Bloomberg Appears To Flub Another China Story, Insists Telnet Is A Nefarious Huawei Backdoor

from the protectionism-dressed-up-as-natsec dept

So we've noted for a while now how the Trump administration's protectionist bid to ban Huawei from US networks is a bit light on, you know, public evidence. While Huawei is now routinely lambasted for helping the Chinese government directly spy on American consumers, there's still no public evidence that supports that claim. That hasn't stopped the administration from waging an all out war on the company, ranging from pressuring the FCC to pressure carriers to avoid Huawei phones, to banning ISPs from getting public subsidies if they use Chinese equipment.

The problem, again, is that despite an 18 month investigation the last time these concerns flared up, there's been absolutely no public evidence Huawei spies on US consumers. The other problem: numerous US hardware vendors have a bit of a history of drumming up lawmaker hysteria on this front to their own benefit.

The Trump administration's protectionist gambit has had a lot of help from a US media that isn't particularly keyed into this added context, or how patriotism may color their coverage of the issue. The latest case in point: Bloomberg this week issued what seemed like a bombshell report claiming they'd finally found evidence of Huawei installing seemingly nefarious backdoors in their gear:

"Vodafone Group Plc has acknowledged to Bloomberg that it found vulnerabilities going back years with equipment supplied by Shenzhen-based Huawei for the carrier’s Italian business. While Vodafone says the issues were resolved, the revelation may further damage the reputation of a major symbol of China’s global technology prowess.

Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses, according to Vodafone’s security briefing documents from 2009 and 2011 seen by Bloomberg, as well as people involved in the situation."

And while that sounds monumentally terrible, that's not actually what happened. Follow up reporting quickly told a different story:

"In a statement, Vodafone said: "The issues in Italy identified in the Bloomberg story were all resolved and date back to 2011 and 2012.

"The 'backdoor' that Bloomberg refers to is Telnet, which is a protocol that is commonly used by many vendors in the industry for performing diagnostic functions. It would not have been accessible from the internet.

"Bloomberg is incorrect in saying that this 'could have given Huawei unauthorised access to the carrier's fixed-line network in Italy'. "In addition, we have no evidence of any unauthorised access. This was nothing more than a failure to remove a diagnostic function after development. "The issues were identified by independent security testing, initiated by Vodafone as part of our routine security measures, and fixed at the time by Huawei."

A Huawei spokesperson said: 'We were made aware of historical vulnerabilities in 2011 and 2012 and they were addressed at the time.

In other words, it wasn't a nefarious backdoor, it was just a screw up -- and not a diabolical one at that. This falls in line with what the UK and Germany governments have been saying: Huawei gear may sometimes be shitty, but that's not synonymous with malicious espionage. Both countries have cast doubt on US demands that Huawei be blacklisted globally, stating the US has not provided suitable evidence to justify such a move. The UK recently stated it would be tightening overall security and restricting Huawei's use in some of its more sensitive networks, but wouldn't be supporting an outright ban. If this political cartoon in the Guardian is any indication, some folks didn't take the news particularly well.

Bloomberg, of course, has been widely criticized for recently flubbing a story that claimed Chinese spies had infiltrated the supply chain and embedded surveillance backdoors in equipment used by major companies including Apple and Amazon. Like that story (albeit different authors), all the companies involved in this latest report say Bloomberg appears to have misread the evidence provided the outlet by anonymous third parties.

Again, none of this is to say the Chinese government is a saint. Its treatment and surveillance of political dissidents and its critics is well established. But that doesn't change the fact that before you blackball a company you should be able to provide actual evidence, something the US would justly demand were the shoe on the other foot. Nor does it change the fact that US gear makers have been trying to have Huawei banned for years for one real reason: they don't want to have to compete with cheaper Chinese kit:

"What happens is you get competitors who are able to gin up lawmakers who are already wound up about China,” said one Hill staffer who was not authorized to speak publicly about the matter. “What they do is pull the string and see where the top spins."

Journalists need to be careful not to be manipulated by US companies and their dubious shell operations hoping to gin up protectionist hysteria dressed up as natsec concerns. It also shouldn't be forgotten that the United States has engaged in much of the same behavior it has accused Huawei of, something usually ignored by journalists covering this story. That's not intended as "whataboutism" ("the US spies too therefore spying isn't bad!"), but to note that this is some important context that should be included in coverage but, somehow, usually isn't.

Meanwhile, China doesn't even really need Huawei to spy on Americans. Chinese gear is in pretty much everything from your smart doorbell to your router, and China's intelligence operatives are busy tapping undersea cables much like the US has for decades. Given Americans are busy happily attaching internet of things devices with paper mache grade security to every home and business network in America, there's a universe of attack vectors available to them that don't involve ruining the global reputation of one of their most successful companies.

Again, maybe Huawei does spy on Americans as a cutout for the Chinese government. But before engaging in a cross-continental blackballing effort of a hugely successful company, asking for some hard public evidence of that fact doesn't seem like too much to ask.

Filed Under: china, reporting, security, telnet
Companies: huawei, vodafone


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Mason Wheeler (profile), 30 Apr 2019 @ 11:44am

    Nor does it change the fact that US gear makers have been trying to have Huawei banned for years for one real reason: they don't want to have to compete with cheaper Chinese kit

    And is that really such a bad thing, given that Chinese low-priced products are well-known to be built on the back of massive-scale labor abuse and human rights violations? If they were just trying to not have to compete with a fair competitor on a level playing field, I would denounce them, but that's not what this is, and I'm more inclined to support efforts to shut that down than to get indignant about them.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Apr 2019 @ 12:25pm

      Re:

      The North had to compete with slave labor in the South until the Civil War.

      reply to this | link to this | view in chronology ]

      • identicon
        Prinny, 1 May 2019 @ 10:45am

        Re: Re:

        Exactly, dood! And look how that ended up!

        reply to this | link to this | view in chronology ]

      • icon
        Bergman (profile), 1 May 2019 @ 7:38pm

        Re: Re:

        The North was winning that competition handily. The South knew it, and was trying to shift from a slave farming society to the Northern industrial model, but was being blocked by Northern industrial interests, often with truly absurd tariffs. Shipments of machine tools sat on Northern docks awaiting inspections that never came, import tariffs were set so high that no one could afford to pay them, Northern companies refused to sell machine tools to Southern companies.

        Part of why the South rebelled was it became clear that there was no way to get around the unofficial blockade while the North still had the power to block the South from modernizing.

        Modern revisionists are desperate to make it 'all about slavery' but that's an enormously simplified description of an enormously complex problem. If the South had been allowed to modernize (and thereby become competition to Northern factories) they'd have abolished slavery on their own because they knew it didn't work for what they needed.

        reply to this | link to this | view in chronology ]

    • icon
      Thad (profile), 30 Apr 2019 @ 12:30pm

      Re:

      I think "try to avoid Chinese products due to their human rights violations" is a good argument.

      It's not the one Bloomberg is making.

      There are a lot of perfectly good reasons not to want to buy from China in general and Huawei in particular. Human rights violations are among them. So is shady, anticompetitive behavior. Forgetting to disable Telnet access before shipping is a fuckup that should raise some eyebrows too -- but it doesn't support the claim that there was a deliberate backdoor.

      Karl (and Mike and the rest of the Techdirt crew who've commented on Huawei at one time or another) is right: while it's certainly plausible that Huawei could be surreptitiously spying on customers at the behest of the Chinese government, the evidence of that actually happening is pretty thin on the ground, and stories like this one from Bloomberg are sloppy and not tech-literate.

      If you want to criticize Huawei for Chinese labor practices, great; I'm right there with you. If you want to criticize Huawei because it's been accused of sinister surveillance activities, well, I'd say wait until somebody produces better evidence than anything we've seen so far.

      reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Apr 2019 @ 3:40pm

      Re:

      Then why don't we hear the US saying "human rights abuses" which could be a great argument. Instead we keep hearing the US claim "backdoors" and offer up such shitty, shitty evidence.

      reply to this | link to this | view in chronology ]

      • identicon
        Annonymouse, 1 May 2019 @ 5:47am

        Re: Re:

        Maybe because they know that particular kettle is filled to overflowing and once spilled the backlash would be uncomfortable at best.

        reply to this | link to this | view in chronology ]

  • icon
    UniKyrn (profile), 30 Apr 2019 @ 12:14pm

    And US vendors ship switches from the factory with telnet enabled and default logins that are published in the User Manual. The customer is expected to be minimally smart enough to read the manual, do the initial configuration and then turn all of that off.

    Vodafone failed the "minimally smart enough to read" test is seems.

    A switch from the factory that you can't talk to in order to configure, won't sell well, so there has to be a few ways for a customer to get into it and configure it the first time.

    reply to this | link to this | view in chronology ]

    • icon
      DanJ (profile), 30 Apr 2019 @ 12:31pm

      Re:

      A documented Telnet capability with documented default account credentials isn't a backdoor. An undocumented default account or an undocumented Telnet capability, particularly one that isn't visible or obvious in the default GUI configuration tool, is a back door. The existence of a backdoor doesn't mean it was either intentional or nefarious. It might very well be a mistake. Bloomberg's accusation looks to be premature and overwrought, but Vodaphone's response is something of a non-sequitur. There's also nothing about the telnet protocol that makes it inaccessible from the internet, and it's absolutely possible to use the telnet protocol as a backdoor. Without additional details - was telnet ONLY enabled on internal interfaces, was there undocumented accounts, etc. - it's not possible to know what was going on here.

      reply to this | link to this | view in chronology ]

      • icon
        Ben (profile), 1 May 2019 @ 5:19am

        Re: Re:

        The followup reporting in the second quote in the article points out that the telnet interface wasn't visible to the internet, so yes, telnet was only enabled on internal interfaces.

        reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Apr 2019 @ 3:54pm

      Re:

      Hurry, who can write a quick script to scan which of your devices have had that default telnet "backdoor" (port) left open.

      Or: Let's buy software that does that type of scanning en masse and get trained up how to use it.

      Better yet: Hire proper IT Security staff to keep up with all this.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Apr 2019 @ 12:29pm

    DOTI MUD

    I guess that means that all of the time I spent playing the MUD called Dawn of the Immortals was actually a nefarious thing. Good to know.

    reply to this | link to this | view in chronology ]

  • identicon
    Sok Puppette, 30 Apr 2019 @ 1:17pm

    What do you think back doors LOOK LIKE?

    Nobody is stupid enough to put in an obvious back door. A back door always looks like a debug feature that somebody forgot to disable, or even like a bug.

    It may indeed be a screwup, because those are extremely common. But the fact that it's a Telnet server does not mean that it's not a back door or that it's not intentional.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Apr 2019 @ 2:15pm

      Re: What do you think back doors LOOK LIKE?

      I dunno, with how TD has been defending Huawei lately I could almost see them describing a simple SQL injection as 'an unfortunate side effect' rather than a gaping wide security flaw.

      reply to this | link to this | view in chronology ]

    • identicon
      Ven, 30 Apr 2019 @ 2:31pm

      Re: What do you think back doors LOOK LIKE?

      Nobody is stupid enough to put in an obvious back door. A back door always looks like a debug feature that somebody forgot to disable, or even like a bug.

      Except when the backdoor looks exactly like a backdoor

      We have almost no good examples of backdoors that were hidden so well we don't know if they are real of accidental, but we have a long string of clearly hidden in code backdoors. This may be confirmation bias, but your asking people to ascribe a very high degree of competence in this one specific area to a company that has not shown a high degree of competence in other technical areas.

      reply to this | link to this | view in chronology ]

      • identicon
        Sok Puppette, 30 Apr 2019 @ 7:05pm

        Re: Re: What do you think back doors LOOK LIKE?

        We have almost no good examples of backdoors that were hidden so well we don't know if they are real of accidental,

        Sure we do. We find "accidents" all the time. Some unknown percentage of the "accidents" that we find are back doors. Those are examples. We just don't know which ones they are. That is not evidence that none of them are, or even that few of them are.

        If you can say we have no examples of "accidents" that are actually intentionally back doors, I can respond that we have no examples that are actually accidents. If you don't know for sure, you can't assume that they're all accidents any more than you can assume that they're all intentional back doors.

        your asking people to ascribe a very high degree of competence in this one specific area to a company that has not shown a high degree of competence in other technical areas.

        Actually I'm asking people to ascribe a very basic level of competence to some individual or small group. Because another thing about competently inserting back doors is that you don't involve everybody in a whole company if you don't have to.

        reply to this | link to this | view in chronology ]

        • icon
          PaulT (profile), 1 May 2019 @ 1:10am

          Re: Re: Re: What do you think back doors LOOK LIKE?

          Sometimes an accident is just an accident, sometimes just incompetence. Like that cigar you always think about.

          reply to this | link to this | view in chronology ]

          • identicon
            Sok Puppette, 1 May 2019 @ 5:47am

            Re: Re: Re: Re: What do you think back doors LOOK LIKE?

            And sometimes a giant throbbing veiny cock is a giant throbbing veiny cock.

            The point here is that observing an undisclosed Telnet server is consistent with either incompetence or a deliberate back door. The whole premise of this article is that a left-in debugging feature can't be intentional. That's a stupid positon to take.

            There's no basis to draw either conclusion.

            reply to this | link to this | view in chronology ]

            • icon
              PaulT (profile), 1 May 2019 @ 6:09am

              Re: Re: Re: Re: Re: What do you think back doors LOOK LIKE?

              "There's no basis to draw either conclusion."

              Not conclusively, but simple application of Occam's Razor suggests that it's a lot more likely that a standard, well known and commonly detected protocol was accidentally left active in a production build than it is that it was being deliberately used as a secret back door. That's like concluding that the reason the back porch light was left on was as a secret signal to alert a mistress to the fact that the wife was home - not beyond the realms of possibility, but without further evidence of an affair it should be presumed that it was left on accidentally.

              reply to this | link to this | view in chronology ]

            • identicon
              Anonymous Coward, 1 May 2019 @ 6:16am

              Re: Re: Re: Re: Re: What do you think back doors LOOK LIKE?

              Considering that said Telnet service, was not accessible from the Internet, but only from internal networks, incompetence in failing to document or remove wins the day.

              reply to this | link to this | view in chronology ]

              • icon
                PaulT (profile), 1 May 2019 @ 6:36am

                Re: Re: Re: Re: Re: Re: What do you think back doors LOOK LIKE?

                Exactly. Someone forgot to make the relevant config change on the production build in order to disable the tools they use in the dev environment. Happens every day. Any other conclusion is a hell of a reach in the absence of further evidence. There's a great many bigger things to be worried about that have a lot more supporting evidence behind them.

                reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Apr 2019 @ 1:32pm

    Taking away the cookie jar?

    Around ~2014 AT&T was about to do a big promotion with Huawei cell phones, and Bestbuy for retail (not sure on the details, but about 5 years back Huawei was about to enter the consumer cell phone market in a big way, with partners lined up). Ads went out, per-orders were open, and as it was just about to happen, everything was shut down.

    How much of this is being driven by NSA not wanting to be frozen out of their data logging? It's known that domestic companies freely open up to NSA data harvesting and comm interceptions.

    Does Windows still ship with NSA backdoors?

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 30 Apr 2019 @ 2:05pm

      Re: Taking away the cookie jar?

      Let me turn this around on you, where is your proof of Windows NSA backdoors? Where are your packet captures of Windows sending data to the NSA? I always see Huawei defenders claim we need packet captures and the like to believe it but fail to provide the same when accusing others like Microsoft or Failbook.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 1 May 2019 @ 11:13am

        Re: Re: Taking away the cookie jar?

        The point is who owns the back door. The US gov't is arguing there might be Chinese back doors, but say nothing about their capabilities.

        I don't know if Windows has a back door, but I wouldn't put it above MS to cooperate with certain three letter agencies. For that matter, I don't trust Linux either. Which OS did Snowden use?

        reply to this | link to this | view in chronology ]

  • identicon
    Anon523, 30 Apr 2019 @ 2:18pm

    Defending Huawei

    I'm quite amused at all the support Huawei gets for not having been caught YET for any illegal monitoring. The reason US Govt. is rightfully suspicious of Huawei is based on China's quite proven history of using whatever means necessary to steal IP or any data that they find useful. With all modern networking gear there's ways to push firmware updates and there's no way to audit the millions of lines of code that goes into these updates. Guess what... how hard would it be for the Chinese Govt. IN FUTURE to twist Huawei's hands to push that little back door in an innocuous looking update?
    Buying toys from China is one thing but wholesale communications infrastructure from China?

    reply to this | link to this | view in chronology ]

    • icon
      Thad (profile), 30 Apr 2019 @ 2:56pm

      Re: Defending Huawei

      Guess what... how hard would it be for the Chinese Govt. IN FUTURE to twist Huawei's hands to push that little back door in an innocuous looking update?

      I liked the part where Tom Cruise got his eyes replaced and then all the targeted advertisements thought he was somebody else.

      reply to this | link to this | view in chronology ]

      • identicon
        Anonymous Coward, 30 Apr 2019 @ 3:49pm

        Re: Re: Defending Huawei

        I like the way you ignore the discussion and throw up movie garbage to try and distract us.

        reply to this | link to this | view in chronology ]

        • identicon
          Anonymous Coward, 30 Apr 2019 @ 4:37pm

          Re: Defending Garbage Movies

          I like that you’re ignoring the discussion at hand in a weak attempt to criticise your betters.

          reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Apr 2019 @ 2:38pm

    This sounds like a fight over which nefarious government sponsored, corporate installed backdoor ridden products we will be forced to use.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 30 Apr 2019 @ 4:03pm

    Except that Telnet is a network protocol. So what exactly was blocking it from the Internet?

    reply to this | link to this | view in chronology ]

  • icon
    ECA (profile), 30 Apr 2019 @ 9:51pm

    anyone know

    That Huawai is in the TOP 2 of servers and other internet and Mobil hardware in the World??

    1 corp is in the USA, and they are have NO fun trying to sell OUTSIDE the USA, with prices that would kill off most companies..

    The only reasoning in all of this IMO, is to get Huawai's stocks to DROP and then buy it up and try a take over..

    why do we need to live in a BS world of Fighting corps??

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 May 2019 @ 4:22am

    Its all very simple

    If countries/companies use Huawei gear in the core networks then the 5eyes cant force the supplier to backdoor the equipment for them.

    F'n obvious.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 1 May 2019 @ 10:30am

    i hope there are investigations into those who DO end up getting these contracts, ties to politicians perhaps

    reply to this | link to this | view in chronology ]

  • icon
    Gerald Robinson (profile), 1 May 2019 @ 10:36am

    Backdoors

    Massive back doors can and do exist! Look at the hidden Intel "service processor" found in all pentiums. A massive computer which even includes a Web server. It was discovered largely by accident and publicized, then largely forgotten. The government should ban and replace all hardware with significant foreign components; including CISCO's™.

    The problem with backdoors is activating them when interesting stuff is happening. Leaving them active for snooping makes detection of many by network traffic analysis simple. But the volume of traffic and garbage versus gold makes this leaving them active undesirable. Yes if the backdoor is as massive as Intel's it could filter things.

    The real backdoor threat is China's or France's, Russa's, (or any hostile power's) ability to shutdown or mess up the network as a part of a real attack!

    reply to this | link to this | view in chronology ]

  • icon
    Gerald Robinson (profile), 1 May 2019 @ 2:20pm

    Re: Re: Taking away the cookie jar?

    We know that ME has Won 10 Hoover up any accessible information on the system for sale to 3rd parties. Intel potentially does the same. The U.S. Government ha s long had a program of inserting backdoors of dubious legality, why should the Chinese be different. Linux is open source and you can see the code and assemble it from scratch so no WE back doors!

    reply to this | link to this | view in chronology ]

  • icon
    Gerald Robinson (profile), 2 May 2019 @ 10:39am

    The real problem wasn't southern modernization it was northern mills wanted cheap cotton! They didn't want to compete with English mills and didn't want to let southerners establish their own. They couldn't get export tactics so they went the indirect route. The Civak Was wasn't about slavery (The Boston shipping families were major importers) but southErners greed!

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.