Congress Still Trying To Fund Plan To Rip Huawei Gear Out Of U.S. Telecom Networks
from the dysfunction-junction dept
Long before TikTok histrionics took root, you might recall that numerous members of Congress spent numerous years freaking about another Chinese company: Chinese telecom equipment maker Huawei.
The argument, made without much in the way of public evidence, was that Huawei was systematically using its network gear to spy on Americans at a massive scale. Congress then proposed a solution: it would require that U.S. telecom operators (large and small) rip out all Huawei equipment from their networks at great expense, then replace it with usually more expensive alternatives.
So in early 2020 Congress passed the Secure And Trusted Communications Act effectively banning Huawei from U.S. telecom networks. Congress doled out $1.9 billion to rip out and replace Huawei gear, but it’s estimated to cost around $5 billion to actually complete the effort. But instead of finishing the job, Congress fell asleep, resulting in huge costs for telecom providers (especially small ones).
Last week, the House announced it was finally prepared to vote on funding the $3 billion difference so that a job government started back in 2020 actually gets finished:
“The 1,800-page text was released late Saturday and includes other provisions aimed at China, including requiring a report on Chinese efforts to evade U.S. national security regulations and an intelligence assessment of the current status of China’s biotechnology capabilities.”
If Congress can’t fund the difference, it will mostly fall on the backs of smaller providers in connectivity-challenged rural areas, which risk curtailing coverage to parts of rural America we profess to care so much about. FCC officials have also indicated it could also harm the availability of reliable 911 services.
What nudged Congress out of its apathy? I’d wager it has something to do with the recent news that Chinese hackers infiltrated eight different unnamed U.S. ISPs. That massive attack was so significant ISPs say they still haven’t managed to root the invaders out of their networks yet (there is no evidence I’ve seen that Huawei gear played any specific role). A great job all around.
There’s a chasm between all the sound and fury aimed at shoring up U.S. privacy and security (see: our obsession with TikTok) and actual, coherent action. Congressfolk have been whining about Huawei’s purported security risks for the better part of fifteen years, and we still haven’t actually taken action to fix the problem. Too much time fighting over whether candy marketing is too sexy, I’d wager.
Filed Under: 911, china, congress, connectivity, digital divide, fcc, national security, privacy, rip and replace, security, telecom, wireless
Companies: huawei, tiktok
Comments on “Congress Still Trying To Fund Plan To Rip Huawei Gear Out Of U.S. Telecom Networks”
It would be a lot less expensive to tear down some of that equipment and examine it for any logic/feature that doesn’t belong there. Or put a firewall around the durn stuff so there are restrictions on where it connects.
Re:
Like what, ban all connections to China? That’d be problematic for anyone with family in China, at least. But also for anyone with investments in China, or who wants to study the foreign policy of China, or a thousand other legitimate things.
We’re talking about proprietary software. There’s no requirement for Huawei to disclose which features are supposed to be there, or how they work. That’s one of the real problems Congress should be addressing.
Another, of course, is that there’s nothing all that special about Huawei. It was Ericsson switches being abused in the 2004 Greek wiretapping scandal. And pretty much every router (or non-dumb switch) in history has shipped with significant security flaws. A smart person would be trying to mitigate the effect of compromise at each level. In other words, just assume all our network equipment has backdoors for China (we know it has backdoors for the U.S., because the U.S. has mandated them), and ensure people can communicate securely given that assumption. Internet security protocols generally do this, unlike telco protocols.
Re:
It would be a lot less expensive to tear down some of that equipment and examine it for any logic/feature that doesn’t belong there
There’s absolutely no chance they haven’t already done that so the fact that they didn’t immediately find something and wave it around to the public as a smoking gun is a pretty strong indicator that it’s not there.
Re: Re:
No, not really. They didn’t find Heartbleed, for example—or didn’t publically reveal it anyway—and it was in plain sight for years. All they had to do was read the published source code that they, the government, were relying on.
A good backdoor is indistinguishable from a common fuckup.
Re: Re: Re:
A fair point but but one which leaves them with ‘But they might have or add backdoors to this hardware, making it worth spending billions to rip it out and replace it’ and hoping people ignore that that same argument would apply to any other internet capable tech from china which, as far as I’m aware, is not also considered a National Security Threat worth spending billions to replace.
(Not to mention as I noted in my comment below if they really are after data on american citizens there are much easier sources that the USG refuses to prohibit or even meaningfully limit.)
The argument wasn’t that it was doing it. It’s that it could. It’s a risk argument.
Billions spent to make it slightly more inconvenient to do the same thing
One need only notice how specific the privacy concerns like this are to expose them as insincere, racism-based fearmongering with a dash of profiteering for the companies who stand to make a pretty penny by offering ‘replacement’ hardware.
If china or any other country wants to collect huge amounts of personal data on US persons they don’t need to go through the trouble of booby-trapping hardware, they can just buy it from the same unregulated data-brokers that the USG turns a blind eye to since it’s easier to buy from them than get warrants.
And still haven’t shown specific evidence of the hardware being backdoored, or even having an unreported Zero Day flaw.
My bet is: the NSA does have such a known flaw, and is keeping wraps on it because it wants to continue exploiting it.
Out of all the arguments for or against Huawei rip and replace “we don’t have public evidence they are doing it” is easily the weakest.
We know it’s possible for China to implement a supply chain attack, because we did it with Cisco gear.
We know they want to do it, because of Volt Typhoon and Salt Typhoon were by all appearances successfully executed.
We just don’t know (at least publicly) if they have already done it.
Re:
Those were believed to be targeted attacks, which means it’s very important to make such purchases anonymously. Or at least with no prior notice—it’s probably fine to go to the local computer shop and buy a bunch of hardware off the shelves via credit-card, but don’t place an order.
In related news, there’s a rumor that the U.S. government also wants to ban TP-Link products. Which would be unfortunate, because I’ve found their home routers to be good (of course, one should blow away the included firmware image, as with any such router—but all the manufacturers are pretty much using the same reference designs for hardware).
Re: Re:
Yeah. Nobody is buying backhaul gear anonymously, it’s large contracted purchases with long term support agreements. Huawei certainly knows who purchased athe equity, it might even know physically where it is installed.
Follow the money
I wonder where the original 1.9 billion went. Certainly not the big ISP companies like AT&T, Verizon, etc. Their PROFITS could cover the whole cost with only a minor glitch that they would then pass onto the customer in hidden fees to cover. Certainly it didn’t go there and magically get used up with little to no change. Why would the government giver them billions more just to keep their networks updated?
i’m shocked that no one has noticed how timely the entire huawei thing started once huawei phones were out selling iphones and apple got pissed, used lobbyists to pay off as many in congress as they could to get them to vote to ban huawei products…
i find it disgusting that congress would suck up to any corporation like this…. vote out all incumbent congresspeople!