Tag Archives: Zte

U.S. Considering Nationwide Ban on Chinese Telecom Gear

As the trade war between the U.S. and China heats up, President Trump is considering issuing an executive order banning all U.S. companies from buying telecommunications gear from companies deemed to be a national security threat.

Right now this threat is deemed to be a targeted attack against two Chinese vendors – ZTE and Huawei.

The executive order would invoke the International Emergency Economic Powers Act and I would expect that if  the order is issued, lawsuits will ensue.

I assume that China would reciprocate and ban, say, Cisco, which would not make John Chambers happy.

But that’s not the big issue.

It is also possible that the executive order could require telecommunications providers to remove existing banned gear at their own cost.  It is not clear if that is legal.

While big telecom carriers have, for the most part stopped buying ZTE and Huewei gear, it is the little carriers that will be hurt the most.

The little carriers have used the Chinese gear because U.S. equipment sometimes cost them 400% of the cost of the Chinese gear.

That likely will translate to price increases for the customers of those carriers.  In many cases, like with me, those carriers are the only choice that is available so switching to a different, less expensive carrier is not an option.

Part of the executive order under consideration is a requirement to replace existing Chinese telecom gear.  The Rural Wireless Association, a trade group for these carriers estimated that it would cost those carriers up to $1 billion to replace the banned equipment, if that is required and would take several years.  Two ways that cost could be paid are price increases or delays in rolling out new higher speed networks.

Currently, the fastest Internet connection I can get is 20 megabits per second, which is not even classified as broadband by the FCC (broadband is defined as 25 megabits or higher), so I am not really worried about the gigabit gear that this ban is targeting,

I am not a big fan of Chinese networking gear so I can’t really argue with the idea of a ban.  I am not in favor of forcing private U.S. companies to replace existing equipment at their cost and I am sure that, if that happens, those companies will sue the government, which will be messy.

One thing that will likely happen out of this ban (if it happens) is a slower rollout of faster 5G network – possibly years or decades longer.

The U.S. currently ranks 44th in mobile download speed (see here), which is not very impressive.

This would continue the U.S.’s not very exciting role as a third world country when it comes to Internet access.  Due to higher costs, only some people in very high density areas will get newer, faster service and the rest of us will get Internet service comparable to, say, Syria.  That is not a very exciting prospect.

Information for this post came from Reuters.

Facebooktwitterredditlinkedinmailby feather

News Bites For June 22, 2018

Latest Cost Estimates For Equifax Breach is $439 Million

According to recent (March) tax filings, costs related to their breach are now $439 million, making the Equifax breach the costliest in US history.  Assuming insurance does pay, it would cover, at most, $125 million, leaving Equifax to write a check for $300  million plus.  Given that none of the lawsuits have been settled yet, that $439 million number is sure to grow.  While Equifax’s investors can write that check, I am sure that none of them are happy about doing so.  (Source: Computing.co)

Apple, Others Allows Russians to Look for Vulnerabilities in Software Used by the Pentagon and FBI

After all, what could go wrong?

U.S. tech companies have given in to Russian, Chinese and other country’s demands to review the source code for their products.  Not only does this expose vulnerabilities (which they likely will NOT point out to the U.S. company), but it also gives away U.S. intellectual property, all in a never ending quest to increase sales and profit.

A bill currently in Congress would force companies who do business with the government to disclose any source code review done by military adversaries.  Forcing companies to disclose will keep the pressure on to stop doing that.

The limited leaks that we have already seen have caused companies to do a quick dance to try and mitigate the PR damage.

The companies say that the reviews are done in company controlled facilities.  I am sure that they use one of those memory wipers from the Men In Black movies on the reviewers before they leave the room.

The knowledge that the Russians and Chinese get is, of course, used against everyday companies as well as the government and is used to build competing products that they sell against ours.

The article has a graphic with examples of software reviewed and who uses it.  (Source: Reuters)

Senate Votes 85 to 10 to Continue ZTE Ban

ZTE, the Chinese electronics maker said to be a national security threat to America, was banned last month, from buying parts and selling products in the U.S. by the Commerce Department.  President Trump tried to overturn the ban, which basically shut the company down, by asking the company to pay a billion dollar fine and saying that would make it a non-threat.  The Senate attached a bill to the Defense Authorization Bill outlawing ZTE, nullifying Trumps gimicky non-solution.  Trump could risk shutting down the Armed Forces by vetoing the bill, but even if he did, which would be an incredibly risky political move given his base, at 85 to 10, any veto would be quickly overridden. (Source: Politico)

macOS Quicklook Feature Exposes Data on Encrypted Volumes

Let’s assume that you have some sensitive pictures and you store them on an encrypted volume on your mac.  MacOS conveniently creates thumbnails of those pictures to show you and stores them unencrypted, so while the full resolution picture is encrypted, the thumbmail is not.  Apple says this is a feature and is not going to fix it.

This problem also exists on Windows.  If you store a Word or Excel document, for example, on an encrypted volume, the temp file that those programs use will be on an unencrypted system volume.  The only way to “fix” this is to encrypt the system volume. (Source: Ars Technica)

Software Supply Chain is a Critical Issue

Recently there have been a number of reports of cities having credit card breaches.  It turns out that it all ties back to the same vendor that those cities all use called Superion.  At least 10 cities have reported being breached and there are probably more.  Superion has finally admitted that the breach was due to a WebLogic (Oracle) bug  that had not been patched.  The cities counted on Superion to keep them safe.  Superion is blaming Oracle.  Ultimately, it is the cities and taxpayers who will foot the bill for this mess – a mess caused by not managing the entire software supply chain from end to end.  Likely those cities were not even aware that they were running Oracle software.  Who’s fault is that?  (Source: Dark Reading)

Facebooktwitterredditlinkedinmailby feather

Washington Can’t Quite Figure Out Cybersecurity

In what is likely no surprise to anyone who watches Washington and especially this administration, there seems to be a bit of confusion regarding cyber security policy.  Is it any wonder, given that, that U.S. businesses are equally confused?

Case in point – ZTE.

ZTE is a Chinese electronics manufacturer with “close ties” to the communist Chinese government.  We should assume that is a covert way of saying that the government controls them.

The U.S. intelligence community, which this administration seems to ignore when convenient, has been saying that there is significant risk in using ZTE phones and electronics.  In fact, the head of the FBI told Americans when testifying before Congress earlier this year to steer clear of ZTE devices because of the risk.

Last month the DoD stopped selling ZTE phones at military base exchanges.

The FCC has taken steps to ban the use of federal funds to buy ZTE equipment.

And most recently, the Commerce Department banned U.S. companies from exporting chips to ZTE.

Not surprisingly, ZTE is, fundamentally, out of business.

In a slightly surprising move, especially in light of President Trump’s rhetoric about protecting American jobs and American technology, the President Tweeted on Sunday that he wants the Commerce Department to relax the ban on a company that steals U.S. technology, likely spies on Americans, kills U.S. jobs and violates the embargo on sales to North Korea.  Trump’s reasoning?

President Xi of China, and I, are working together to give massive Chinese phone company, ZTE, a way to get back into business, fast. Too many jobs in China lost. Commerce Department has been instructed to get it done!

Other than that, Mrs. Lincoln, how was the play?

Republican Senator Rubio from Florida Tweeted:

Problem with ZTE isn’t jobs & trade, it’s national security & espionage. Any telecomm firm in can be forced to act as tool of Chinese espionage without any court order or any other review process. We are crazy to allow them to operate in U.S. without tighter restrictions 

He was far from alone.

What will ultimately happen is unknown, but it seems like it will be very favorable to the Chinese and a really bad deal for the U.S.  Similar to the President’s complaint about the Iran deal.  But, when it comes to politics, the rules are very strange.

The Washington swamp is at it’s normal configuration.

OK, given this, what should you do?

My recommendation is that even though ZTE devices are cheap (because the Communist Chinese government subsidizes them), stay away from them.  There are plenty of lower priced devices from other countries that function quite well.  Probably not as cheap as ZTE, but if you are concerned about American jobs, American technology and American information, don’t do it.  Do not reward the Communist Chinese government.

In fact, the smart money would say to avoid all Communist Chinese electronics – there is just no way of knowing if those devices are spying on you and the evidence is that they are.

But, you say, what do I have that they might want?  The answer to that is that, like the NSA, they never vacuumed up any data that they didn’t like.  Whether it is to look for patterns, to gain intelligence to use against you later or for other reasons unknown, they just do it.  The difference is that the NSA is most likely working for our side.

Information for this post came from The Washington Post.

 

Facebooktwitterredditlinkedinmailby feather

FBI, NSA, CIA Say Don’t Use Huawei, ZTE Phones

The heads of the intelligence community – NSA, CIA, FBI and the Defense Intelligence Agency, appearing in front of the Senate Intelligence Committee, said that Chinese smartphones posed a threat to national security.

Exactly why they singled out those two Chinese phones, compared to the iPhone, which is likely made in the same factory, is not clear.  It would seem that two phones, made in the same factory by the same people would have a similar security risk, but apparently not.

FBI Director Chris Wray said that it was because Huawei and ZTE are beholden to the Chinese government.  I would think that Foxconn, who, for example, makes TVs for Sony and others, Cisco networking gear, HP and Dell computers and Nintendo games would also be beholden to the Chinese government in a very big way.

I suspect there is classified intelligence that they are not sharing that explains why these two companies are being singled out.

The concern, they say, is that these devices could steal information or conduct undetectable surveillance using the phone’s user.

AT&T was going to going to sell Huawei phones but magically decided not to last month.  No doubt these same agencies explained to AT&T why that was not a good plan.

Ultimately, everyone has to make their own decisions, but there are plenty of phones made in Korea, which seems to be a more friendly locale.  There are no phones made in the United States.

Apple and others do buy some parts in the US, like glass from Corning,  but those parts are then shipped to China to be assembled.  Apple is looking at assembling some phones in the US, likely for the PR value, but doesn’t actually do that.  Even if they do, since iPhones represent less than 15% of smartphone sales, that will still mean that 80% to 90% of smartphones are manufactured in other countries.

Information for this post came from CNN.

Facebooktwitterredditlinkedinmailby feather