September 20, 2011

China, Russia Propose UN Cyber-Code

Concerns related to network- and cyber-security, which have increased rather dramatically in recent years, are reaching an all-new crescendo. Notwithstanding the sometimes-strident nationalist rhetoric of one or another country, what is missing from cyberspace are Geneva Convention-like international rules to standardize (and/or "govern") cyber-behavior.

And, lo (and behold), just over a week ago, on September the 12th, China, Russia, Tajikistan, and Uzbekistan asked the UN Secretary-General to circulate a proposed voluntary International Code of Conduct for Information Security at the 66th session of the General Assembly (taking place this week in NYC), and further called on UN member countries to consider the document as a framework around which to reach a near-term consensus on international norms and rules standardizing national behavior related to information, cyberspace and network security.


...Wait. China, Russia? Really? Aren't these the cyber-bad guys? Or, are they just the ones that get caught more often than others, or, could it be that they're just more regularly on the receiving end of Western-based media attention than other cyber-perps?...

...Ok, ok, leaving that cynical tidbit-for-thought aside for the nonce, what does the proposed Code suggest?

Well, as should be expected of any formal intergovernmental document, the preamble is chock full of "recalling," "reaffirming" and "recognizing" to set the stage for the actual proposals, but it's worthwhile to take note of some (not all) of the lofty and unobjectionable objectives outlined in the lead up to the actual (remarkably brief) proposed code. To wit:

- Recognizing the need to prevent the potential use of information and communication technologies (ICTs) for purposes that are inconsistent with the objectives of maintaining international stability and security, and may adversely affect the integrity of the infrastructure within States, to the detriment of their security...

- Highlighting the importance of the security, continuity and stability of the Internet, and the need to protect the Internet and other ICT networks from threats and vulnerabilities, and reaffirming the need for a common understanding of the issues of Internet security and for further cooperation at national and international level...

- Recognizing that confidence and security in the use of information and communications technologies are among the main pillars of the information society, and that a robust global culture of cyber-security needs to be encouraged, promoted, developed and vigorously implemented...

Good stuff. Good framework. What about the key elements of the proposed Code?

Well, each State voluntarily subscribing to the Code would pledge, among other things not related directly to network/cyber-security:

- Not to use ICTs including networks to carry out hostile activities or acts of aggression and pose threats to international peace and security;

- Not to proliferate information weapons and related technologies;

- To endeavor to ensure the supply chain security of ICT products and services, prevent other states from using their resources, critical infrastructures, core technologies and other advantages, to undermine the right of the countries...or to threaten other countries' political, economic and social security.

- To lead all elements of society, including its information and communication private sectors, to understand their roles and responsibilities with regard to information security, in order to facilitate the creation of a culture of information security and the protection of critical information infrastructures.

Again, good stuff. Cyber-motherhood and broadband apple pie, as it were...

Hey, I'm the first to admit that rhetoric is little more than nothing in the absence of action and accountability, but that's no reason to look a rhetorical gift horse in the mouth. It is in all of our best interests and the interest of global commerce and security - physical and digital - to address the proliferation of cyber-threats. Any UN member country that rejects or ignores either the call for action or the proposed Code should at the very least be challenged to deliver an alternative.

This should be interesting to watch...

Meanwhile, in other news, Network World reported yesterday on an interview/Q&A with former cyber-security czar Richard Clarke. Clarke, who served in the State Department under Reagan, as chair of the Counter-terrorism Security Group and member of the National Security Council under Bush I, as National Coordinator for Security, Infrastructure Protection, and Counter-terrorism (the chief counter-terrorism adviser on the National Security Council) under Clinton, and Special Advisor to the President on Cyber-security under Bush II, had some interesting answers to some probing questions, including:

If you had the influence, what would you change to improve U.S. cybersecurity?

"...In a regulated industry -- finance, power and telecommunications -- I'd require all the software be vetted for all kinds of mistakes."

When the question of supply-chain security comes up, and with so much manufacturing coming from China, do you think there's reason to be concerned about security of products made in foreign countries where sometimes there are political tensions?

"My attitude is whether it comes from New York state or Shanghai, it probably has the same risk in software. There are people in the U.S. who can be bribed, too."

I think that pretty much sums it up folks: cyber-security is a global issue demanding global solutions - solutions that are agnostic to infrastructure provider and/or geography...

Stay tuned.

** cross-posted to Facebook from **

July 24, 2011

Cyber Security: A Fact-Based Primer

While the mainstream dialogue related to “cyber-security” most often focuses on issues related to consumer privacy and identity theft, the more cloistered industry and government debate circulates around espionage and so-called cyber-war. The concerns are legit, but the debate is all-too-often hijacked by political or competitive agendas, undermining progress towards true solutions.

So let’s try and dissect this - what are we talking about when we’re debating non-consumer-oriented cyber security concerns? While there are multiple and competing definitions of cyber security, most would all include at least the following: Network exploitation or attack, including espionage and/or the disruption of networks via software in or for or otherwise through the manufacture of network equipment, including via hardwired backdoors in chipsets, routers or other physical parts of the network.

In terms of potential “cyber weapons,” they might include: Unauthorized access to systems (hacking), viruses, worms, trojans, denial-of-service, distributed denial of service (including using botnets), root-kits and, of course, social engineering. Such tools can be used to compromise confidentiality or otherwise facilitate identity theft, web-defacement, extortion, system hijacking and/or service blockading. Key to note, cyber weapons can be used individually, in combination, and – generally most concerning - blended with conventional kinetic/physical weapons as force multipliers.

Who’s in the game? Pretty much everyone, ranging from the Russians to the Israelis, but the big dogs would be the U.S. and China, both of which have been quite public in communicating their cyber capabilities and intent. Indeed, reported instances of China-based cyber-incursions are significant. A couple of well-publicized examples:

Titan Rain (Government espionage) was a series of coordinated attacks with reported Chinese origin on U.S. Government, defense industrial base and R&D institutions, originally identified in 2003. Among other targets, hackers reportedly gained access to: U.S. Army Information Systems Engineering Command; Defense Information Systems Agency; U.S. Army Space and Strategic Defense Center; NASA; and Sandia Labs.

Night Dragon (industrial espionage), according to a February 2011 report from McAfee, was a coordinated series of cyber attacks which began in November 2009, aimed at global oil, energy, and petrochemical companies to harvest sensitive information on industrial operations in Kazakhstan, Taiwan, Greece, and the U.S. McAfee identified the tools, techniques, and network activities used in these attacks as originating in China.

But China is not alone in terms of being perceived (if not absolutely proven) to be engaged in strategic cyber warfare activities. Other examples, specifically geared to more concerning disruptive activities, include:

Estonia: In April and May of 2007, Estonia experienced a heavy barrage of coordinated cyber attacks against information networks, Government services and news portals. The attacks, which followed a decision to relocate a Soviet-era grave marker, were primarily in the form of distributed denial of services (DDOS), including the remarkably coordinated use of sophisticated botnets. The Russian Government was suspected but has not been proven to be responsible. While there were no long-term consequences from the attacks, short-term impact in terms of unavailability of online services were significant, particularly in a market where 98% of banking transactions take place online.

Georgia: In the weeks leading up to a Russian physical invasion of Georgia in 2008, Georgian communications, Government and financial networks came under significant cyber attack. While the immediate and most public perception of the assault was related to the defacement of Government sites, more impactful was the repeat of a strategic and coordinated DDOS attack which, as a force multiplier, disrupted communications and online activity impairing critical Government and citizen communications before and during the physical attack. While the cyber-attacks are widely believed to have originated in Russia, no Government involvement has been proven.

Iran: Stuxnet, a MS Windows computer worm, was discovered in July and 2010. Designed to target Siemens Supervisory Control and Data Acquisition (SCADA) systems, Stuxnet is the first discovered malware that spies on and subverts industrial systems . It is widely acknowledged that Stuxnet was targeted to disrupt the uranium enrichment infrastructure in Iran, with the U.S. and Israel most regularly referenced as the likely perpetrators, although without any proof having emerged. Notably, computers across the globe have been infected – an early example of cyber collateral damage.

These instances notwithstanding, in the U.S. the spotlight remains fixed on China, and U.S. authorities, politicians, pundits and media, perceiving China through the prism of the all-powerful State-controlled past – which is no longer a universal reality – regularly hand-wring about the potential for independent Chinese companies to do the Government’s bidding.

There are certainly some legitimate concerns to be had, but the legitimacy gets all too easily and quickly lost in fear- or politics- or commercially-competitive-based spin. After all, who’s to say what passes for a “Chinese” company today? If one were to be even marginally intellectually honest, and acknowledging for the sake of argument that the Chinese Government is just as committed to cyber tactics as is the U.S., wouldn’t one acknowledge that any company with a presence in China is vulnerable to Chinese Government manipulation, however well-hidden that might be?

Let’s consider this from the perspective of the information communications technology industry, one which has become utterly globalized, resulting in virtually every major ICT company having significant research and development, production and software coding capabilities in China. Why? Well, among other things, comparatively speaking, China possesses rich resources in available talent and low labor costs. Indeed, in 2010, China's college graduates reached 6.31 million, while in the U.S., the figure was 1.65 million. And, the average salary for an engineer in China remains below $10,000 a year, with the average disposable income per capita resting below $3,000, while in the U.S., it’s around $50,000 (and engineers command salaries many multiples of their Chinese counterparts). All of these – and other- advantages have attracted global ICT companies to move manufacturing bases and significant R&D functions to China.

So what does this mean in practice, in terms of major ICT players that supply the guts and intelligence to cyber-threatened global networks?

Ericsson: Ericsson opened its first office in China in 1985 and as of 2009 had 7,900 employees in China, 27 offices and 10 joint ventures. Ericsson’s second largest global supply hub is in Nanjing, China, producing wireless network equipment - over 50% for export. And, Ericsson has over 1700 R&D personnel in China and an annual R&D investment in excess of $155 million, developing as many as 100-150 products each year for Ericsson’s global markets (indeed, Ericsson’s first “3G” (WCDMA) base station was developed by Ericsson’s China R&D shipped to Europe in 2004). And, finally, Ericsson has a strong China-based service Organization featuring 36 customer network support centers and 5,000 local engineers.

Alcatel-Lucent: Shanghai Bell Telephone Equipment Manufacture dates back to 1983 (pre-Lucent AT&T) and, after uniting with Alcatel’s China-based operations following the Alcatel-Lucent merger in 2006, was ultimately renamed Shanghai Bell Co, Ltd in 2009. Shanghai Bell, employing approximately 10,000, is a 50-50 joint venture between Alcatel-Lucent and China’s State-owned Assets Supervision and Administration Commission of the State Council. Shanghai Bell hosts several China-based global R&D centers employing over 6,000 people, has full access to Alcatel-Lucent’s global technology resource pool and develops technologies that serve all of China and over 50 countries worldwide. And, Shanghai Bell’s two Chinese manufacturing bases generate products for fixed-network, mobile, optical, and multi-media with annual production values of approximately $2.48 billion.

Cisco: Since its entry into China in 1994 and the 1998 establishment of Cisco Systems (China) Network Technologies Co. Ltd., Cisco has promoted the development of Chinese innovation and the Chinese ICT industry. In1998, the Cisco Network Technology College project officially entered China establishing over 220 Cisco Network Technology Colleges that teach comprehensive courses on the latest network technology. In 2005, the Cisco China R&D Center was launched in Shanghai, accompanied by promises to further invest $37.7 million to co-construct 35 model software colleges along with China Ministry of Education. And, in 2007, Cisco announced investments and joint ventures in China totaling $16 billion, committed to expand its Networking Academies to 500 to train an additional 100,000, and to double its manufacturing in China (a production value of as high as $14 billion).

Intellectual honesty would demand an acknowledgment that to the extent that cyber security concerns are real (and they are), then they apply to all of these global companies with operations spread across the globe, including in China. And yet, in the U.S., the focus – for political and competitive reasons – circles around global players with a Chinese heritage, like Huawei, the second largest telecommunications equipment provider on the planet.

Why? Well, Huawei is based in China and the U.S. and Chinese Governments are engaged in competition on multiple fronts, from politics to economics, and beyond. And, well, like the U.S. Government, the Chinese Government has been vocal about its cyber-intent and, certainly more public than any American activities, China-based cyber-incursions into foreign networks are well- and regularly-reported. So, with all of that in mind, ill-founded beliefs that Huawei is somehow state-influenced contribute to ill-founded fears that Huawei might facilitate Chinese Government-endorsed espionage or disruption.

Without getting into the silliness of such concerns in the context of a global leader with a presence in 140+ markets and far more sales outside China than within, intellectual honesty would still demand that any true solution to cyber security concerns would demand agnosticism. Consider:

The quality and integrity of Huawei solutions have been audited and passed the security requirements of 45 of the world’s top 50 global operators and no company or government has found Huawei solutions to vary from international standards in any manner material to security. These are facts. And, given that Huawei’s solutions are built to the same global standards as those of competitors, all of which manufacture product and code software in China and all of which share common potential vulnerabilities in component and code origin, manufacturing, logistics, distribution, installation and support, it is intellectually honest to say that Huawei’s solutions are no less secure than the equipment its ICT peers.

So where does this leave us? Well, if we take a fact-based, intellectually honest and politics-free approach, we should all agree that legislation, regulation or policy intended to address cyber-security concerns based on a company's country of headquarters is akin to throwing a mosquito net over a reservoir to prevent an outbreak of cholera…

…Not only is the prophylactic mis-used (mosquito nets are of course meant to manage the spread of pest-borne malaria), but such measures do nothing to address the true issues of plumbing, sanitation and water supply.

The facts are that true, rational and effective solutions to cyber-security concerns will only emerge from an industry-led, non-politicized, pragmatic process that acknowledges the common vulnerabilities of all ICT companies and addresses the challenges in a manner agnostic to nationality.


June 16, 2011

Calling Foul On Exim's Huawei FUD

In a speech at the Center for American Progress in Washington, D.C. on June 15, 2011 (yesterday), Fred Hochberg, the Chairman and President of the Export-Import Bank of the United States, detailed "How the U.S. Can Lead the World in Exports: Retooling Our Export Finance Strategy for the 21st Century." Among other things, Hochberg bemoans "the proliferation of state-directed capital into the global marketplace" as disadvantaging U.S. firms. To the extent that such concerns are fact-based, they are legitimate. However, the legitimacy of Hochberg's arguments is effectively gutted by his willy-nilly parroting of what would seem to be competitor-inspired talking points.

Hochberg's speech (full text linked here), makes a number of factually false references to global telecom giant Huawei (recall, I work there).

Per Hochberg: "...One of the central reasons the company’s growth has been so dramatic – is that it’s backed by a $30 billion credit line from the Chinese Development Bank. This backing allows Huawei to significantly reduce its cost of capital and to offer financing to their buyers at rates and terms that are better than their competitors. This financing model not only affects the bottom line of companies trying to compete, but it also affects the bottom line of our economy – particularly as exports play an increasingly important role in our economic recovery and job creation. The reality is opaque state-directed capital allows foreign governments to target their financing at specific sectors and companies, while aggressively grabbing market share in an attempt to dominate a market."

All of that would be disturbing, if it were true. But it's not. And it is increasingly disturbing to hear U.S. government voices repeating statements that are patently false, and known to be so.

The facts:

The China Develop Bank (CDB) and Huawei have signed Memoranda of Understanding (MOUs) under which the CDB has indicated its willingness to make available export credits to potential Huawei customers. Such MOUs, which serve as marketing vehicles for the CDB to gain overseas business, are not the same as Lines of Credit because there are no funds actually committed by the CDB. One such MOU was signed in 2004 referencing $10 billion in credits with a five year validity period. A second MOU was signed in 2009 referencing $30 billion, also with a five year validity period. Since 2005, 35 Huawei customer projects have tapped the CDB export credits, with the aggregate amount of financing agreed to totalling $4.25bn, but with only $2.99bn having actually been extended to Huawei customers - at going market rates and according to open market-based practices. Huawei’s global sales over the same period exceeded $110 billion. Clearly, Huawei's growth is not driven by CDB or other "state-directed" support.

So, while we're at it, let's consider some additional facts. How does Huawei finance itself? Well, in terms of external financing,mainly through loans from commercial banks. Since 2000, with the growth in international markets and in order to prevent systemic risks, Huawei has adopted a diversification strategy in terms of financing resources, types and terms. Huawei now collaborates with 28 banks: 10 China-based and 18 non-China-based banks (Note: Huawei is now one of the top 50 global platinum customers of HSBC Bank, Citibank and Standard Chartered Bank). In total, these commercial banks have granted $25 billion in credit facilities to Huawei, at going market rates and terms, in compliance with the credit policies of each commercial bank, and in accord with relevant national and international laws and regulations. To date, Huawei has utilized $3.58 billion of the $25 billion, over 50% drawn from non-China-based banks.

Facts. They can be fun. Indeed, let me repeat one more set (verbatim from my June 5, 2011 post - linked here):

In his speech at the Center for American Progress, before blasting Huawei, Hochberg poses a number of rhetorical questions about America's long-term economic growth, quality of life and competitiveness. Perhaps Hochberg and others that view companies like Huawei through the complex geo-political prism of the U.S.-China relationship should jettison the politics and actually consider the answers to those very questions that he poses. Consider, for instance, the significant contributions Huawei makes to American innovation and livelihoods. In order to fuel Huawei’s global supply chain, in 2010 alone Huawei purchased more than $6.1 billion from major U.S. technology companies, indirectly sustaining over 30,000 U.S. jobs in addition to the 1,100 U.S.-based workers Huawei employs directly. Beyond that, each year, Huawei invests about 20% of its North American revenues into local R&D, totaling $135 million in 2010 alone. Yet further, Huawei is committed to university partnerships to foster the next generation of American telecommunications experts, investing more than $10 million in 2010 to support programs at Georgia Tech, Harvard, MIT, Stanford, UC Berkeley, UC Irvine, UCLA, UC San Diego, UT Austin, UT Dallas, Washington University and Yale University.

Food for thought...

June 08, 2011

Whither Nokia...

Since departing Nokia two years ago, I've posted to this blog a number of times on the company, at first reiterating thoughts related to what seemed (to me, at least) strategic mis-direction, later recalling key missteps and suggesting course-corrections, yet later wondering about potential Hail Mary solutions, and now, well, just wondering...

Nokia's share of the value-oriented smartphone market has plummeted from 49% prior to the 2007 introduction of the iPhone to 25% in the first quarter of 2011, with no bottom in near-term sight. Nokia's revenue and net income have declined by 10% and 39%, annually, on average, since 2008, and Nokia's market cap now rests somewhere around $23 billion - a gonad-shriveling fall from the peak of around $145 billion in late 2007. And, this year alone, Nokia's share price has dropped a whopping 35% - 19% in the last five days following the announcement of surprisingly "okay" first quarter results accompanied by very, very gloomy forward-looking guidance.


On the upside, Nokia remains an Interbrand "Top 10 Global Brand" (#8 in 2010 - although this is an iffy measurement of Nokia's brand "value," which is generally acknowledged to have collapsed over the last three years)) and is still the world's largest mobile phone manufacturer, selling as many as a million entry-level and feature (non-smart) phones a day. But, alas, even the slim margins on such volume-oriented product are increasingly at risk as a host of lower-cost rivals powered by disruptive enablers like Mediatek are eating away at Nokia's last bastion.

Damn (again).

It makes you realize that the Nokia fealty to Redmond pledged in February really is a make-or-break play.

I wonder, however, if we'll even get to see if it might work, as rumors of takeover abound. Last week, Microsoft was rumored to be contemplating a $19 billion buyout - both parties denied the possibility. Huawei, HTC and ZTE were mentioned as other possible suitors - none deigned to comment on market rumor or speculation. This week, Samsung has been suggested as yet another potential contender (doubtful, but, then again, snapping up the newly WP7-committed Nokia could address Samsung's historical hiccups related to Windows Mobile and could make them a leader in two of the three dominant mobile OS's). And, of course, Google has also been referenced as potential buyer (other than to derail Microsoft's near-term plans, I have a hard time imagining why Google would consider this. Maybe three years ago. But not today - they've got a healthy stable of venders building to Android, they don't need to own one).

All interesting possibilities, some more likely than others, but, long story short, I don't see any of this happening until Nokia does some serious housecleaning and experiences some additional and significant pain that no suitor would likely be willing to stomach. For instance, if Nokia were to bail on NSN, lay off a few more thousand employees and offload the low-end and feature phone business and related assets, the resulting newly-fit and trim Nokia "smartphone" business (incorporating the in-retrospect-remarkably-overpriced Navteq assets) with a market cap around $10 billion (and retaining a significant portion of today's $8-9 billion in cash) could be an attractive purchase.

Just wondering...

June 05, 2011

At the heart of FUD is fear - enough already!

Last week, The Economist featured an article about global technology leader Huawei - The long march of the invisible Mr. Ren (linked). All-in-all, it wasn't an imbalanced piece. It did, however, inspire some thoughtful clarifications, as follow (full disclosure, again, I work for Huawei):

Ours is truly a globalized economy and Huawei is the proof.

Born in the free-market Special Economic Zone of Shenzhen, Huawei epitomizes the Chinese version of the American dream: A start-up made big, owned by its employees, exploding across the global stage to lead markets and technological innovation. Indeed, Huawei, which blends its Chinese roots and local innovative and work-force advantages with the skills of the best-and-brightest recruited locally in markets worldwide, should be celebrated as a poster child for the global digital economy. And yet, as The Economist reports, there are indeed a handful of politicians in Washington who might well instead describe the company as somehow sinister and subsidized and linked to hostile forces. All of which is hogwash.

That Mr. Ren, Huawei’s Founder and President, does not have a history of doing media interviews is hardly grounds for suspicion, other than perhaps that he’s developed a pretty solid understanding of how the media works when it comes to Huawei. Nor is his over-a-quarter-century-old military service relevant in any way to his 20-plus year leadership of Huawei, or even unusual in the company of his global corporate peers. Indeed, if Mr. Ren weren’t Chinese – if Huawei did not have a Chinese heritage – we’d all likely have been spared years of undue media- and government-inspired Huawei-related FUD, particularly in the U.S. But, Huawei cannot change its roots in China any more than it can resolve the tensions between the U.S. and Chinese Governments which seem to be holding hostage Huawei’s further success in the U.S. marketplace.
To the extent that Huawei’s February 2011 Open Letter may not have offered sufficient fact-based clarification, particularly in the area of financing as indicated by The Economist, consider the following:

Huawei's financing – which is regularly mis-referenced as related to some sort of preferential government treatment - is mainly in the form of loans from commercial banks to meet Huawei’s capital structure and business planning requirements. Huawei’s approach is one of diversification: Huawei collaborates with 28 banks: 10 China-based, 18 non-China-based. In total, these banks have granted $25 billion in credit facilities to Huawei according to going market rates and practices. Huawei has utilized $3.58 billion of those credits, $1.88 billion from non-China-based banks, $1.70 billion from China-based banks.

Also regularly mis-understood are so-called “China Development Bank (CDB) lines of credit to Huawei.” The facts are that the CDB and Huawei have signed MOUs under which the CDB has indicated a willingness to provide export credits to potential Huawei customers. These MOUs are not lines of credit because the funds are not actually committed. Indeed, while one five-year MOU was signed in 2004 referencing $10 billion, and another in 2009 referencing $30 billion, since 2005 a total of only 35 projects have tapped the CDB export credits and only $2.99 billion have actually been extended to Huawei customers. Meanwhile, Huawei’s global sales over the same period exceeded $110 billion.

These are facts. So too are the significant contributions Huawei makes to American innovation and livelihoods. For example, in order to fuel Huawei’s global supply chain, in 2010 alone Huawei purchased more than $6.1 billion from major U.S. technology companies, indirectly sustaining over 30,000 U.S. jobs in addition to the 1,100 U.S.-based workers Huawei employs directly. Beyond that, each year, Huawei invests about 20% of its North American revenues into local R&D, totaling $135 million in 2010 alone. Yet further, Huawei is committed to university partnerships to foster the next generation of American telecommunications experts, investing more than $10 million in 2010 to support programs at Georgia Tech, Harvard, MIT, Stanford, UC Berkeley, UC Irvine, UCLA, UC San Diego, UT Austin, UT Dallas, Washington University and Yale University.

Huawei is no more mysterious than Mr. Ren is "invisible." Perhaps it is time to focus on the facts. In which spirit, I would add one more: In a market where an effective infrastructure vender duopoly exists, where there is no competitive incentive for the duopolists to innovate or rationalize their pricing, using non-commercial geo-politically-inspired shadowy “national security” excuses to lock out an innovative global technology leader with a history of competitive market-based pricing does a remarkable disservice to capital-sensitive local telecommunications carriers and each-and-every individual American consumer who very much wants to benefit from the affordable ubiquitous broadband services he/she deserves and has been promised.

You got some other "facts?" Then put up, or shut up. Enough already.

April 29, 2011

Patents, Perceptions and Paranoia

Interesting news this week in the ever-expanding arena of intellectual property rights lawsuits: China-based Huawei sued China-based ZTE for patent and trademark infringements. The quick takeaways are a) Companies with a Chinese heritage like Huawei have become world-class technology and IPR leaders and b) contrary to sadly-lingering dated beliefs, such companies solidly appreciate the value of IPR’s, respecting those of others, and fighting to protect their own.

The less obvious takeaway is what would seem to be the demonstration that the hysterical advocates that persist in driving the yet-more-unfortunate and slanderously-perpetuated misperception that Huawei is somehow controlled by the Chinese Government are, at best, on crack.

Think about it: ZTE, by its own admission, is somewhere between 15-20% owned by organs of the Chinese Government. Huawei, privately held by its employees, is regularly and wrongly reputed to also be under some or another nefarious Red thumb. So… for those that purport to subscribe to this latter belief (and I say “purport” because I’m pretty sure that anyone with half a mind knows that it’s all bullsh*t, but some folk nevertheless maintain the charade in order to drive parochial xenophobic or anti-competitive agendas), Huawei suing ZTE would amount to the Chinese government suing itself. Really?

…but wait, having spent the better part of the last year learning how the average paranoid half-a-mind functions, could it all be a ploy, a marvelously Machiavellian machination?

I bet they’ll be thinking something like this: In an elaborate multi-decade plan, the Chinese Government manipulated Huawei’s R&D to ensure that Huawei would over the years invest in and develop and patent specific technologies after which the nefarious Reds arranged for ZTE to pirate the same technologies in order to set up a scenario years later in which Huawei would sue ZTE with the real goal having all the while been for Huawei to prove it is in fact not controlled by the Chinese government.

Yeah, right, and the White House faked Obama’s birth certificate (incidentally, that last comment was “not intended to be a factual statement”).

Whatever… At the end of the day, notwithstanding a decade of blended accidental and contrived misperceptions related to Huawei, the truth will ultimately out, and the truth is that Huawei defines the essence of tomorrow’s successful companies – a multinational technology leader strategically leveraging markets and minds across the planet to most efficiently deliver the highest quality technology, solutions and services.

April 11, 2011

The E’s New C's, by HCA (1837) – Recast (2011)

There once (still) lived a lawmaker who was so bent on bashing certain foreign-based telecommunications companies and forwarding select special interests that he devoted countless taxpayer-funded hours to pursuing his agenda by spreading ill-founded rumors and falsehoods. He did not, seemingly, care for his constituents, who would benefit from a more competitive telecommunications marketplace, and, it seemed, sticking to the facts did not interest him; the only thing, in fact, he obsessed on was issuing multiple mis-informed missives to random Cabinet offices unfairly attacking said companies. He had a bit of myth or innuendo for every hour of the day, and for every letter he sent; and as one would say of a king “He is in his cabinet,” so one could say of him, “He is writing hate mail.”

The great city where he resided was very partisan; every day many lobbyists from both sides of the aisle circulated the Halls of Parliament. One day, a number of mysterious characters called on the lawmaker; calling themselves secret-keepers, they made people believe that they had information that could prove all of the as-yet-unfounded myths and rumors to be true. Their stories and facts, they said, were not only exceptionally damning, but they were of such a level of classification as to be un-disclosable, and, further, would only be doubted by any man who was unfit for his office or unpardonably stupid.

“Those must be wonderful secrets,” thought the lawmaker. “If I were to repeat such rumors and innuendo, I should be able to not only maintain my bashing, but also find out which Parliamentarians are unfit for their places, and to distinguish the clever from the stupid. I must have access to these secrets without delay.” And, so, he bestowed monstrous credibility to the secret-keepers, in exchange for which they committed to set to work without any loss of time. The secret-keepers donned their sunglasses and sped off in black Suburbans and otherwise pretended to be very hard at work, but they did nothing whatsoever related to fact-checking their intelligence.

Not long later, the lawmaker thought: “I should very much like to know how they are getting on with the secrets.” But he felt rather uneasy when he remembered that he who might doubt the secrets was not fit for his office. Personally, he was of the opinion that he had nothing to fear, yet he thought it advisable to send somebody else first to see how matters stood. Everybody in the city knew how remarkable the secrets were, and all were anxious to see how stupid their neighbors were.

“I shall send my Staff Director,” thought the lawmaker. “He can judge best the nature of these secrets, for he is intelligent, and nobody understands his office better than he.”

The Staff Director went to meet with the secret-keepers and, after a lengthy briefing, thought “Heaven preserve us! There’s nothing substantive behind any of these secrets, other than that they are defined as ‘secret’ and cannot be disclosed.” But he said nothing. The secret-keepers asked again and again: “Is it not frightening? Are you not concerned? Our country is threatened, is it not?” The Staff Director tried his best to see reason or rationality behind the swirling innuendo, but could not do so. “Oh dear,” he thought, “can I be so stupid? I should never have thought so, and nobody must know it! Is it possible that I am not fit for my office? No, no, I cannot say that I doubt the secrets.”

“Have you got nothing to say?” asked a secret-keeper, while he pretended yet again to be busily fact-checking.

“Oh, yes, your secrets are very enlightening,” replied the Staff Director, looking through his glasses. “Our country is in danger! I shall tell the lawmaker that these matters are not to be doubted.” The secret-keepers then leaped back into their ebony Suburbans and, Bluetooth encumbered, tore away, saying nothing to the no-ones over their empty lines, ever preserving their pretense as protectors of truths.

Soon afterwards the emperor sent another Staff Member to the secret-keepers to see how they were getting on, and to learn if they had concocted any new and fabulous secrets. Like the Staff Director before him, this staffer too tried and tried to elicit some fact-based justification behind the litany of “secrets” presented by the keepers. “I am not stupid,” thought the man, “but these secrets seem nothing but myth and innuendo. I must not let anyone know my thoughts.” So he praised the secrets, and the keepers themselves for the integrity of their fact-checking and their high levels of clearance. He returned to the lawmaker and reinforced the inviolability of the keepers’ product.

Everybody in the whole town talked about the worrisome secrets, even the media, which, while perhaps skeptical, were as often as not driven more by recounting a steamy story than investigating the facts. At last the lawmaker himself decided to visit the secret-keepers to sample their wares firsthand. With a number of staff in tow, including the two who had already been there, he called on the clever keepers, who tirelessly plied wireless keyboards and mobile phones, which may or may not have had any connectivity. Upon hearing a freshly-concocted batch of innuendo, the two staffers who had been there before said: “Are these not magnificent secrets?” “How inflammatory! How damning!.”

“What is this?” thought the lawmaker, “Statements of so-called fact with no substantive backing beyond ‘it’s classified.’ This is terrible! Am I stupid? Am I unfit to be a lawmaker? That would indeed be the most dreadful thing that could happen to me. I cannot voice my thoughts.” So, instead, he said: “Really,” turning to the keepers, “your secrets have our most gracious approval;” and, nodding contentedly, he silently pondered the empty rumors, for he simply could not say what he was thinking aloud. All of his staffers similarly mulled quietly, and, although they too - if intellectually honest - were skeptical, like the lawmaker, they nodded their communal consent. And all advised him to add references to the secrets to his next missive.

A few days later, with staffers and other lawmakers atwitter (in every sense), and the media poised over their figurative pens, the lawmaker issued yet another roundhouse letter, chock full of glorious secret-keeper myth and misinformation. “Are we not frightened?” postured the lawmaker. “What horrific threats,” he scare-mongered. His comments were echoed, hollowly, by a lawmaker or two, and his letter, handily leaked to key media, drew the requisite headlines. In short, there was great and political harrumphing and marvelous media hype.

“But there’s nothing to it,” said a lone but brave blogger. “It’s just a bunch of protectionist, xenophobic crap with no basis in fact.” “Good heavens! Listen to the voice of an uncompromised and honest observer,” posted an anonymous commenter. And another posted the same, and another, and yet another. And they asked for facts, for truth. And they objected to misinformation, intended or otherwise. And this made a deep impression upon the lawmaker, for it seemed to him, at last, that they were right; but, he thought to himself, “Now I must bear up to the end.” And he continued to sling mud, cushioned by loyal staff, and an ever-dwindling handful of lawmaker colleagues.

February 13, 2011

Disinformation 101: Hua Mei (not Huawei) and Iraq

Long-lingering innuendo suggesting that Huawei supplied fiber optic equipment supporting Saddam Hussein’s Iraqi Air Defense Communications Network appears misleading, whether or not intentionally.

Over the last eight months, an August 18, 2010 letter from eight Republican Senators to Obama Administration Cabinet officials (link to the letter),referencing the purported sale by Huawei of advanced fiber optics equipment used to support Saddam Hussein’s Iraqi Air Defense Communications Network, has driven countless media reports on the same topic. The August 18 letter contained the following hearsay “The Iraq Survey Group reported that Huawei sold communications technology to Saddam Hussein' s regime in possible violation of UN. Sanctions…Some reports indicate that this communications technology included fiber optic equipment used in Saddam Hussein' s air defense network, which routinely fired on US. military aircraft.” (Two subsequent Congressional letters have made similar, if less detailed, references)

The August 18 Senators’ letter did not footnote the “Iraq Survey Group” report, but it did footnote a March 19, 2001 Asian Wall Street Journal article (link to mirror) reporting “U.S. intelligence sources confirm…that Huawei Technologies, one of China's leading makers of communication networks, has helped Iraq outfit its air defenses with fiber optic equipment.”

According to multiple online references, the Iraqi (purportedly NATO code-named "Tiger Song") fiber-optic air defense system may in fact have incorporated American-made technology that evaded export controls administered by the then-Clinton Administration Commerce Department. Specifically, a U.S.-China joint venture called "Hua Mei" is said to have facilitated the sale of advanced, secure AT&T (pre-Lucent) fiber-optic communication systems for "civilian use" inside China.

The U.S. side of the joint venture is reported to have included two American companies: SCM and Brooks Telecommunications International Inc.

The Chinese side of the Hua Mei venture was reportedly run by a newly-formed firm, "Galaxy New Technology," run by a PLA Lt General who was married to the then-head of the PLA military research bureau (COSTIND – the Commission on Science and Industry for National Defense).

It is rumored that the PLA’s Electronics Bureau subsequently modified the American fiber-optics communication system, changing it into a secure air-defense/missile command system, and then exporting the newly modified system to Iraq.

Suggestions that certain Department of Defense entities (specifically the Defense Technology Security Association – DTSA) may have objected to the technology transfer to Hua Mei were addressed in a DoD letter responding to then-Chairman of the House of Representatives Committee on National Security Floyd Spence, who was one of those expressing the concerns (link to DoD correspondence with Chairman Floyd as reportedly obtained via a Freedom of Information Act request – page down from the initial link). In short, the DoD response to Representative Floyd communicated that there was no DTSA or other objection or, for that matter, any DoD review of the transaction due to coincidental 1994 amendments to U.S. Export Control rules which allowed for a new classification (GLX) for exports to civilian entities, beyond DoD’s purview. The DoD letter to Chairman Floyd specifically denied any knowledge of COSTIND or other PLA involvement in Hua Mei.

Further, again at the request of Chairman Spence, the U.S. Government Accounting Office (GAO) undertook a 1996 review “to determine (1) the civil and military applications of the exported telecommunications equipment, its availability, and the importance of these applications to China's military and (2) the process and rationale for liberalizing the export of telecommunications equipment, such as the ATM and SDH equipment shipped to Hua Mei.”

Among other things, the GAO’s resulting report (link to the full GAO Report) commented that while “U.S. company and government officials stated that Hua Mei was a civil end user,” the GAO found that, in fact, “Hua Mei, while a commercial enterprise, has as its principal Chinese partner, a company controlled by the Chinese military... Several members of the Hua Mei board of directors are military officers or have direct ties to the Chinese military. Such a high degree of involvement in Hua Mei could indicate a strong military interest in this company.” The GAO also noted that “The equipment was exported to Hua Mei without Commerce review, even though the company was partially controlled by several high-level members of the Chinese military.” In other words, commodity classification GLX should not have been applied had the facts been properly communicated.

Yet further, in 1997, Congressman Henry Hyde wrote Attorney General Reno a letter outlining his concerns about Galaxy New Technology (link to the Hyde letter). According to Congressman Hyde's letter to Reno, "In 1994, sophisticated telecommunications technology was transferred to a U.S.-Chinese joint venture called HUA MEI, in which the Chinese partner is an entity controlled by the Chinese military. This particular transfer included fiber-optic communications equipment which is used for high-speed, secure communications over long distances. Also included in the package was advanced encryption software."

Also in 1997, the Director of the Commerce Department’s Office of Strategic Trade and Foreign Policy Controls, responded to a Freedom of Information Act (FOIA) request communicating that the Commerce Department’s Bureau of Export Administration (BXA) had identified seven documents related to Hua Mei in its files (link to letter – scroll down). Commerce released three of the documents, withheld one, and referred to the State and Defense Departments to review and determine whether to disclose the other three documents, which Commerce reported to have originated from those Agencies.

The Hua Mei story went more or less dark after that.

The Huawei misinformation began to emerge a few short years later, such as in the Asian Wall Street Journal article referenced above, as well as other remarkably similar and contemporaneous media accounts, like the March 17, 2001 Washington Post article (link) reporting “Pentagon officials have accused the company [Huawei] of laying optical communications cables between Iraqi antiaircraft batteries, radar stations and command centers, which they say could significantly aid Baghdad’s efforts to shoot down U.S. warplanes patrolling the ‘no fly’ zones over northern and southern Iraq.”

And thus, notwithstanding the contradictory facts openly available on the public record, a myth was born, and has been perpetuated since...

February 04, 2011

Export Financing: Pots and Kettles

Big hullabaloo out of Europe this week, with a European Commission investigation reportedly finding that China's largest telecommunications equipment makers benefit from "massive" credit lines from state-owned banks. (see WSJ article)


Seems the Europeans are catching up to their American brethren who've been ramping up the crying-foul-rhetoric over such "preferential financing" for better than a year now. Frankly, if you consider the facts, it seems that there really aren't any pots or kettles in this global kitchen of ours that are not decidedly black.

Ah yes, facts...

Let's look at Huawei (full disclosure: I work there). In recent years, and increasingly stridently in 2010, there have been countless media reports and hyperbolic political rants about the $10 billion in "financing" Huawei purportedly received from the China Development Bank (CDB) in 2004. The fact is, Huawei received no such financing. Rather, the CDB essentially created a "buyer export credit" pool that Huawei's customers could borrow from, provided they met the bank's credit assessment, risk profile, etc. From 2004 to 2009, the total credit extended by or for Huawei's customers from the CDB amounted to around $5 billion (and far less was actually drawn), in pretty stark contrast to Huawei's almost $100 billion in sales over the same period. Doesn't seem as if "massive" Chinese Government credit lines had much to do with Huawei's growth, does it?

But hey, while were doing the fact-checking, let's review some of our other kitchenware. According to the U.S. Export Import Bank's website, specifically the "FY 2010 At A Glance" PDF, the Exim Bank supported over 3,500 transactions in support of U.S. export sales last year alone, to the tune of almost $25 billion in loans, guarantees, and export credit insurance. Last year alone. But all in accord with Organization for Economic Cooperation and Development (OECD) rules, right? Well, almost. According to a January 12, 2011 WSJ article, " a move crafted with White House involvement, the U.S. export-financing agency agreed for the first time to match China's cheaper financing terms to get the Pakistan government to buy 150 General Electric Co. locomotives." This, per the Journal, required the U.S. to "work with" the OECD to craft a "new loan model" to come up with the financing terms for the $477 million deal, "one of several steps the Obama administration has taken to pursue its goal of doubling U.S. exports over five years."

Don't get me wrong, I'm not criticizing the U.S. Government for trying to help U.S.-based companies compete against Chinese-based or other companies, nor am I defending any country's manipulation of the marketplace or other industrial policy. I'm just highlighting that we should at the very least remain intellectually honest about what's going on in the world. One-sided media reports and xenophobic political rhetoric that serve to fuel protectionist or, worse, nationalistic fervor, are not in our best interest as Americans. What we deserve, instead, is a fact-based and balanced dialogue.

But, wait, what about the Europeans? That's where this latest salvo came from, right?

Ugh... Europe's a lot of geography to cover, with far too many national and regional and pan-regional organizations and governments, etc. to consider, so, since all of this started around the telecommunications equipment industry, let's take a gander at Sweden, home to world-leading telecommunications infrastructure manufacturer Ericsson.

Sweden's EKN, per the website, "has been commissioned by the government to promote Swedish exports and the internationalisation of Swedish insuring export companies and banks against the risk of non-payment in export transactions...". Risk free. Nice. According to the EKN, the demand for its guarantees increased sharply during 2009, amounting to 80 billion Swedish Krone (roughly $12.5 billion), more than doubling the previous year. And, as of January 2010, the Swedish Parliament approved a doubling of the guarantee limit to 500 billion Swedish Krone (roughly $77.5 billion) - pretty impressive for a country with a mere 9.3 million inhabitants.

It will come as no surprise that, according to the 2008 EKN Annual Report, EKN guarantees backed "several large Ericsson transactions in India, Pakistan and Turkey." Go figure...

Again, I'm not taking sides, or endorsing anyone's policies or practices, I'm just pointing out that, strangely enough (or actually not at all so), the playing field is actually a lot more level than it is often portrayed to be.

So let's get to the real concern: Biased (intentional or not - I'll be gracious on that point) media reporting or government speak that mis-represents or one-sidedly presents the facts in order to push broader protectionist or nationalist agendas on an under-informed public. Indeed, if you follow the logic of some of the suggestions made in Washington and in the media related to certain Chinese telecom companies, you'd have to assume that should the U.S. and Pakistan go to war, GE - beholdened to the U.S. Government to the tune of almost half a billion dollars for the Pakistan train deal - would naturally respond to its government benefactor's military and political agenda and derail all of the Pakistani locomotives...

Silliness. Utterly ridiculous. GE is an independent global company with obligations and responsibilities in all of the markets in which it does business. GE doesn't answer to the U.S. Government any more than any independent Chinese-based or Swedish-based companies answer to their respective governments.

Enough already. Pot, kettle, black, indeed...