Last week, a contributor to Bloomberg, ran an opinion piece titled “U.S. Spies Think China Wants to Read Your E-Mail” (link: https://www.bloomberg.com/view/articles/2016-09-13/u-s-spies-think-china-wants-to-read-your-e-mail).
The article reports on a supposed new “intelligence community” (so many ironies there) review of “the national security implications of Huawei's potential participation in building the U.S. 5G wireless network.”
Please recall, I currently work for Huawei, but the views expressed on this blog are mine alone.
The article features no shortage of references to Mike Rogers’ 2012 Congressional “Intelligence” (there’s that word again) Committee “investigation" of Huawei, which produced a report which was aptly dubbed by The Economist as “written for vegetarians,” and has been otherwise pretty much soundly discredited by anyone with half a brain, or even less.
What’s really going on?
Well, it seems someone somewhere in the “intelligence” (yet again) community woke up to the fact that the world’s leader in next generation networks is a multinational which happens to be headquartered outside the U.S. (which, of course, today, they ALL are), even, shudder, in China.
It's a titillating story, but it’s about nonsense.
Let's parse the article.
The grand conspiracy suggested between a government and a globe-straddling multinational to inject “microscopic beacons” into hundreds of thousands or millions of units of hardware is unsustainable.
China-based companies like Huawei that operate globally employ many thousands of non-Chinese, just as multinational American-based tech vendors employ thousands of non-Americans.
Infecting countless units of hardware would be too visible to too many who would clearly object.
This is why we’ve read about American service providers being wittingly (if unwillingly) compromised by the NSA, but we’ve not read the same about U.S. hardware vendors.
“Tapping” a service provider is (or was) as easy as the government telling the C-Suite and the Legal Office that they're going to do it and the company is legally obliged to allow it. A tidy, manageable (until recently) little conspiracy.
Not the same with the hardware vendors.
Indeed, what we've learned instead is that American (and foreign) hardware vendors have been “unwittingly” compromised.
A quick review of the NSA ANT catalog (linked) shows how Dell, Juniper, Cisco, Samsung, Seagate, etc. – and yes, Huawei – have had their gear exploited by the NSA.
Why the exploits?
Why not just ask these companies (at least the American ones) to implant tiny beacons?
Because, again, that is simply not a sustainable conspiracy and, once exposed, it would destroy a company’s global brand and business.
The whole premise is nonsense, regardless of where the global vendor may be headquartered, regardless of which government may aim to compromise them.
Compromises may indeed happen, but not with the complicity of the multinational vendor - they simply have too much to lose.
So, yet again, U.S. service providers, technology partners, employees, consumers, pretty much everyone, suffers the high cost-low quality result, as opposed to the rest of the world…