One answer is that you don't need to manufacture custom equipment with escrowed keys to infiltrate communication systems any longer. The Israeli's were using stingrays in Washington, DC just last year to spy on officials. You could probably build a stingray using open source software and a software-defined radio USB stick.
You can't trust the network. Rather than trying to avoid Huawei, energy should be spent engineering things so Huawei equipment doesn't need to be trusted. Until then, China and everybody will continue to be able to snoop, regardless of who built the network components.
this is also why the us wants to avoid Huawei. letting Huawei in and doing that engineering makes the American spies' job harder than keeping the ruse going
Australian PM basically confirmed this conspiracy theory recently, the main risk AU intelligence identified in Huawei hardware wasn't interception of intelligence by China* rather denial of access to networks with Huawei hardware which compromises intelligence sharing, i.e. it makes it harder for FVEY agencies to spy on each other's citizens. Also puts in perspective William Barrs' recent comment on buying controlling share in Ericsson or Nokia.
There's also the drama last year where US claimed Huawei technicians was helping Uganda and Zambia spy on political opponents. Political opponents being Washington friendly anti-establishment candidates, and helping being acceding to request for lawful interception duties as vendor. To be fair the technicians also helped used Israeli spyware to extract Whatsapp data. The TL;DR of the entire debacle being Chinese hardware actively undermines US foreign influence operations abroad.
*I surmise the reason US is having so much trouble producing convincing evidence of Huawei malfeasance is that China actually haven't exploited Huawei hardware because they don't want to risk damaging the brand's reputation. That's not to say China doesn't spy, of course they do. They just have the capability to do so without going through Huawei.
Still, given the extraordinary claims the proof on Huawei seems to be spread thin. I know they "theoretically could" surveill everything, but actual proof isn't really there (yet) afaik and this while there are parties with considerable interest to proof their wrongdoing.
Which leaves three explainations:
1. The chinese are so good the 5 eyes can't proof it
2. The 5 eyes can proof it but don't dare to for certain reasons (which wont stop independend researchers)
3. It doesn't actually happen (yet)
Meanwhile we've got tons of actual backdoors from the US side.
The PLA members being charged with the Equifax hack to me was a statement that they probably -do- know some things but do not wish the political turmoil that would result.
But what does that have to do with Huawei and 5G? The Equifax exfiltration exploited bugs in an internet-facing Java application. Likewise for previous incidents, such as the exfiltration of data from the Office of Personnel Management. In both those cases and others the U.S. government publicly fingered China. Publishing technical details wouldn't have created any additional political turmoil, and in fact some technical details were published.
The U.S. government could divulge credible information about a particular Huawei attack, especially if it were as pervasive as they seem to claim. I can think of many reasons why they wouldn't do this (e.g. exploits make more than just Huawei look bad, such as other American suppliers), but few that bolster their case against Huawei as a distinct threat to telecommunications security.
Rather, it seems their beef with Huawei is two-fold: 1) generalized national security interest in preventing China from dominating the telecommunications market (i.e. concern over relative tactical and strategic positions of China and U.S. SIGINT capabilities), and 2) protecting the profit margins of Qualcomm and other American suppliers.
Huawei hacking to steal IP =/= Chinese government exploiting Huawei infrastructure to hack other nation states. The latter allegation has no credible public evidence.
Lots of US companies founded and operated by former military. Ren was a technical researcher for that didn't hold military rank. He wasn't even eligible for CPC membership due to parental ties to KMT.
Also lots of devices with bad security and spaghetti code. Huawei is probably the most scrutinized vendor in the last decade, national and private investigators from a host of countries found nothing to suggest links to Chinese espionage. Hundreds of mobile operators with years of experience found nothing. NSA with access to Huawei internal networks found nothing. GCHQ with Huawei code to audit found nothing. The only people who claim to have evidence but steadfastly refuse to release any until recently is current US administration with Mike Pompeo leading the charge. Which turned out to be non specific claims about legally mandated lawful interception function, aka Vodaphone SSH tier of vapidness. Unsurprisingly, this has convinced no new countries, and the countries have firm banned Huawei all have exeptional dependence on US security and intelligence sharing. With all that as the starting point, why would you ever trust allegations?
Even straight from this article:
>So one other - there was another Swiss company at the time - Gretag is what it was called - that was trying to become a rival to Crypto. And the CIA and U.S. intelligence helped to sort of orchestrate smear campaigns around the world to spread disinformation that Gretag's devices couldn't be trusted; there were vulnerabilities in them.
The playbook hasn't changed. Neither have the interests. There's nothing wrong with US intelligence pursing self interest based purely on the fact that Chinese are security competitors despite complete lack of evidence. But the only useful idiots are people who believe the US smear campaign around Huawei blindly.
>Malcolm Turnbull has warned Boris Johnson that allowing Chinese company Huawei to build Britain's 5G network would compromise the ability of the Five Eyes countries to collect and share intelligence.
>Mr Turnbull said the main risk the Australian security agencies had identified was not through potential Chinese interception of intelligence but by denial of access to the network.
If you follow the story closely, the intelligence community began to intervene loudly once US escalated to severing intelligence sharing if countries didn't ban all Huawei gear. To the point where you have UK firing defense minister over Huawei leak. Which is understandable, FVEY domestic security is built around hacking each other's citizens to get around domestic legislation and only NSA has access to western tech giants.
You absolutely could build a stingray with an SDR with OpenBTS, although I'm not sure how you'd get it to emulate 4G. As far as I know, OpenBTS only supports 3G.
For the lazy, a 3G tower dev kit from Range Networks is $8,000 [1].
AFAIK stingrays typically use 2G, since 3G and upwards have strong mutual authentication (i.e. the network authenticates the phone but the phone also authenticates the network). They just jam the 3/4G signal to make the target phone fall back to 2G.
At a glance I see a few articles, it looks like the topic came up in 2018 and 2019, potentially in different but related circumstances. One of those stories is from the Associated Press but the article I skimmed from them didn't make the Israel assertion and was more general. If I had to guess, the topic didn't gain much reaction because the most 'in-depth' articles are from infotainment rags like Gizmodo, Common Dreams, and Politico. Politico seem to have been there ones to break the 2019 story but I'm still reading so can't confirm that.
It's kind of interesting the lack of interest the media has in such a story. Would be interesting if there was a way to somehow float the same story except with a different country (say, Russia) alleged to have been behind the placement of the device.
Media attention was similarly short-lived regarding the closing of the Russian consulate in San Francisco and the Russian compound in Maryland.
Yes, Israel usually gets a pass on espionage, and Russian election interference is a years-long story. But in any particular incident it's hard to tell whether the public is disinterested in the incident or disinterested in the adversary. Plus, to be fair, reports of actual Russian incidents are fairly common. I mean, they've literally built a niche industry for social media hacking. Reporting on it is easy; you don't need to wait for intelligence leaks. And they publicly gloat about their strategy and tactics. By contrast, Israel is usually far more discrete[1] and publicly identified incidents are few and far between.
[1] Operationally and politically. They certainly don't gloat. They stick to a very strict recitation: "Israel does not spy against the United States."
You can't trust the network. Rather than trying to avoid Huawei, energy should be spent engineering things so Huawei equipment doesn't need to be trusted. Until then, China and everybody will continue to be able to snoop, regardless of who built the network components.