FCC Poised To Ban All US Sales of New Huawei and ZTE Equipment (axios.com) 42
The Federal Communications Commission plans to ban all sales of new Huawei and ZTE telecommunications devices in the U.S. -- as well as some sales of video surveillance equipment from three other Chinese firms -- out of national security concerns, Axios reported Thursday, citing sources. From the report: The move, which marks the first time the FCC has banned electronics equipment on national security grounds, closes a vise on the two Chinese companies that began tightening during the Trump administration. The ban marks the culmination of years of warnings from security researchers, analysts and intelligence agencies that the Chinese government could use Chinese-made telecommunications equipment to spy on Americans.
The price could come in higher costs for some smaller telecommunications providers that favored the Chinese companies' products thanks to their aggressive pricing. On Oct. 5, FCC Chairwoman Jessica Rosenworcel circulated a draft order among her fellow commissioners. The order -- which still needs to be voted on -- would effectively ban new equipment sales in the U.S. from firms that pose a threat to national security, two sources with direct knowledge told Axios.
The price could come in higher costs for some smaller telecommunications providers that favored the Chinese companies' products thanks to their aggressive pricing. On Oct. 5, FCC Chairwoman Jessica Rosenworcel circulated a draft order among her fellow commissioners. The order -- which still needs to be voted on -- would effectively ban new equipment sales in the U.S. from firms that pose a threat to national security, two sources with direct knowledge told Axios.
I've said it before and will say it again (Score:2, Interesting)
- The idea the Chinese need a Chinese-owned company to spy on Americans and that they can not trivially implant insiders into any US company they want, is hilarious.
- The idea that the Chinese can somehow create technology that can be embedded into smartphones and 5G equipment, that somehow violates physical laws and/or is impossible to detect by the NSA and other US intelligence apparatus, should be considered an insult to said apparatuses. Essentially you are saying the Chinese are way smarter than Americ
Re: I've said it before and will say it again (Score:5, Insightful)
Re: (Score:1, Troll)
None of these things are black boxes whatsoever. They are all wide open to inspection, especially by the intelligence apparatus.
Re: I've said it before and will say it again (Score:5, Insightful)
> None of these things are black boxes whatsoever.
Most chips are rectangular (boxes with minimal depth) covered in a ceramic housing that is black. They are literal black boxes.
And no they aren't meant to be opened. It takes a great deal of time, expense and expertise to reverse engineer these chips. That would be like saying any commercially compiled code is open to inspection because you can go through the effort of tracing and reverse engineering it.
Re: (Score:3)
And no they aren't meant to be opened. It takes a great deal of time, expense and expertise to reverse engineer these chips.
And most of the firms which do it... are Chinese.
Re: (Score:2)
Most chips are rectangular (boxes with minimal depth) covered in a ceramic housing that is black. They are literal black boxes.
Ah... You get a million points for being TECHNICALLY correct.
However, they aren't actually black boxes to the FCC. TBH the most likely place for an implant of any kind is in a Software update to be distributed later (Possibly after exploiting a security vulnerability) -- the Chinese can do this to US equipment too.. they just need to find a suitable "bug" and keep it under wrap
Re: (Score:2)
The unspoken answer to "why not", is because this is all about money, not about security.
Re: (Score:2)
And of course there is zero chance that design and samples submitted for testing differ in any way from what actually gets sold, right? You'd have to be pretty daft to believe that.
Re: (Score:2)
the government can and will Subject things to full inspection
No. The FCC can't afford to de-lid ICs and analyze dies.
Ah, so just use magic! Or destruction. (Score:2)
> ensure the design matches what is on file
Yeah, for every router in the shipping container, "ensure" that this SOIC is the same chip that's specified in the approved design. You do that by - magic?
Or are you suggesting decapping every chip in every router so you can look at them under a microscope - thereby destroying them?
You can either have a chip that works, or a chip that has been decapped and examined by experts (at very high unit cost) - but not both. You can't both perform forensics on the chip
Re: (Score:3)
Not so much these days. Take a photo of the die with a high resolution microscope and a computer vision system can reverse engineer all the logic, ROM contents and more.
It's not really necessary though. If any of these chips were transmitting information back to the Chinese it would be detectable. And you can bet that the NSA know all the ways it could be done, and what to look for.
At worst there might be some kind of hidden kill switch that only triggers when it sees specific sequences of data or something
Re: (Score:2)
> It's not really necessary though. If any of these chips were transmitting information back to the Chinese it would be detectable.
Because steganography doesn't exist or because China can only use Chinese IP addresses? Which or both of these do you believe?
Re: (Score:2)
As I said, I'm sure the NSA has developed all the steganographic tricks and knows how to look for them.
The basic technique for finding this stuff is to look for unexpected traffic.
Re: (Score:2)
It does take time, expertise, and expense to do it but if we're talking national level concerns fielded by the NSA and FCC, that's not a barrier. Same with compiled code, really. Once you start getting to state actor levels of these kind of things, the only real barrier is how obfuscated things are.
But like the AC down below said, just because a sample device or three are clean, or even randomly selected from retail pipelines, there's no way to guarantee they all are. But that'd be a pretty scattershot way
Re: (Score:2)
And yes, the NSA manages to handily replace firmware and put in its own backdoors in these boxes. I wonder who they are doing that...
Re: (Score:2)
It takes a great deal of time, expense and expertise to reverse engineer these chips.
You don't reverse engineer chips to look for security issues. You analyse chip behaviour. Just like I don't need to disassemble the source code of Windows to log on my router that it is pinging datahoover.microsoft.com at regular intervals.
Re: (Score:2)
And if that's all it's doing, it's probably harmless, although why it has to make sure that it can reach that host, or keep confirming that it's up and has Internet access isn't exactly clear. However, every ping has (or can have) a payload, and there's nothing to prevent that payload from containing real, possibly important data.
Re: (Score:2, Insightful)
None of these things are black boxes whatsoever.
It takes a special kind of stupid to say something like that. Open up any computer and take a look at its circuit board. Nothing but little black boxes (chips) everywhere.
They are all wide open to inspection, especially by the intelligence apparatus.
More bullshit. Yes, with specialized equipment and tons of technical know-how, it is possible to decap a chip and look inside. But you will never truly know exactly everything possibily lurking inside, as modern chips with their smallest geometries can pack tons upon tons of circuitry. Nobody can fully reverse engineer all that within thei
Re: I've said it before and will say it again (Score:3)
Re: (Score:1)
This is really about US companies having lost to Huawei and ZTE on 5G and other network technologies. Huawei did the R&D that formed much of the 5G, which means they get patent royalties and they had a head start on everyone else to produce 5G equipment.
For years that meant telcos were installing Huawei gear, and Western companies missed out on all the next generation sales they were hoping for.
So they started whining to the government, and came up with a scheme where Huawei gear gets banned and the gov
Re: (Score:1)
What this REALLY means (Score:2)
If the American government is worried that Chinese spy agencies have ordered Chinese companies to insert severance backdoors into their telecom equipment, it means one thing is absolutely certain; American spy agencies have ordered American companies to insert severance backdoors into their telecom equipment.
Re: (Score:2)
surveillance (damn autocorrect).
Re: (Score:3)
You don't even have to infer that from this action, there have been stories about it doing so over the years... and my response is, "so what?" It's the US government's job to protect its communications security (and to attempt to compromise the communications security of other nations) just as its the job of the governments of other nations to do those things. Other nations are free to say "no, we'll make our own, thanks" in response to this, just as the US is free to say "no Huawei in our infrastructure.
Re: (Score:2)
Yeah, the quote from the summary could easily read
The ban marks the culmination of years of warnings from security researchers, analysts and intelligence agencies that the US government could use US-made telecommunications equipment to spy on Americans.
Because we know for sure, thanks to Snowden, that they do in fact systematically backdoor Cisco equipment and doubtless all other brands as well. There are actual photos of them intercepting the hardware during shipping, installing unremoval malware in its basic firmware, and then sending it on to customers.
And I'm sure many other countries do the same thing too.
Re: (Score:2)
And they don't need to own the companies to do it.
Re: (Score:2)
This move is probably at least about making sure the hardware installed is backdoored by the NSA as it is about making sure it isn't backdoored by China. But by the same token, we know it's possible for it to have Chinese backdoors if it comes from China, specifically because the NSA puts back doors in the domestic hardware. So while there's no reason to cheer the NSA, there's also no reason to doubt that Chinese hardware could be spying for China.
It would be easy enough to rewrite packets going through a r
Re: (Score:2)
- The idea the Chinese need a Chinese-owned company to spy on Americans and that they can not trivially implant insiders into any US company they want, is hilarious.
The later is far more difficult to do and not get caught.
- The idea that the Chinese can somehow create technology that can be embedded into smartphones and 5G equipment, that somehow violates physical laws and/or is impossible to detect by the NSA and other US intelligence apparatus, should be considered an insult to said apparatuses. Essentially you are saying the Chinese are way smarter than Americans.
The NSA is not omnipotent and it takes an incredible amount of sophistication to inspect cutting edge chips. The Chinese are also human and therefore are just as cunning as we are. By the time we detected that something was amiss, it would already have widespread installations.
You seem to overestimate the capabilities of the NSA and underestimate the abilities of their foreign compliments.
- The real truth behind these actions has nothing at all to do with espionage and everything to do with economic warfare.
You speak as if the two are not connected. The nation that ste
Re: (Score:2)
Re: (Score:2)
Indeed. Also, the US is harming its economy, because US companies now have to buy sub-standard, overpriced and insecure equipment from Cisco or the like.
Re: (Score:3)
- The idea the Chinese need a Chinese-owned company to spy on Americans and that they can not trivially implant insiders into any US company they want, is hilarious.
The Chinese are not stupid enough to focus only on a single espionage vector. Social and economic vectors are orthogonal to technology vectors and are often complementary.
- The idea that the Chinese can somehow create technology that can be embedded into smartphones and 5G equipment, that somehow violates physical laws and/or is impossible to detect by the NSA and other US intelligence apparatus, should be considered an insult to said apparatuses. Essentially you are saying the Chinese are way smarter than Americans.
Which is more believable? That the Chinese can engineering trojans or that the US has the ability to detect all possible trojans? If the latter were true, then computer security would be a lot easier than it is.
- The real truth behind these actions has nothing at all to do with espionage and everything to do with economic warfare. The US is afraid of increasing Chinese dominance in high-tech and is using whatever lever it can pull to quell that.
Security and economic concerns are not mutually exclusive. In fact, they are often inextricably connected. For example, as we
Re: (Score:2)
Here in Australia there is a telco/ISP called TPG that was planning to build a 4th mobile network to compete with the 3 existing networks (Telstra, Optus and Vodafone). When the Australian government (no doubt at the behest of the US) banned Huawei equipment from being used, TPG openly said that their plans for a new mobile network are no longer viable and has since merged with the #3 carrier Vodafone.
Lifeline/Obamaphones (Score:1)
My Lifeline (Obamaphone) phone is a ZTE-branded phone. Wonder if/how that will affect me. This is going to be interesting to watch.
Re: (Score:1)
Re: (Score:2)
There are two welfare phone programs. The Clintonphone (landline) and the Bushphone (cellular)
And then there's antivirus (Score:1)
Every single one of the major antivirus vendors is now owned by a single, Russian parent company...
All this and TikTok goes on unchecked.... (Score:2)