Crypto Backdoors and Huawei

Note: If you didn’t know that I am against crypto backdoors before, let me just tell you up front, because that fact will be clear by the end.

The world works in the most mysterious ways.

The FBI has been trying to get phone makers (Apple especially) to install crypto backdoors into iPhones for them for years. What they call lawful access.

The scientists say that there is no way to do this in a way that would be secure. A way where only the good guys can access your stuff and the bad guys cannot.

Sometimes the universe demonstrates things in a way that scientists can’t.

The U.S. has been saying for a long time that the Chinese company Huawei – the world leader in 5G cellular technology – is bad and that they are closely connected to the Chinese military. All of this is likely true.

What they haven’t said is why and they are not really telling the whole truth now – likely because the whole truth is classified. They probably don’t want the Chinese to know what our spies know.

Huawei cell hardware has a crypto backdoor. Not necessarily because they wanted to put it in but more likely because cell providers in many countries are required to provide a backdoor. If Huawei didn’t build one in, they couldn’t sell their hardware.

What has come out now is that there is a concern that Huawei – AKA the Chinese government or Chinese military – may be able to use – or ABUSE that backdoor.

Of course they claim that they would NEVER do that. You believe them, don’t you?

While the U.S. isn’t publicly saying this, likely because some CIA source told them or something like that and as a result, it is considered highly classified. If the Chinese know what we know, they can probably figure out how we got it and from there, figure out who told us. At that point, the next step is a bullet in the head.

So it appears that this backdoor that the FBI so desperately wants is the reason while Huawei is such a threat. Bottom line, if we insert a backdoor into crypto, even for the best reasons, the bad guys will learn about it and figure out how to exploit it. Then we have the Huawei situation all over again.

Since the U.S. is pushing really, really hard to stop carriers from using Huawei hardware, probably with good reason – and we now know why – what is the impact on 5G rollout in the US?

For the large carriers in the core of major metropolitan cities – not much.

For smaller carriers and for the big carriers outside the high profile “gee, we better have 5G coverage here” locations, it means that the rollout of 5G in the U.S. will probably be much slower than would have been otherwise.

Given that almost no one has a 5G capable phone right now, that probably doesn’t matter much – right now.

But there is another use that seems to be garnering some attention and that is Internet of Things. If some IoT devices are dependent on 5G (like your self-driving car) and if the buyer or maker of the device ASSUMES that 5G coverage will be available, well, that is a problem (like the self-driving feature doesn’t work). Hopefully, manufacturers who assume people will have 5G will design their systems to fail safely (like shutting their device off if it can’t get 5G), but even that won’t make people happy.

Looking at 5G coverage today, here is a map from Verizon’s website for Denver. Notice it says AVAILABLE OUTDOORS. Likely, this is because the signal won’t penetrate walls, which means, that we all need to move into tents outside. The tan highlight says that 5G is available in PARTS of these neighborhoods. Granted they will build out more and likely in the next few years, more of downtown Denver will have coverage, but that doesn’t include anything outside downtown and it doesn’t cover indoors. For that you will need to buy a 5G cell simulator and have enough extra Internet bandwidth on your Internet connection to give you 5G speeds. You want gigabit 5G – you better have an extra gigabit of Internet bandwidth on your service that you are not using. And, you better hope that you carrier doesn’t have bandwidth caps.

Source: Ars Technica

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code