schedule. It doesn't matter if half the chips in those "Trusted Foundry" switches are manufactured in China - as a result of careful research, you can be "reasonably" sure they don't contain backdoors or malicious code.

      "Reasonably."

      They put a quark in it.

    • by pnutjam ( 523990 )
      You would prefer unreasonably?
  • by jkrise ( 535370 ) on Monday January 07, 2013 @01:03PM (#42507109) Journal

    A nuclear lab is, as I would imagine, a place where radioactive materials are researched in order to produce destructive levels of energy. Information generated, processed and researched in this lab should be ideally completely cut off from the rest of the World. It makes zero sense to connect this network of computing devices to the outside world and the internet, so that researchers can post to Facebook or play networked Solitaire. Security should be achieved by completely isolating this network from the rest of the World.

    I do not know of any 'networking' devices from any country or vendor that does not have any vulnerabilities, or is completely immune to hacking. To imagine that non-Chinese networking devices are more 'secure' is to totally miss the point.

    • by icebike ( 68054 )

      An air gap certainly makes sense in places like this, (and far more secretive places).

      But that particular lab has a horrible history with security issues. Just Google Security Breach Los Alamos.
      Its been far too easy to foreign nationals employed there, and security has always been pretty lax.

      However one must entertain the idea that not everyone working there is entirely clueless, and they have some evidence of rogue network traffic, or some other evidence of breach, or potential for same.

      After all LANL has

    • That misses the point though; can you imagine if switches were installed in such a lab with a stuxnet-style attack built in and waiting for a certain type of network traffic to pass over them to trigger?

      At that point, it doesn't really matter if data is exfiltrated or if there's no way to remotely access the switches. This seems like what they're attempting to protect against, and is the kind of attack unlikely to originate from home-grown hardware. Of course, most "home grown" hardware these days has chi

  • by game kid ( 805301 ) on Monday January 07, 2013 @01:15PM (#42507281) Homepage

    Dear Sirmadam President,

    You might have removed our Glorious People's Technology from your nuclear reactors, but we know everything that happened in there now. The nuke codes, the aliens, the frat parties you held above the spent-fuel pool with that "Lohan" girl because the glow was supposedly aphrodisiac...pah! We're way ahead of you there! [wikipedia.org]

    We have better nukes. Scalier aliens. Even more of your tech. And when we call in your debts...we'll have the blackmail videos from the party to make you pay! I hear some of your Cabinet members were...deeply embedded that day! Haaa hahaha*continues to laugh and cough all Sephiroth-like*...

    On behalf of the People's Republic,

    [signature]

    Big Hoojie [wikipedia.org]

    PS: YES WE SPELLED "SCALIER" CORRECTLY. Our aliens are like fucking Draconians, not those starved green bean dolls with potato heads and shit.

  • This FUD is just weird. Why is there a FUD campaign being waged against Huawei? And who is behind it? And what's Slashdot's motive for getting involved?

    (Maybe Huawei is doing exactly what the FUDsters fear, BTW. I have no idea. I just think the FUD campaign is curious.)

  • by Spy Handler ( 822350 ) on Monday January 07, 2013 @01:21PM (#42507369) Homepage Journal

    for opening up China to trade. (granted he thought he was doing good by dividing the Communist bloc and weakening the Soviets)

    Free unrestricted trade is NOT a 100% universally good thing, no matter how much our glorious corporations and econ professors tell us so.

  • by ThatsNotPudding ( 1045640 ) on Monday January 07, 2013 @01:37PM (#42507547)
    This would be another reason not to allow personal cellphones in secure and sensitive work areas. If the FBI can turn on mobsters' phone mics (and therefore cameras), so can the Peoples' Central Committee.
  • by Virtucon ( 127420 ) on Monday January 07, 2013 @01:49PM (#42507731)

    Cisco or Juniper just received a big contract to supply Chinese made goods from a US Brand name Manufacturer.

    It just goes to show how screwed up our government is, really. If somebody in the NSA would dissect one of these systems and say "there's where the security hole is" it would be of real benefit to the rest of us who support lots of shops with a variety of gear. If there isn't anything to worry about then just tell those idiots on capitol hill to STFU! Oh wait, we're talking congress right? Never mind.

  • by blind biker ( 1066130 ) on Monday January 07, 2013 @02:00PM (#42507869) Journal

    Cisco switches are made in China, with chinese-made components - that is, the nice ASICs put in the switches, the perfect place to put the backdoors.

  • L-o-o-o-ng overdue (Score:5, Insightful)

    by gestalt_n_pepper ( 991155 ) on Monday January 07, 2013 @02:02PM (#42507895)

    Hardware and chips are about the most obvious attack vector for USA defense hardware there is. I seriously doubt that more than half of our radio transmission equipment would work 15 minutes into a conflict with China, since this too is an obvious weak point. I expect that hardware generated viruses would take out quite a bit of our tactical grids as well. It's what I would do, if I were them.

    Bottom line. We can't buy *ANY* defense equipment from overseas, directly or indirectly, without increasing security risks significantly.

    Not that anyone cares, of course. Politicians just want to reduce costs. So do contractors and subcontractors. Monitoring all this costs money and nobody wants to be accused of "regulation" or being against globalization, and so we seal our own eventual military doom.

    • All it'd take to knock out North American (or European, or Asian, etc) infrastructure is a few well-aimed strikes at the power distribution inftrastructure.

      The choices are:

      Conventional precision strikes on major transformers (the same ones everyone's worrying which would be knocked out in a major solar flare)

      A suitable yield stratospheric nuclear airburst - why create masses of fallout and civilian deaths when you can simply wipe out half a continent's worth of electrical grid in one go with a good-si

      • And why bother with a bomb when you can do it with a SCADA virus?

        • As a bonus, scada virus won't result in rapidly escalating nuke exchanges. The scenario for such events now is actually worse than in the cold war days.

          For all the USA military is sabre rattling about cyber-attacks. any such attack on a foreign nation which has ample resources to retaliate is a non-starter. It's much easier to simply arrange for top tier carriers to blackhole the ASNs involved.

          This is already done routinely, although the usual target is hijacked netblocks and the ASNs advertising their

  • Roadhouse.
    Alliteration.
  • Open Source Hardware (Score:4, Informative)

    by xanojsp ( 1994442 ) on Monday January 07, 2013 @02:31PM (#42508359)
    For critical applications, one can use a White Rabbit switch [ohwr.org]. White Rabbit is a technology developed at CERN and other institutes and companies. The switch PCB is Open Source (licensed under the CERN Open Hardware Licence [ohwr.org]) and all the switching happens inside an FPGA for which all VHDL sources are available under LGPL. There is already one company [sevensols.com] commercializing it, but the sources are all available for any other company to build it, test it, commercialize it and provide support. The terms of the licence give no privilege to any single vendor. No royalties, no patents. Plus the HDL can be customized for particular applications (low latency, redundancy...).
    • object White Rabbit kill all the camera and door locks.

    • Except the FPGA is proprietary so there is no guarantee that nothing underhand is happening there. It is a question of how deep you want to go, at some point you have to trust someone.
      • So you mean that Xilinx would know in advance someone will use pin number h9 of one of their chips as a port in an Ethernet switch and would have instrumented the chip to sniff Ethernet frames as they go through that port and send them somewhere? OK...
        Would they do that for all possible data transmission standards (SATA, firewire...) and all possible pins in all FPGA families? I agree at some point you have to trust someone, and this is a point I would be comfortable with.
  • This appears to be a step taken to placate a nervous Congress, rather in response to any detected security issues.

    But there *are* glaring security issues, with at least some of their products.

    https://www.computerworld.com/s/article/9229785/Hackers_reveal_critical_vulnerabilities_in_Huawei_routers_at_Defcon [computerworld.com]

Never tell people how to do things. Tell them WHAT to do and they will surprise you with their ingenuity. -- Gen. George S. Patton, Jr.

Working...