A new report by Bloomberg claims that telecom giant Vodafone had found potential hidden backdoor vulnerabilities in Huawei equipment, but the claims have been refuted the carrier.
The Bloomberg report makes claims that Vodafone Italy confirmed that they had found vulnerabilities as far back as 2009 in Huawei telecoms and internet equipment.
Obviously Vodafone has a massive interest in denying these stories, and I find it suspicious that stories like this are almost always waved away with a we forgot to turn off/remove a diagnostic thing, oopsie!, but for us mere mortals it’s just impossible to get a good reading on this. I mean, it’s not as if we have much of a choice but to assume our carriers know what they’re doing.
…wait.
Honestly, it’s not really surprising if true. And I really doubt it’s restricted to Chinese-sourced equipment.
At this point, it’s pretty reasonable to assume that one or multiple intelligence agencies are able to or are recording/tapping pretty much all electronic communications.
What irks me is that people are pretending like this is the first time equipment manufacturers are doing it. The likes of Cisco have been aiding the US intelligence services for years, yet not a peep from the international press. Huawei has the most advanced 5G equipment on the market currently, beating their rivals when it comes to transfer rates and signal reliability. It seems like a conspiracy to destroy an upcoming dominant player while keeping US friendly manufacturers entrenched in the market. I guess if they repeat the baseless stories frequently enough, people may believe it.
Thom Holwerda,
From the article.
Many of us use routers that might have default passwords for admin services (telnet or http) that use factory configured defaults or are based on serial numbers. When not properly re-configured by the end user, it might be construed as “backdoor” access, but while partially true, that could be misleading in terms of headlines. That’s not a backdoor so much as poorly configured by the user. I’d only consider it to be a backdoor when a reasonably knowledgeable user configures the device properly and the manufacturer still has remote access. So it seems possible that bloomberg’s claim that there’s an admin/diagnostic telnet interface and vodafone’s and huawei’s claim that there’s no “backdoor” could be simultaneously true. I’m all for reporters blowing the whistle on manufacturer backdoors, but unfortunately the linked article provides virtually no evidence for it and neither does the underlying bloomberg article, so I can’t tell if bloomberg’s piece is making a legitimate claim here or if it’s a unwarranted attack on huawei’s character in the ongoing 5G war.
What I find highly hypocritical though is that US companies are increasingly deploying code execution backdoors and compulsory data telemetry into software & hardware platforms (you know who you are!). Make no mistake, I really don’t want chinese companies having remote access to my devices, but I feel news organizations should be more honest and point out the ways US tech companies are guilty too. We know that sometimes the US government coerces/forces companies to gather information about people even outside US jurisdictions, so it’s really difficult to claim a moral high ground over china. Deep down, the US government doesn’t truly object to backdoors when they control them.
They who are without telnet backdoors among them, let them first impose the ban on Huawei.
It sounds like poorly implementation or miss configuration of some kind of home DSL router.
And 10 years ago poorly set up equipment, either by carriers themselves or manufacturers, was not exactly uncommon. The only “news worthy” in this case is that when Vodafone found the issue, they actually implemented the fix from Huawei before shipping to customers.
Morty,
Yeah, the bloomburg details are disappointingly vague. However I find it awfully familiar to the telnet interface on netgear devices.
I’ve confirmed this works on my old routers. I don’t know if they still do this?
https://www.myopenrouter.com/forum/q-how-telnet-router-w-orig-fw
https://uktechhub.com/forums/topic/how-to-enable-telnet-access-on-the-netgear-r7800-debug-hidden-page/
According to this link, Netgear, Linksys and Cisco (ie US companies) all had backdoors found in 2014.
https://securityaffairs.co/wordpress/20941/hacking/netgear-linkys-routers-backdoor.html
There’s a lot of hypocrisy, I think kwan_e has it right:
Not the first time Bloomberg tossed shit on Chinese, Not the first time it was denied by others, and had to retract the claim:
https://www.reuters.com/article/us-china-cyber/apple-amazon-deny-bloomberg-report-on-chinese-hardware-attack-idUSKCN1ME19J
Greatly advantaged with this article. thanks a lot.
http://www.anjali-khanna.in/
http://www.shreya-singh.com
http://www.sehzadi.com
I suspect between 5-Eyes and the East it’s highly unlikely any communications are truly secure. Reality is politicians are some off the very earliest adopters of any new secure communications app, From WhatsApp to Wickr and Signal and the like, the Politicians try them all and they think nearly all of them let them down. Although that perception might be unfounded as it’s clear people are easily the weakest link. Yet the behaviour of politicians should probably be a warning to the rest of us, because they must act that way for a reason!
There is some irony when many internet users accept foreign powers can hack a fighter jet loaded with the very latest counter measures which is flying at high altitude, at high speed over a remote location, yet they think their iPhone in the wild of a dense urban environment is secure and accept Apple’s adverstising without question! Life is truly stranger than fiction!
Worth reading about this company’s “owners”…..
https://freebeacon.com/national-security/report-explores-who-owns-huawei/
Yet another Huaweigate missive , one day it might have something to it but everyone will have given up caring cause you can only take so much shite…
Oh, where do I got to sign up for my Social Score as best be in the right frame for the new Imperium to be, thanks.