Bloomberg Appears To Flub Another China Story, Insists Telnet Is A Nefarious Huawei Backdoor

from the protectionism-dressed-up-as-natsec dept

So we’ve noted for a while now how the Trump administration’s protectionist bid to ban Huawei from US networks is a bit light on, you know, public evidence. While Huawei is now routinely lambasted for helping the Chinese government directly spy on American consumers, there’s still no public evidence that supports that claim. That hasn’t stopped the administration from waging an all out war on the company, ranging from pressuring the FCC to pressure carriers to avoid Huawei phones, to banning ISPs from getting public subsidies if they use Chinese equipment.

The problem, again, is that despite an 18 month investigation the last time these concerns flared up, there’s been absolutely no public evidence Huawei spies on US consumers. The other problem: numerous US hardware vendors have a bit of a history of drumming up lawmaker hysteria on this front to their own benefit.

The Trump administration’s protectionist gambit has had a lot of help from a US media that isn’t particularly keyed into this added context, or how patriotism may color their coverage of the issue. The latest case in point: Bloomberg this week issued what seemed like a bombshell report claiming they’d finally found evidence of Huawei installing seemingly nefarious backdoors in their gear:

“Vodafone Group Plc has acknowledged to Bloomberg that it found vulnerabilities going back years with equipment supplied by Shenzhen-based Huawei for the carrier?s Italian business. While Vodafone says the issues were resolved, the revelation may further damage the reputation of a major symbol of China?s global technology prowess.

Europe?s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier?s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses, according to Vodafone?s security briefing documents from 2009 and 2011 seen by Bloomberg, as well as people involved in the situation.”

And while that sounds monumentally terrible, that’s not actually what happened. Follow up reporting quickly told a different story:

“In a statement, Vodafone said: “The issues in Italy identified in the Bloomberg story were all resolved and date back to 2011 and 2012.

The ‘backdoor’ that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet.

“Bloomberg is incorrect in saying that this ‘could have given Huawei unauthorised access to the carrier’s fixed-line network in Italy’. “In addition, we have no evidence of any unauthorised access. This was nothing more than a failure to remove a diagnostic function after development. “The issues were identified by independent security testing, initiated by Vodafone as part of our routine security measures, and fixed at the time by Huawei.”

A Huawei spokesperson said: ‘We were made aware of historical vulnerabilities in 2011 and 2012 and they were addressed at the time.

In other words, it wasn’t a nefarious backdoor, it was just a screw up — and not a diabolical one at that. This falls in line with what the UK and Germany governments have been saying: Huawei gear may sometimes be shitty, but that’s not synonymous with malicious espionage. Both countries have cast doubt on US demands that Huawei be blacklisted globally, stating the US has not provided suitable evidence to justify such a move. The UK recently stated it would be tightening overall security and restricting Huawei’s use in some of its more sensitive networks, but wouldn’t be supporting an outright ban. If this political cartoon in the Guardian is any indication, some folks didn’t take the news particularly well.

Bloomberg, of course, has been widely criticized for recently flubbing a story that claimed Chinese spies had infiltrated the supply chain and embedded surveillance backdoors in equipment used by major companies including Apple and Amazon. Like that story (albeit different authors), all the companies involved in this latest report say Bloomberg appears to have misread the evidence provided the outlet by anonymous third parties.

Again, none of this is to say the Chinese government is a saint. Its treatment and surveillance of political dissidents and its critics is well established. But that doesn’t change the fact that before you blackball a company you should be able to provide actual evidence, something the US would justly demand were the shoe on the other foot. Nor does it change the fact that US gear makers have been trying to have Huawei banned for years for one real reason: they don’t want to have to compete with cheaper Chinese kit:

“What happens is you get competitors who are able to gin up lawmakers who are already wound up about China,? said one Hill staffer who was not authorized to speak publicly about the matter. ?What they do is pull the string and see where the top spins.”

Journalists need to be careful not to be manipulated by US companies and their dubious shell operations hoping to gin up protectionist hysteria dressed up as natsec concerns. It also shouldn’t be forgotten that the United States has engaged in much of the same behavior it has accused Huawei of, something usually ignored by journalists covering this story. That’s not intended as “whataboutism” (“the US spies too therefore spying isn’t bad!”), but to note that this is some important context that should be included in coverage but, somehow, usually isn’t.

Meanwhile, China doesn’t even really need Huawei to spy on Americans. Chinese gear is in pretty much everything from your smart doorbell to your router, and China’s intelligence operatives are busy tapping undersea cables much like the US has for decades. Given Americans are busy happily attaching internet of things devices with paper mache grade security to every home and business network in America, there’s a universe of attack vectors available to them that don’t involve ruining the global reputation of one of their most successful companies.

Again, maybe Huawei does spy on Americans as a cutout for the Chinese government. But before engaging in a cross-continental blackballing effort of a hugely successful company, asking for some hard public evidence of that fact doesn’t seem like too much to ask.

Filed Under: , , ,
Companies: huawei, vodafone

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Bloomberg Appears To Flub Another China Story, Insists Telnet Is A Nefarious Huawei Backdoor”

Subscribe: RSS Leave a comment
53 Comments
Mason Wheeler (profile) says:

Nor does it change the fact that US gear makers have been trying to have Huawei banned for years for one real reason: they don’t want to have to compete with cheaper Chinese kit

And is that really such a bad thing, given that Chinese low-priced products are well-known to be built on the back of massive-scale labor abuse and human rights violations? If they were just trying to not have to compete with a fair competitor on a level playing field, I would denounce them, but that’s not what this is, and I’m more inclined to support efforts to shut that down than to get indignant about them.

Bergman (profile) says:

Re: Re: Re:

The North was winning that competition handily. The South knew it, and was trying to shift from a slave farming society to the Northern industrial model, but was being blocked by Northern industrial interests, often with truly absurd tariffs. Shipments of machine tools sat on Northern docks awaiting inspections that never came, import tariffs were set so high that no one could afford to pay them, Northern companies refused to sell machine tools to Southern companies.

Part of why the South rebelled was it became clear that there was no way to get around the unofficial blockade while the North still had the power to block the South from modernizing.

Modern revisionists are desperate to make it ‘all about slavery’ but that’s an enormously simplified description of an enormously complex problem. If the South had been allowed to modernize (and thereby become competition to Northern factories) they’d have abolished slavery on their own because they knew it didn’t work for what they needed.

Thad (profile) says:

Re: Re:

I think "try to avoid Chinese products due to their human rights violations" is a good argument.

It’s not the one Bloomberg is making.

There are a lot of perfectly good reasons not to want to buy from China in general and Huawei in particular. Human rights violations are among them. So is shady, anticompetitive behavior. Forgetting to disable Telnet access before shipping is a fuckup that should raise some eyebrows too — but it doesn’t support the claim that there was a deliberate backdoor.

Karl (and Mike and the rest of the Techdirt crew who’ve commented on Huawei at one time or another) is right: while it’s certainly plausible that Huawei could be surreptitiously spying on customers at the behest of the Chinese government, the evidence of that actually happening is pretty thin on the ground, and stories like this one from Bloomberg are sloppy and not tech-literate.

If you want to criticize Huawei for Chinese labor practices, great; I’m right there with you. If you want to criticize Huawei because it’s been accused of sinister surveillance activities, well, I’d say wait until somebody produces better evidence than anything we’ve seen so far.

UniKyrn (profile) says:

And US vendors ship switches from the factory with telnet enabled and default logins that are published in the User Manual. The customer is expected to be minimally smart enough to read the manual, do the initial configuration and then turn all of that off.

Vodafone failed the "minimally smart enough to read" test is seems.

A switch from the factory that you can’t talk to in order to configure, won’t sell well, so there has to be a few ways for a customer to get into it and configure it the first time.

DanJ (profile) says:

Re: Re:

A documented Telnet capability with documented default account credentials isn’t a backdoor. An undocumented default account or an undocumented Telnet capability, particularly one that isn’t visible or obvious in the default GUI configuration tool, is a back door. The existence of a backdoor doesn’t mean it was either intentional or nefarious. It might very well be a mistake. Bloomberg’s accusation looks to be premature and overwrought, but Vodaphone’s response is something of a non-sequitur. There’s also nothing about the telnet protocol that makes it inaccessible from the internet, and it’s absolutely possible to use the telnet protocol as a backdoor. Without additional details – was telnet ONLY enabled on internal interfaces, was there undocumented accounts, etc. – it’s not possible to know what was going on here.

Anonymous Coward says:

Re: Re:

Hurry, who can write a quick script to scan which of your devices have had that default telnet "backdoor" (port) left open.

Or: Let’s buy software that does that type of scanning en masse and get trained up how to use it.

Better yet: Hire proper IT Security staff to keep up with all this.

Sok Puppette (profile) says:

What do you think back doors LOOK LIKE?

Nobody is stupid enough to put in an obvious back door. A back door always looks like a debug feature that somebody forgot to disable, or even like a bug.

It may indeed be a screwup, because those are extremely common. But the fact that it’s a Telnet server does not mean that it’s not a back door or that it’s not intentional.

Ven says:

Re: What do you think back doors LOOK LIKE?

Nobody is stupid enough to put in an obvious back door. A back door always looks like a debug feature that somebody forgot to disable, or even like a bug.

Except when the backdoor looks exactly like a backdoor

We have almost no good examples of backdoors that were hidden so well we don’t know if they are real of accidental, but we have a long string of clearly hidden in code backdoors. This may be confirmation bias, but your asking people to ascribe a very high degree of competence in this one specific area to a company that has not shown a high degree of competence in other technical areas.

Sok Puppette (profile) says:

Re: Re: What do you think back doors LOOK LIKE?

We have almost no good examples of backdoors that were hidden so well we don’t know if they are real of accidental,

Sure we do. We find "accidents" all the time. Some unknown percentage of the "accidents" that we find are back doors. Those are examples. We just don’t know which ones they are. That is not evidence that none of them are, or even that few of them are.

If you can say we have no examples of "accidents" that are actually intentionally back doors, I can respond that we have no examples that are actually accidents. If you don’t know for sure, you can’t assume that they’re all accidents any more than you can assume that they’re all intentional back doors.

your asking people to ascribe a very high degree of competence in this one specific area to a company that has not shown a high degree of competence in other technical areas.

Actually I’m asking people to ascribe a very basic level of competence to some individual or small group. Because another thing about competently inserting back doors is that you don’t involve everybody in a whole company if you don’t have to.

Sok Puppette (profile) says:

Re: Re: Re:2 What do you think back doors LOOK LIKE?

And sometimes a giant throbbing veiny cock is a giant throbbing veiny cock.

The point here is that observing an undisclosed Telnet server is consistent with either incompetence or a deliberate back door. The whole premise of this article is that a left-in debugging feature can’t be intentional. That’s a stupid positon to take.

There’s no basis to draw either conclusion.

PaulT (profile) says:

Re: Re: Re:3 What do you think back doors LOOK LIKE?

"There’s no basis to draw either conclusion."

Not conclusively, but simple application of Occam’s Razor suggests that it’s a lot more likely that a standard, well known and commonly detected protocol was accidentally left active in a production build than it is that it was being deliberately used as a secret back door. That’s like concluding that the reason the back porch light was left on was as a secret signal to alert a mistress to the fact that the wife was home – not beyond the realms of possibility, but without further evidence of an affair it should be presumed that it was left on accidentally.

PaulT (profile) says:

Re: Re: Re:4 What do you think back doors LOOK LIKE?

Exactly. Someone forgot to make the relevant config change on the production build in order to disable the tools they use in the dev environment. Happens every day. Any other conclusion is a hell of a reach in the absence of further evidence. There’s a great many bigger things to be worried about that have a lot more supporting evidence behind them.

Anonymous Coward says:

Taking away the cookie jar?

Around ~2014 AT&T was about to do a big promotion with Huawei cell phones, and Bestbuy for retail (not sure on the details, but about 5 years back Huawei was about to enter the consumer cell phone market in a big way, with partners lined up). Ads went out, per-orders were open, and as it was just about to happen, everything was shut down.

How much of this is being driven by NSA not wanting to be frozen out of their data logging? It’s known that domestic companies freely open up to NSA data harvesting and comm interceptions.

Does Windows still ship with NSA backdoors?

Anonymous Coward says:

Re: Taking away the cookie jar?

Let me turn this around on you, where is your proof of Windows NSA backdoors? Where are your packet captures of Windows sending data to the NSA? I always see Huawei defenders claim we need packet captures and the like to believe it but fail to provide the same when accusing others like Microsoft or Failbook.

Anonymous Coward says:

Re: Re: Taking away the cookie jar?

The point is who owns the back door. The US gov’t is arguing there might be Chinese back doors, but say nothing about their capabilities.

I don’t know if Windows has a back door, but I wouldn’t put it above MS to cooperate with certain three letter agencies. For that matter, I don’t trust Linux either. Which OS did Snowden use?

Anon523 says:

Defending Huawei

I’m quite amused at all the support Huawei gets for not having been caught YET for any illegal monitoring. The reason US Govt. is rightfully suspicious of Huawei is based on China’s quite proven history of using whatever means necessary to steal IP or any data that they find useful. With all modern networking gear there’s ways to push firmware updates and there’s no way to audit the millions of lines of code that goes into these updates. Guess what… how hard would it be for the Chinese Govt. IN FUTURE to twist Huawei’s hands to push that little back door in an innocuous looking update?
Buying toys from China is one thing but wholesale communications infrastructure from China?

ECA (profile) says:

anyone know

That Huawai is in the TOP 2 of servers and other internet and Mobil hardware in the World??

1 corp is in the USA, and they are have NO fun trying to sell OUTSIDE the USA, with prices that would kill off most companies..

The only reasoning in all of this IMO, is to get Huawai’s stocks to DROP and then buy it up and try a take over..

why do we need to live in a BS world of Fighting corps??

Gerald Robinson (profile) says:

Backdoors

Massive back doors can and do exist! Look at the hidden Intel "service processor" found in all pentiums. A massive computer which even includes a Web server. It was discovered largely by accident and publicized, then largely forgotten. The government should ban and replace all hardware with significant foreign components; including CISCO’s™.

The problem with backdoors is activating them when interesting stuff is happening. Leaving them active for snooping makes detection of many by network traffic analysis simple. But the volume of traffic and garbage versus gold makes this leaving them active undesirable. Yes if the backdoor is as massive as Intel’s it could filter things.

The real backdoor threat is China’s or France’s, Russa’s, (or any hostile power’s) ability to shutdown or mess up the network as a part of a real attack!

Gerald Robinson (profile) says:

Taking away the cookie jar?

We know that ME has Won 10 Hoover up any accessible information on the system for sale to 3rd parties. Intel potentially does the same. The U.S. Government ha s long had a program of inserting backdoors of dubious legality, why should the Chinese be different. Linux is open source and you can see the code and assemble it from scratch so no WE back doors!

Gerald Robinson (profile) says:

The real problem wasn’t southern modernization it was northern mills wanted cheap cotton! They didn’t want to compete with English mills and didn’t want to let southerners establish their own. They couldn’t get export tactics so they went the indirect route. The Civak Was wasn’t about slavery (The Boston shipping families were major importers) but southErners greed!

Add Your Comment

Your email address will not be published.

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...
Loading...