Tag Archives: 5G Cellular

White House Envisions US Leading Global 5G Development

The White House last month released a document called the National Strategy to Secure 5G.

This SIX PAGE document is a little light on details, but like your 10 year old who is assigned homework, the Secure 5G and Beyond Act requires the President to turn in his homework and he did.

So what would the White House like to do?  Four items:

  • Facilitating the domestic roll-out of 5G
  • Assessing the security risks and core principles for infrastructure
  • Managing those economic and security risks
  • Promoting responsible global development and deployment of the 5G infrastructure

These goals, of course, are wonderful.  But how do you actually do it?

Ernst & Young is estimating that China will spend $223 billion just in capital for 5G between 2019 and 2025.

By comparison, Verizon’s total capital expenditure for everything – not just 5G – is estimated to be around $17 billion this year.

The problem is that a lot of that is to buy so-called spectrum, which is likely free in China.  Verizon spent $3.4 billion to buy spectrum last year.  AT&T spent $2.4 billion.  That comes out of the total budget.

The FCC has a plan called Fast 5G which is supposed to help the carriers by allowing them to buy more spectrum.

Beyond that, we are back to the 10 year old’s homework.

The paper says: To that end, the government will work with the private sector to “identify, develop and apply core security principles — best practices in cybersecurity, supply chain risk management, and public safety — to United States 5G infrastructure.”

For the third bullet (managing risk), it says that the White House will develop or identify supply chain risk management standards and practices and will try to stop U.S. businesses from selling technology or the companies themselves to “foreign adversaries” (AKA China).  On a very superficial basis, it reduces risk by forcing China to steal our tech rather than to sell it to them, but so far, that strategy has only been mildly effective.  It also forces China to spend their money with our allies instead of with us or, worst case for them, to have to develop it themselves.

To cover the last bullet, the White House plans to work with other countries to lead the development of 5G technologies.  Two likely candidates might have been Nokia and Motorola, but both of them sold off their cellular business.  I’m not sure who is really left.

Bottom line, the White House complied with the law to produce a document, but really does not have a plan.  In fact, given our current desire to isolate ourselves, it is not clear what friends we really have in this game.

Plus, we need to figure out where we (translate U.S. cellular carriers) come up with hundreds of billions of dollars that will be needed to play catch up.  If China is going to spend $200 billion and is ahead of us, we might need to spend $400 billion.  Or more.   The new law did not come with bags of cash.  Source: CSO Online

Of course the temporary total contraction of the U.S. economy during 2020 doesn’t help much.  The only good news in that is that the pandemic is affecting China in a similar way, possibly worse, but we don’t really know.

Then there is the issue of public support.  In England 5G cell towers were set ablaze after reports of 5G being linked to the Coronavirus.  In China, if you complain they just shoot you.

Finally, there is the problem of “backhaul” which means getting the signal from the cell tower on the light pole on your block back to the Internet.  This is not a simple problem and the amount of bandwidth needed is staggering.

Bottom line, the White House turned in their homework paper, but that won’t really help very much.  This is not a simple problem and the world’s current economic woes are not helping.  Source: CSO Online

Security News Bites for the Week Ending February 15, 2019

Anybody Know What 5G Cellular Means?

5G is the next generation of cellular, promising blindingly fast service and web page loads in the blink of an eye.

Unfortunately, it doesn’t really exist yet.  Yes, a few carriers have set up a few cell sites in a few cities, but there are basically NO phones that are 5G capable at this time.  Apple should launch one in 2020.

5G will also require a LOT more cell sites that don’t exist and that most people don’t want in their backyard.

What this means in reality is that 5G won’t be a factor for years and in many places – low density areas – it may never come due to the expense.  And definitely not until you buy a new phone.

But that hasn’t stopped AT&T from adding a 5G “e” to some of their phones.  AT&T is doing preemptive marketing hoping that people won’t understand that they are not getting 5G service and not getting a 5G capable phone.  But, by that time, they will be locked in.

AT&T says the “E” means evolution, whatever that means.  Other people say the “E” means eventually – just not with that phone or that cell site.

Here’s what Verizon said about it:

5Ge. It’s pretend, it’s fake, it’s the kind of BS that gives marketers, communicators businesses and the wireless industry a black eye. So let’s have some fun. Some people call it “Faux Five G”. There’s “5G Eventually”. What’s your name for @ATT false marketing?

So Sprint is suing AT&T.  AT&T says that people won’t be confused.  Sprint did a survey in which 17% of the people said that they already had this non-existent 5G service.  Stay tuned.  Source: PC Mag.

 

Discarded Smart Lightbulbs May Be a Security Hole

Smart lightbulbs are smart because they are network connected and since most people are not going to plug a network cable into that bulb, they talk over WiFi.

Researchers took a LIFX smart bulb apart and took the circuit board out of it.  When they analyzed the board they found the WiFi password – not encrypted.

Next all of the security settings for the processor are disabled.

Finally, the company’s RSA private encryption key and root certificate are also accessible.

Given this takes a bit of work to reverse engineer, it is not likely a hacker is going to do it, but to get the company’s private encryption key, which would allow them to sign malicious code and download it wherever they want – that would be worthwhile.

Maybe they should call it a dumb lightbulb.  Source: Limited Results web site.

 

If You Live in the UK, be Careful Where You Click 

The UK signed into law (what they call Royal Assent) the Counter Terrorism and Border Security law this week.  This law makes it a crime to VIEW information “likely to be useful to a person committing or preparing an act of terrorism”.

One click.  Penalty is up to 15 years in prison.

Seems like a bit of over-reaction to me.  The UK’s special rapporteur on privacy said the law was “pushing a bit too much towards the thought crime”.  1984, we are here.  Source: The UK Register.

 

FTC in Negotiations with Facebook over Multi-Billion Dollar Fine

Sources have confirmed that the FTC and Facebook are negotiating over a multi-billion dollar fine over Facebook’s privacy practices.  The details have not been released and it could ultimately wind up in court if the two sides cannot agree.  If it does, get your popcorn out because it could be a humdinger.  The FTC’s investigation has been going on for about a year.  Source: Washington Post.

 

Gov Testing Smartphones as a Replacement for CAC Access Cards

The DoD is testing whether your smartphone can identify you as well as their current Common Access Card to get into DoD buildings and computer systems.

Your smartphone knows how you walk, how you talk, how you type.  You get the idea, but there is more.

With software on the phone, they are going to know exactly where you are at every moment of the day, where you spend your free time (maybe you have someone on the side), what web sites you visit, what bars you visit and how long you stay there.

It may work, but it may be a little bit too 1984 for me.

Using constant monitoring of the user’s behavior—including how they walk, carry the device, type and navigate on it and even how they commute to work and spend their free time—and the system will automatically and continuously verify the user’s identity, enabling them to seamlessly work on secure networks without having to plug in a card each time. Source: Nextgov .