The west is slowly starting to realize something that China has realized for years; economic policy is not a question of economics but of geopolitical strategy. Free markets are nice in theory (and often in practice), but once you let in bad actors with the clout of a nation state, all the usual assumption behind free markets no longer apply. It's pretty disappointing that, based on what we now know, western economists aided China in gutting western industry under the guise of "China is just subsidizing the west, we'd be stupid not to take advantage." Even worse, we had already rejected that argument when applied to companies like Walmart, but for some reason we thought it would apply to whole national economies.
> The west is slowly starting to realize something that China has realized for years; economic policy is not a question of economics but of geopolitical strategy.
I do not believe that this is a recent realization - this goes back to at least the Dutch East India company (VOC). The foundation of the British economy were the vast resources of the British Empire (read colonies) for many decades.
It's one of those things that the west knew and then forgot in the 90's after the cold war ended and we realized how great free markets were at improving people's lives.
"This new architecture provides a way to circumvent traditional security controls by exploiting equipment in the edge of the network – exploitation which may affect overall network integrity and availability, as well as the confidentiality of customer data."
Hey Australian Government. You know what also protects confidentiality of customer data? Encryption.
Encryption isn't a magic bullet. If you have good visibility into the network there's a hell of a lot you can do with traffic analysis and metadata. Plus, if you own the end-user device you can just go around the encryption since the data, by definition, has to be displayed to the user decrypted.
It's a hard problem. Encryption is part of the solution, but it's not the solution.
Excellent response, I've become quite sceptical of the Australian calls for encryption backdoors, frankly think the government knows they aren't necessary and can back down to appease the public while silently scooping up everything. Catchy lines like the laws of maths quote is a hugely successful distraction.
Mandatory metadata is already retained for 2 years at the consumers expense, no one has ever released how much or what is actually kept as all freedom of information requests by journalists have been denied. It's estimated that every adult generates around 15000 data points a day, it's known that mobile phone signal strength is kept allowing triangulation within 100m or so of every citizen every few minutes.
Last year alone there was over 300,000 warrantless requests made by 60 government agencies, many more are legally allowed to make requests, right down to small local councils in the middle of nowhere with 15 staff members and obscure agencies such as horse racing officials.
There's absolutely no oversight, I'm stuggling to imagine how many people it would actually take to investigate around 1000 requests a day, every day of the week.
It's only a matter of time before some serious abuse of the system occurs.
Cellular base stations allow a database of SIM cards to be created. This could be considered a superior tracker to advertisement IDs of Apple and Google. This is because the ID is retained between user equipment changes. This information is exchanged before actual data transmission, i.e., it does not matter even if the actual data would be encrypted.
I think it's inevident that the more precise geolocation data of 5G (due to an increased base station installations required by the mmWave frequencies) will be sold to advertisers. Essentially, Australia is betting that European manufacturers will respect privacy better than China - and sure, at least European companies do not need to hand over their data to authorities. Having seen surveillance implementations installed in Chinese IoT devices, it is more or less true that China is at least keeping the doors open for an intertwined database where information from various different Chinese companies can be built.
They're drafting a law that's going to require encryption backdoors. They're completely ignorant about the impossibility of having "secure backdoors", going as far as the Prime Minister saying:
> The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia.
I'm going to take issue with this, because I see this line of argument a lot on HN recently.
There is a fundamental difference between "like in kind" and "like in severity".
Do the US and China both monitor telecom? Yes.
Has the US built a national firewall? No.
Do the US and China both have legal processes for acquiring court ordered telecom intercepts? Yes.
Is the US legal system wholly subordinate to political goals? No.
Do the US and Chinese governments lean on companies to comply with their wishes? Yes.
Do US companies survive at the whim of the US government and generally lack independent legal recourse to fight pressure? No.
If you want to go through point-by-point with what's similar between Chinese and US data monitoring regimes, I'm happy to do so. But they aren't close to the same.
The real problem is that I'm not sure its really going to change anything. Do we really think that the Chinese can't hack our network gear? The SS7 hack was disclosed in 2008 and was ongoing until at least 2017, the last year I looked into it.
Nationalizing 5G or specifying a specific source of origin will help at the margins, but I'm coming to the conclusion that without a fundamental redesign of the internet security isn't possible. Even then, I'm not sure. Even if you somehow change the internet at the protocol level and magically make it secure form the legion of vectors the surveillance can just move somewhere else. Sell some rooted phones on eBay. Buy a security company or a social network. The Chinese bought 500px (a company I was CDS of for a year before I quit) for a hot minute before selling it back to the Americans (to Getty). With the RAWs they now have the sensor fingerprints of a ton of DSLRs tied to real email addresses, etc. Plus countless photos of naked people that were private.
Sure they could probably have gotten that data some other noisy way, but this is basically risk-free, and they probably made a profit on it by scaring Getty that the photo licensing business was about to get into a margins war with China.
I really dislike the "they're both the same" arguments. People do the same about the US political parties (and use this as an excuse to either not vote, or vote for their favorite side, based on this).
This thinking allows people to let the worse offender off the hook.
"they're both the same" is never an argument, it's a lazy cop out from someone who is either too cynical or disillusioned to care and do their own research.
Not a fan or defensor of China here; but the US has way more history of intervention in other countries; so I would be much much worried about US-based companies that provide searching or social networking services
but the US has way more history of intervention in other countries
Not exactly sure how'd you quantify it, but I think the people of Vietnam, Thailand, Laos, Malaysia, Cambodia, Taiwan, South Korea, Japan, Mongolia, Singapore, Tibet, Myanmar, and India might take issue with that claim[1].
Let's count have many government have been overthrown by each, how many wars have they both been involved, how many political parties or rebellions financed?
But China has a worse record of human rights abuses. In regards to intervention in other countries, China consumes them. Tibet, Taiwan no longer exist according to China.
They've all got bad history. If God existed and was to strike down on the unworthy nations of the world, very few would be spared.
And I dislike this as much as any rational person (hello? rational people...?) but if it came to choosing sides in what appears to be inevitable future conflict, I'd choose the US over China and Russia. I hate that it's the case, but the US, I think, is the least worst option. This may be based purely on cultural familiarity, but, well, there it is.
> This may be based purely on cultural familiarity, but, well, there it is.
Very much this.
> In regards to intervention in other countries, China consumes them. Tibet, Taiwan no longer exist according to China.
Oh dear. Taiwan never existed in the first place according to China because they didn't accept them becoming independent. (Protip: google how many countries actually regard Taiwan an independent nation). And Tibet? It has pretty much belonged to China for over 600 years. Tibet has been very poor even compared to China, and over the past 50 years China has greatly supported the region, establishing basic infrastructure like hospitals, schools etc. You usually never hear about this in the west though, since it doesn't fit the whole "free Tibet" narrative.
Yes there is a lot wrong with China, as with any country on this planet. I certainly don't need to get into US atrocities here for some obligatory whataboutism. But at least get your facts straight when criticising. Like when that Falun gong organ harvesting comes up. If you try to unravel this story you find no halfway credible sources and always end up with this Canadian politician who conveniently always resurfaces with that story when some election is coming up. Or recently there was a report about one million captive Uighurs in China (with a population of only 8 million), where the only source was a UN Secretary saying this "not representing the UN"...
It's sad, because we so proudly compare our free press to the state controlled propaganda in China, but for most people just knowing we have a free press equals not ever having to doubt anything the news say, at least not if it's about another country across the world you already know is evil.
I get the Chinese government's default position is stonewalling information. But at some point, if people say a thing, and you say it isn't so: you invite them to see for themselves.
The fact that China (and the Soviet Union before it) don't...
Thanks for the explanation. I will need to look further into the details surrounding Taiwan and Tibet. Your explanations don't ring entirely true with what I've heard and read in the past, so I've got some digging to do.
I mean, you can also refuse to admit Taiwan is an independent country... while selling powerful military hardware to an organized government within "China" that claims sovereignty over an island they assert is not Chinese.
All countries have spy agencies - they usually have two roles to spy on other people, and prevent other people spying on them. This seems like a pretty reasonable state of affairs.
How does the fact Australia spies on China (one presumes) mean they shouldn't worry about China being able to spy on Australia?
>"Every country is gathering data on everyone. If you think they are respecting your privacy, you’re naive"
This isn't about data gathering or respecting privacy, this is false equivalency. This is about infrastructure, specifically the integrity of a country's telecom infrastructure at the hardware level. The ability to compromise or disrupt a country's Telecom infrastructure is seen as a matter of national security by every country. The article even site the control plane difference in 5G:
>"“This new architecture provides a way to circumvent traditional security controls by exploiting equipment in the edge of the network – exploitation which may affect overall network integrity and availability, as well as the confidentiality of customer data."
There are basically only 5 vendors in the mobile switching space. ZTE and Huawei are both Chinese vendors
while the 3 remaining vendors are European - Ericsson(Sweden), Nokia(Finland) and Alcatel-Lucent(France.) None of those last 3 non-Chinese vendors have a record of human rights abuses, censorship or state-sponsored hacking. If you worked in an agency in a Western government tasked with providing procurement guidelines for network operators in which vendors would you prefer?
I don't think it's just a show... they want to try to block China's access to our data because they want to be the only ones with it. Maybe I only have one brain cell left.
To add weight to your point in regards to Australia's hypocrisy, there's an on-going case where a now ex-member of one of Australia's intelligence agencies blew the whistle on Australia's illegal surveillance of the East Timorese government.
Currently they're trying to prosecute the whistle-blower AND his lawyer for "revealing state secrets" as a tactic to draw out the process.
The ASD (Australian Signals Directorate - equivalent to the NSA) mission statement is: Reveal their secrets - Protect our own.
Which I suppose is in keeping with banning any non-purely-Australian-owned vendors from participating in any communications infrastructure project. I don't think there are any purely-home-grown Australian 5G infrastructure manufacturers though.
This destroys the logic of free trade, competition that countries and a plethora of global organizations like IMF, WB promote and enforced aggressively over the last 40 years especially when looking for markets in other countries.
But if its only applicable to a favoured set and suddenly has all sorts of qualifiers when it comes to your own markets then the whole thing collapses. And everyone can see its politics with a fig leaf of process designed for one way benefit and as a system cannot deliver mutual benefits.
That depends on the calculation. Maybe there's a non-zero risk that China could remotely turn off their 5G network and including that in the calculation makes local sources a better value even when the dollar price is higher.
I wish they'd bad this equipment not because it's Chinese, but simply because it's shit. Seriously, pretty much all mobile network equipment (including EU-based Ericsson) has critical vulnerabilities. I wouldn't worry about Chinese backdoors when anyone can get privileged access to the core network.
They should ban any 5G millimeter wave (30GHz-300GHz) devices until enough testing on humans has been done. It is unclear what affects these waves have on our corneas and requires more research.
"These findings suggested that damage to the corneal epithelium was not induced by corneal dryness alone, but by exposure of dried corneas to MMW-induced heat to above body temperature."
So as long as I don't microwave my corneas with my phone, I should be alright. Thanks!
edit: hell, even the researchers say this themselves:
"It is an important finding that corneal epithelial damage is induced by MMW exposure, accompanying very strong pain, although it is cured within 1–2 days after injury. Since humans blink more frequently than rabbits, exposure to these levels of MMW is unlikely to induce corneal epithelial damage in humans."
Tie my kangaroo down sport, that's good news. Now we just need the sleepy EU to wake up so we get their spyware removed from our Mobile Operators infrastructure here!
Take it your mobile phone is built in Germany, with German components. ;)
It's just a matter of picking your poison. You think your Cisco router has no backdoors? Your Intel CPU? Your Windows OS? Your Gmail account?
This isn't about making you safer, it's about removing competition (as crappy as it may have been). And they eliminate competition both economically and in the spying game. The more companies there are that want to spy on you, the more you pay attention to security and you make life hard for everyone.
But phew, the spies were banned so no need to worry anymore :).
Even not looking on the democratic/dictatorship spectrum - outside interference will always be worse than what you get from insiders. Insiders at least depend on the country welfare - outsiders just don't give a fuck.
And the US is an insider for AU... how? Because if the NSA brought any revelation it's that the US backdoored even their allies without them knowing.
I get choosing the least evil but this is a defense only as much as burning dows a building and saying "at least this little piece survived" is a defense.
I like the idea I've seen proposed elsewhere, that I'd rather be spied on by a government entity that's no allied with my government. Less chance of being black-bagged.
Luckily I'm an exceedingly boring person, so it won't happen either way, but it's still an interesting, and valid, point of view (pending ones travel plans).
Maybe I have it wrong, but I'd prefer to have equipment from a rival of the 5 eyes.
If Huawei put a backdoor in the 5 eyes are incentivised to announce it and have it closed. If the 5 eyes want a backdoor in they're incentivised to not involve Huawei or their kit lest it be used against them.
A bit like sharing cake with my brother as a kid - one cuts, the other picks.
That's exactly what I meant. Too much competition in the spying game means they'll all try to take each other out, or that people will start paying even more attention to security. Remove the competition and you can give the impression all is good and safe now.
An external country spying on you is not doing it for YOUR best interest, rather for the best interest of their own country and sometimes not even that much.
The US doesn't really have a working legal system for things happening outside its borders. In fact as a non US citizen outside the US you don't have much protection at all.
And as you can see by the downvotes, people are even ignorant of the fact that e.g. the bill of rights doesn't apply to people outside of the US. Which means no one in the US will even fight for you, which is even worse. This is exactly what you see happening today with the large tech companies where people working there are ignorant of effect of their own actions. The US already wire tapped much of the EUs financial transactions. Which they could do because it simply wasn't illegal by US law.
"It's also worth noting that as long as the agencies are focusing their activities on the actions of foreigners then there's not even anything illegal happening by our domestic laws."
Accessible to a one-man dictatorship in Australia’s back yard? No. In any case, any backdoors in a Cisco product will be available to Canberra, a Five Eyes member.
considering all the downvotes maybe I haven't really explained the problem properly or maybe I deserved it idk. Here some points that I should probably have made clear instead of writing a snappy one-liner without substance.
Banning Huawei isn't going to increase the security or reduces the backdoors. I've been working many years for NEVs and later started a recruiting firm that did OSINT in this domain. First of all Lawful Interception is (as the name implies) legal. Despite the legality and the standardization in ETSI/3GPP the actual implementation of these black boxes is extremely shady & obscure. Siemens COM (now part of Nokia since some years already) for example has outsourced the implementation to their Milan site, where it has been further outsourced (using 2 intermediaries in a cascading supply chain) to a tiny Italian firm that does contracts mainly for the OEMs but other than that has zero vetting of their people (no security clearance etc). Code isn't reviewed and in fact the OEM didn't even have access to the code. I'm bringing this up because the problem isn't only because it's China and as I said has anyway no positive impact on increasing security (just because the company is European or US doesn't make it more trustworthy). Nevertheless if I get spied on (illegally) then I'd much rather have it done by my own jurisdiction which doesn't come after me and my family than by some thick-face black heart dictatorship in Asia.
How Huawei became so successful in EMEA?
#1) access to unlimited funding from Chinese gov. Huawei is financially backed by the state and able to cut out competitors with aggressive pricing in RFP/RFQs (even it doesn't financially make sense - "as long as it hurts the competitor it's a win")
#2) willingness to bid for projects in highly corrupt countries where a suitcase of cash changes hands using shady consultants, and ability to satisfy questionable requests from war-lords & repressive regimes (tailored Lawful Interception & DPI etc)
#3) bribing is illegal for companies located in US or EU (Nokia, Ericsson, ...) but pretty much a non-issue in China. It goes hand in hand with conducting business with the regime.
#4) Stealing the IP of competitors: Either by placing sleepers in other firms or (the easier way) by coercing and leaning on employees of Chinese origin working for competitors.
#5) employs workers under despicable conditions (complex outsourcing layers to ensure bad-PR never directly hits Huawei - questionable supply chain is also bad security)
Again I'm not anti China and I'm happy to rip into CISCO, Juniper, Nokia & Ericsson (and I have done so in the past on plenty occasions).
Mercedes-Benz, BMW and Audi sold almost 2 million cars in China in 2017. Surely most of them can be replaced by Non-EU cars in case Huawei/ZTE are not allowed free access in EU.
Trump wants a 25% tariff on every EU car, he is going to welcome such a suicidal move by the EU.
Many people seem to dislike the anti-china move. However, let's not forget that china has put over 1 million Muslims in literal concentration or reeducation camps. That's wrong. China needs to stop, and if not buying their cell gear helps, we should consider it too.
They have and will continue their plans for mass surveillance and corporate espionage for the foreseeable future. It makes absolute sense that we don't want chinese hardware/software running our communication infrastructure.
> Many people seem to dislike the anti-china move.
Eh, this will be settled in the courts and the WTO. Western governments have conspired to manufacture this idea that Huawei and ZTE are exporting compromised devices. Everybody except the Western press who dutifully repeat this propaganda knows it is pure bullshit. Huawei and ZTE devices have been studied, taken apart and put together and analyzed over and over and over again. The British put together a whole special taskforce and studied every chip for years and found absolutely nothing [1]. The same happened in France and Germany and Japan. To date nobody has ever found any kind of actual backdoor or security trap on devices exported from China. There have been security bugs and holes but there are bugs in all devices and certainly when you compare Huawei and ZTE devices to say Cisco well the record speaks for itself.
Despite this complete lack of actual evidence the governments and the press are working hand in hand to distort the market because they know they can't actually compete with Chinese firms on fair conditions. Until today though nobody has had the balls to implement an actual import ban, instead what we've seen are bullshit directives not to buy the devices for government networks along with an endless propaganda campaign in the press. This crosses the line and makes it an actionable matter for the courts.
> However, let's not forget that china has put over 1 million Muslims in literal concentration or reeducation camps. That's wrong.
More propaganda. The only thing shocking here is that people will believe such complete nonsense without any evidence. Sorry, but a bunch of "credible reports" -- all undisclosed -- and satellite photos of half-constructed camps does not prove anything except that Western press will lie with impunity when it comes to Iraq/Iran/NK/China/enemy-du-jour and Western audiences will accept these lies uncritically without even the tiniest bit of skepticism. This happens again and again and again. Nobody ever learns.
I think the Chinese have the right idea. There's no winning in the court of public opinion. Westerners live in a hermetically sealed paranoid fantasy and there's nothing anybody can say and do to break them out of it. Focus all your energy on building better products and taking lawbreakers to court and over time you'll likely come out ahead.
What's really funny about this whole affair is that everything that people accuse China of doing has actually been done by the US. There's some powerful projection at here. We know for a fact that the NSA does intercept telecom devices on their way out of the country and so the US actually does export compromised devices [1]. We know for a fact that US telecom manufacturers export equipment that has been pre-broken by the NSA [2]. We know for a fact that the NSA aggressively penetrates foreign networks at the deepest levels, even for so called allies. [3] All of this is a matter of record, it's been documented and verified by several agencies.
But somehow despite all this we're supposed to be very, very afraid of Huawei and ZTE? The total lack of integrity at work here is a bit breathtaking but it's come to be expected.
I hate PRISM as much as the next guy. However, the US doesn't block pages about things with which it politically disagrees and doesn't throw people in to prison (unless they find cp)
I don't understand the concern. Huawei isn't providing the 5G network, just the phones that latch on to it. It would presumably be Telstra (the primary Australian telecommunications provider) that would provide the network itself.
How is providing a 5G compatible phone any more a security risk than providing a 4G one?
Edit: I should have read this more thoroughly since it's not just about phone, but rather that "Australia has blocked Huawei and ZTE from providing equipment for its 5G network". Key word: equipment, which I'm guessing spans to the installation of infrastructure in Australia.
In Modern Telco ( Telstra) , they are mostly setting up, dealing with land / cell site lease, backbone, customer support and Retails. Along with some Network Engineers working along side with Telecom Network Equipment manufacturers for their Services.
That Telecom Network Equipment manufacturers could be Huawei, ZTE, Samsung, Nokia, or Ericsson. Samsung is an new entry and has very little market shares. Huawei is bigger than both Nokia and Ericsson combined.