Thread: US warning allies to ditch Huawei, Chinese "spying" equipment

UK: Huawei is spying for the chinkies
Huawei: No we're not, honest, you can trust us, John.

Originally Posted by harrybarracuda

UK: Huawei is spying for the chinkies

Show us your cards or fold.

Awww is the widdle chinky sychophant all indignant?



If there was a chinky playing cards in the picture you were going to use, he'd probably have his Huawei phone camera spying on his neighbours hand.

European Commission weighs in on 5G security



The European Commission (EC) has released a set of operational recommendations that target cybersecurity across 5G networks in Europe. The recommendations are the result of a March 22 European Council meeting (PDF), in which heads of state called for a “concerted approach to the security of 5G networks.”

The recommendations call for each EU member state to complete a national risk assessment of 5G network infrastructures by the end of June 2019, and then update existing security requirements for network providers to include conditions for ensuring the security of public 5G networks. The EC said such measures are meant to protect the economies, societies and democratic systems that’ll be impacted by 5G technologies moving forward.

It asks that member states exchange information with one another and the European Agency for Cybersecurity (ENISA) in order to complete a coordinated risk assessment by October 2019. Member states will then decide upon a set of measures, ranging from certification requirements, tests, controls and the identification of products or suppliers that are considered potentially nonsecure.

Finally, it asks member states to further collaborate with industry stakeholders to develop a dedicated EU-wide certification scheme for 5G, which should then become mandatory for 5G suppliers.

“The resilience of our digital infrastructure is critical to government, business, the security of our personal data and the functioning of our democratic institutions,” said Commissioner Julian King, who is in charge of the Security Union, in a statement. “We need to develop a European approach to protecting the integrity of 5G, which is going to be the digital plumbing of our interconnected lives.”

The measures are in response to growing concern among leaders globally over the vulnerabilities of 5G networks built using too few suppliers. The U.S. government has launched a lobbying campaign against China-based 5G vendor Huawei over security concerns that has resulted in a handful of countries banning Huawei products from 5G deployments.

In Europe, countries have been less interested in banning Huawei altogether, opting instead to shore up security guidelines around 5G networks. Germany’s telecom regulatory body, the Federal Network Agency (BNetzA), for example, announced earlier this year it would not ban Huawei products from 5G deployments, which prompted a U.S. ambassador to threaten to withhold intel from Germany.

https://www.fiercewireless.com/wirel...hs-5g-security

Fucking right they need a Risk Assessment, all that chinky spying equipment.

Huawei Frightens Europe's Data Protectors. America Does, Too

By Helene Fouquet

and Marie Mawad



24 February 2019, 12:00 GMT+7 Updated on 25 February 2019, 15:10 GMT+7

• U.S. Cloud Act is raising concern about extraterritoriality
  
  
• Act allows authorities to get data overseas, EU to negotiate
  
  
  

"There’s "no proof of any wrongdoing" by Huawei, says Telefonica CEO Jose Maria Alvarez-Pallete.

A foreign power with possible unbridled access to Europe’s data is causing alarm in the region. No, it’s not China. It’s the U.S.



As the U.S. pushes ahead with the “Cloud Act” it enacted about a year ago, Europe is scrambling to curb its reach. Under the act, all U.S. cloud service providers from Microsoft and IBM to Amazon -- when ordered -- have to provide American authorities data stored on their servers regardless of where it’s housed. With those providers controlling much of the cloud market in Europe, the act could potentially give the U.S. the right to access information on large swaths of the region’s people and companies.


The U.S. says the act is aimed at aiding investigations. Some people are drawing parallels between the legislation and the National Intelligence Law that China put in place in 2017 requiring all its organizations and citizens to assist authorities with access to information. The Chinese law, which the U.S. says is a tool for espionage, is cited by President Donald Trump’s administration as a reason to avoid doing business with companies like Huawei Technologies Co.


“I don’t mean to compare U.S. and Chinese laws, because obviously they aren’t the same, but what we see is that on both sides, Chinese and American, there is clearly a push to have extraterritorial access to data,” Laure de la Raudiere, a French lawmaker who co-heads a parliamentary cyber-security and sovereignty group, said in an interview. “This must be a wake up call for Europe to accelerate its own, sovereign offer in the data sector.”


Matters of espionage and foreign interference will be at the center of talks at Europe’s biggest telecoms and technology conference, the MWC Barcelona, that started Monday.
Irish Case

The Cloud Act (or the “Clarifying Lawful Overseas Use of Data Act”) addresses an issue that came up when Microsoft in 2013 refused to provide the FBI access to a server in Ireland in a drug-trafficking investigation, saying it couldn’t be compelled to produce data stored outside the U.S.
The act’s extraterritoriality spooks the European Union -- an issue that’s become more acute as trans-Atlantic relations fray and the bloc sees the U.S. under Trump as an increasingly unreliable ally.


Europe may seek to mitigate the impact of the law by drawing on a provision in the act that allows the U.S. to reach “executive agreements” with countries allowing a mutual exchange of information and data. The European Commission wants the EU to enter into talks with the U.S., and negotiations may start this spring.
EU Action

France and other EU countries like The Netherlands and Belgium are pushing for the bloc to present a common front as they struggle to come up with regulations to protect privacy, avert cyber attacks and secure critical networks in the increasingly amorphous world of information in the cloud.


A Dutch lawmaker at the European Parliament, Sophie in ’t Veld, recently expressed frustration at what she called the EU’s “enormous weakness” in the face of the U.S.’s “unlimited data hunger.”


“Because of the Cloud Act, the long arm of the American authorities reaches European citizens, contradicting all EU law,” she said. “Would the Americans accept it if the EU would grant itself extraterritorial jurisdiction on U.S. soil? And would the Commission also propose negotiations with Russia or China, if they would adopt their own Russian or Chinese Cloud Act?"


An internal memo crafted by the French government in November states that “the Cloud Act could be a test from the U.S., and they expect a political response, which ought to be European to be strong enough.”

French Response


The Cloud Act was enacted just weeks ahead of Europe’s data-protection law, the General Data Protection Regulation, or GDPR, which states that all businesses that collect data from EU citizens have to follow the bloc’s rules, which could put the two laws at odds.


While waiting for the EU to get its response together, some countries are preparing their own, with the French leading the pack. President Emmanuel Macron’s teams are readying legal and technical measures to shield the country, four government officials involved said. The president’s office, the finance ministry and the state’s cyber security agency ANSSI have worked on it for the last 10 months.


“The more we dig into the Cloud Act, the more worrying it is,” said ANSSI chief Guillaume Poupard. “It’s a way for the U.S. to enter into negotiations... but it has an immediate extraterritorial effect that’s unbearable.”

Not OK

The French government has held meetings with banks, defense contractors, energy utilities and others, asking them to use “Cloud Act-safe” data providers. It’s also studying legal options, a finance ministry official said. One way might be to refresh a 1968 “Blocking Statute,” which prohibits French companies and citizens from providing “economic, commercial, industrial, financial, or technical documents or information” as evidence in legal proceedings outside the country.


“No one can accept that a foreign government, even the American one, can come fetch data on companies stored by a U.S. company, without warning and without us being able to respond,” Finance Minister Bruno Le Maire said in a speech on Feb. 18.


France has been more vociferous in its opposition to the Cloud Act because its companies have borne the brunt of other extraterritorial U.S. laws. In 2014, BNP was slapped with an $8.97 billion U.S. fine for transactions with countries facing American sanctions. French oil company Total SA walked away from a $4.8 billion project in Iran after Trump pulled out of its nuclear deal.

Local Providers

One consequence of the Cloud Act is that European companies and organizations will start looking for local alternatives. Europe’s phone operators, many of whom are already being steered away from Huawei, see the act making providers from the U.S. a threat, too.


“On the one hand you have this Chinese expansion and on the other these new U.S. rules are putting American companies at the mercy of the administration,” Gervais Pellissier, deputy chief executive officer of Orange SA, told reporters on Thursday in Paris. “The hardware bricks are either American or Chinese. We need to now find a software layer to deal with the situation.”


Local cloud providers are using the Cloud Act and GDPR in their sales pitches. French company Atos is telling customers it’ll keep their most-sensitive data physically on servers in Europe. It struck a deal with Google to safeguard client data.


OVH Groupe SAS, presenting itself as a Europe-grown rival to Amazon’s cloud business, is growing sales 30 percent a year and making profit running data centers in Europe.


“We can guarantee our customers the sovereignty of their data, which is more than Amazon or other rivals can offer,” Founder and CEO Octave Klaba told reporters in October."

https://www.bloomberg.com/news/artic...erica-does-too


"We need to now find a software layer to deal with the situation."

One hopes not the same one utilised to design the 737MAX software/training and aircraft manuals.

So it appears that no other company has an annual audit by NSC. I'm sure all the others, excluding Cisco, who inform users of it's equipment they do obey ameristani laws, have no security problems and do not obey their counties laws.

Thanks for you opinion.

Originally Posted by harrybarracuda

None of those countries have laws that let their governments hack companies and steal data, or force their own companies to handover data to the spooks.

Originally Posted by OhOh

Under the act, all U.S. cloud service providers from Microsoft and IBM to Amazon -- when ordered -- have to provide American authorities data stored on their servers regardless of where it’s housed

Still struggling to understand what "Due Process" means I see.

I think foobar is dragging you down to his level.

^The usual imaginary distinctions from Lord HawHaw ..the fact is no other country hacks the world more than America, and its all sanctioned by the US legal system, in fact the US government demands it and forces US tech companies to install backdoors in their products and to give the keys to the NSA, even when its not sanctioned they do it anyway.

Originally Posted by foobar

^The usual imaginary distinctions from Lord HawHaw ..the fact is no other country hacks the world more than America, and its all sanctioned by the US legal system, in fact the US government demands it and forces US tech companies to install backdoors in their products and to give the keys to the NSA, even when its not sanctioned they do it anyway.

And this imbecile doesn't even have a clue what the NSA were collecting.

He's such a stupid little boy.

Originally Posted by harrybarracuda

Still struggling to understand what "Due Process" means I see

We have had many examples of ameristani and it's vassals understanding of the phrase "due process".

The latest being the illegal collusion between FAA and Boing ,Boing airplanes, which so far, has caused 500+ innocent souls to die.

Originally Posted by OhOh

We have had many examples of ameristani and it's vassals understanding of the phrase "due process".

The latest being the illegal collusion between FAA and Boing ,Boing airplanes, which so far, has caused 500+ innocent souls to die.

You're really trying to compare this with the chinkies ordering its business to spy on foreign companies and steal as much IP as they can get their grubby little hands on? And making it legal for their intelligence services to hack foreign companies?

Oh dear.

Chinkies just can't be trusted.

Huawei savaged by Brit code review board over pisspoor dev practices

Britain's Huawei oversight board has said the Chinese company is a threat to British national security after all – and some existing mobile network equipment will have to be ripped out and replaced to get rid of said threat.


"The work of HCSEC [Huawei Cyber Security Evaluation Centre]… reveals serious and systematic defects in Huawei's software engineering and cyber security competence," said the HCSEC oversight board in its annual report, published this morning.

https://www.theregister.co.uk/2019/0...annual_report/

Originally Posted by harrybarracuda

some existing mobile network equipment will have to be ripped out and replaced to get rid of said threat

One wonders whether the "replacement" equipment will be Huawei or some other kit, certified by an Annual NSC Audit report issued by UK Cyber Security Evaluation Centre.

Originally Posted by OhOh

One wonders whether the "replacement" equipment will be Huawei or some other kit, certified by an Annual NSC Audit report issued by UK Cyber Security Evaluation Centre.

That's because one is a chinky brown noser.

Belgian cybersecurity agency finds no threat from Huawei, as US increase pressure
April 16, 2019

Belgium’s centre for cybersecurity has found no evidence that telecoms equipment supplied by Huawei Technology could be used for spying. The news comes as US authorities renew their campaign in Europe against the Chinese telecoms giant.

The agency, which reports to the Belgian prime minister, had been tasked with analyzing the possible threat posed by Huawei, which supplies equipment to Belgian mobile operators Proximus, Orange Belgium and Telenet.

“Until now we have not found technical indications that point in the direction of a spying threat,” a spokesman for the agency said on Monday. “We are not providing a final report on the matter, but are continuing to look into it.”

Meanwhile, the United States will push its allies at a meeting in Prague next month to adopt shared security and policy measures that will make it more difficult for China’s Huawei to dominate 5G telecommunications networks, according to people familiar with the matter and documents seen by Reuters.

The event and broader U.S. campaign to limit the role of Chinese telecommunications firms in the build out of 5G networks comes as Western governments grapple with the national security implications of moving to 5G, which promises to be at least 100 times faster than the current 4G networks.

The issue is crucial because of 5G’s leading role in internet-connected products ranging from self-driving cars and smart cities to augmented reality and artificial intelligence. If the underlying technology for 5G connectivity is vulnerable then it could allow hackers to exploit such products to spy or disrupt them.

The United States has been meeting with allies in recent months to warn them Washington believes Huawei’s equipment could be used by the Chinese state to spy. Huawei Technologies Co Ltd has repeatedly denied the allegations.

Officials from more than 30 countries will meet May 2-3 to agree on security principles for next-generation telecoms networks, said Robert Kahofer, chief of cabinet at Czech cybersecurity agency NUKIB.

A U.S. official familiar with the plan said the Prague meeting marks a strategic shift in how the U.S. government plans to urge allies to drop Huawei and other 5G vendors in the future, which Washington believes pose a risk to national security. The official described the approach as “softer.”

A Huawei spokesman did not immediately respond to a request for comment. U.S. proposals for the Prague meeting urge governments and operators to consider the legal environment in a vendor’s country, how much state support a company receives, transparency of corporate structure, and trustworthiness of equipment. It also calls on partners to prioritize security and work together on investigations into cyberattacks aimed at 5G architecture.

The documents do not mention Huawei, the world’s largest telecoms equipment maker, by name, but U.S. officials said they hoped it would provide the “intellectual framework” needed for other countries to effectively bar Chinese vendors. In August, U.S. President Donald Trump signed a bill that barred the U.S. government itself from using Huawei and ZTE Corp equipment.

“The goal is to agree upon a set of shared principles that would ensure the security of next-generation telecommunications networks,” said one of the officials, who spoke on condition of anonymity to discuss private conversations.

The Prague conference has been organized by the Czech foreign ministry with support from NUKIB, said Kahofer. The foreign ministry did not respond to requests for comment.

Delegations from all of the European Union’s 28 member states, as well as the European Commission, NATO and around eight other countries including the United States and Australia are expected to attend, Kahofer said.

China and Russia have not been invited, he added, but stressed that the event was not “an anti-Huawei or anti-China conference.” Europe has emerged as a key battleground for the future of 5G, with the United States pushing allies and partners to bar Chinese vendors but European governments wary of the trade and economic consequences of angering Beijing.

Internet service providers have also warned that banning Huawei would incur huge costs and delay the rollout of 5G by years. A senior U.S. cybersecurity official said last week Washington wanted European governments to adopt “risk-based security frameworks”, citing recent moves in Germany to implement stricter security standards for all 5G vendors, and that doing so would effectively rule out using Huawei and ZTE.

“The United States welcomes engagement from partners and allies to discuss ways that we can work together ensuring that our 5G networks are reliable and secure,” said White House National Security Council spokesman Garrett Marquis.

Officials in Britain, which last month exposed new security flaws in Huawei equipment but says it has found no evidence of Chinese state interference, have also spoken of “raising security across the board” for 5G. The European Commission said in March that EU nations would be required to share data on 5G cybersecurity risks and produce measures to tackle them by the end of the year.

https://www.euractiv.com/section/5g/...ease-pressure/

Out of the box, even with the Huawei shit turned off, the shiny new Huawei P30 (the one they published the fake camera photos for) immediately starts sending data back to Chinky government websites.

Leave this one alone.

Dirty chinky spies.


https://github.com/pe3zx/huawei-block-list

It seems the leaking of this meeting has caused consternation in the intelligence and counter-intelligence communities. No doubt May was trying to railroad this through on the sly to try and get a trade deal and blow her own trumpet per-Brexit.

I think that ship sailed a long time ago.

Everyone knows the chinkies are not to be trusted.

Originally Posted by harrybarracuda

Everyone knows the chinkies are not to be trusted.

It appears that 78% of the worlds countries representatives disagree with you (150/193). If one is to assume the countries representatives are attending the BRI meeting month for reasons other than collecting air-miles.

Everyone knows the chinkies are not to be trusted.

One of the US’s best known hospitals, MD Anderson Cancer Center in Houston, Texas, is dismissing three Chinese American scientists after the National Institutes of Health singled them out by name in complaints, alleging that their NIH grant applications had concealed extensive links to Chinese institutions and that they posed a threat to US funded intellectual property.


The dismissals may herald others across the US, indicate recent warnings from the NIH director, Francis Collins, who told a Senate hearing earlier this month that his agency had sent similar letters to “more than 55” institutions. These followed an open letter sent last August to more than 10 000 institutions warning them that “foreign entities have mounted systematic programs to influence NIH researchers and peer reviewers.”

https://www.bmj.com/content/365/bmj.l1911

Originally Posted by OhOh

It appears that 78% of the worlds countries representatives disagree with you (150/193). If one is to assume the countries representatives are attending the BRI meeting month for reasons other than collecting air-miles.

Collecting brown envelopes and cake tins would be closer to the truth.