Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      Trump tariffs could wreck South Africa’s vehicle manufacturing industry

      14 July 2025

      Legislative overhaul on the cards for South Africa’s ICT sector

      14 July 2025

      The 1940s visionary who imagined the Information Age

      14 July 2025

      Microsoft South Africa to get new MD as Lillian Barnard moves to regional role

      14 July 2025

      Zuckerberg used open source to scale AI – now the lock-in begins

      14 July 2025
    • World

      Grok 4 arrives with bold claims and fresh controversy

      10 July 2025

      Bitcoin pushes higher into record territory

      10 July 2025

      Cupertino vs Brussels: Apple challenges Big Tech crackdown

      7 July 2025

      Grammarly acquires e-mail start-up Superhuman

      1 July 2025

      Apple considers ditching its own AI in Siri overhaul

      1 July 2025
    • In-depth

      Siemens is battling Big Tech for AI supremacy in factories

      24 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Meta bets $72-billion on AI – and investors love it

      17 June 2025

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      Grok promised bias-free chat. Then came the edits

      2 June 2025
    • TCS

      TCS+ | MVNX on the opportunities in South Africa’s booming MVNO market

      11 July 2025

      TCS | Connecting Saffas – Renier Lombard on The Lekker Network

      7 July 2025

      TechCentral Nexus S0E4: Takealot’s big Post Office jobs plan

      4 July 2025

      TCS | Tech, townships and tenacity: Spar’s plan to win with Spar2U

      3 July 2025

      TCS+ | First Distribution on the latest and greatest cloud technologies

      27 June 2025
    • Opinion

      In defence of equity alternatives for BEE

      30 June 2025

      E-commerce in ICT distribution: enabler or disruptor?

      30 June 2025

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Singapore soared – why can’t we? Lessons South Africa refuses to learn

      13 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CambriLearn
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » In-depth » Huawei is being held to an impossible standard

    Huawei is being held to an impossible standard

    By Leonid Bershidsky30 April 2019
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    The Bloomberg report of persistent vulnerabilities found in Huawei telecommunications equipment by major operator Vodafone highlights the Chinese vendor’s current problem: while its competitors are given the benefit of the doubt when their products are found vulnerable, Huawei is held to impossible standards for political reasons.

    This is a problem that probably can’t be solved on a technical level. Huawei will have to drop any legacy resistance to stringent tests by clients and regulators and make more of an effort to clean up its software, but at the same time European countries in particular should expect subtle pressure from China to treat Huawei like any other vendor. The US isn’t the only country that can play that game.

    The headlines that include the words “Huawei” and “backdoor” look damning given the US government’s insistence that American allies view Huawei as a security threat. But it’s not at all unusual for backdoors — software vulnerabilities that allow third-party access to a piece of equipment — to be found in the products of other major suppliers, too. Last year, Cisco Systems — with a long history of its equipment being exploited by US and other spy agencies — removed no fewer than seven backdoors from various products. In February, security firm Tenable Research discovered backdoors in Nokia routers that, like the Huawei vulnerabilities found by Vodafone, allowed potential attackers access via the Telnet protocol.

    It’s standard for equipment vendors to warn investors of such vulnerability risks. Here’s the language from Ericsson’s 2018 annual report:

    It is possible that a cybersecurity incident in Ericsson’s supply chain could have an adverse impact on Ericsson’s ability to deliver products or services to Ericsson’s customers. These incidents may include tampering with components, the inclusion of backdoors or implants, the unintentional inclusion of vulnerabilities in components or software and cybersecurity incidents… Products and infrastructure used by Ericsson may contain vulnerabilities that can be leveraged by a threat actor. In some situations, it may be impossible to detect these vulnerabilities due to their location, or due to the fact that they are unknown vulnerabilities.

    Software is developed by humans, who will, sometimes inadvertently and sometimes on purpose, roll out releases with backdoors in them — often for past or future servicing and maintenance needs. But the telecoms industry’s problem goes beyond human error, laziness and malicious intent. Its fundamental services are based on dated protocols. As the GSMA, the global telecoms operator lobby group, wrote in its most recent threat report, “Many of these protocols are dated and were implemented without an authority model but relied on assumed trust within a closed industry. Couple this insecurity with their essential nature to operate many network functions and any security threats realized against these services will have a high impact.”

    Any security problem, any failure to detect a backdoor and close it will be used as proof that the vendor is an arm of Chinese intelligence

    Since the protocols will continue to be used, even the most vigilant telecoms operators face high security risks. The widespread reliance on vulnerable open-source software is another source of problems.

    But while Western equipment vendors and the mobile operators themselves are expected to deal with these issues to the best of their ability and at their own pace, with inevitable setbacks now and then, that’s no longer the case with Huawei. Any security problem, any failure to detect a backdoor and close it will be used as proof that the vendor is an arm of Chinese intelligence. That imposes tough demands on Huawei if it wants to keep its leadership in the telecoms equipment industry and avoid government bans.

    Impermissible

    Intention matters. The Bloomberg report has the company telling a major client that it’s fixed a vulnerability when it hadn’t. If that was an intentional deception, that’s bad enough. It was at least a poor decision; but in view of the evolved US position, that kind of thing is impermissible now.

    Of course, Huawei’s political problem is not really for the firm to solve. No matter what the Chinese company does, the current US administration will keep going after it for a mix of national security, trade and competition-related reasons which are hard to separate from each other. This requires a pointed response from China, and such a response will undoubtedly follow.

    The UK, where Vodafone is based, will be more exposed to the competing US and Chinese pressures than most other countries if it goes through with Brexit. It will lose the EU’s protection but its market is sufficiently large for both the US and China to try to impose their terms of trade. The US is already warning the UK of possible cuts in intelligence sharing if it doesn’t drop Huawei, but if it caves, the probability of a favourable post-Brexit trade and investment deal with China will recede.

    Even so, Huawei can’t rely solely on its home nation’s support. It needs a conscious effort to build trust. The Chinese vendor might be well-advised to borrow a page from Cisco’s book: the US company is combing systematically through all its software, reporting and fixing the vulnerabilities it finds. That kind of exercise wouldn’t resolve Huawei’s American problem, but it would go a long way toward keeping other clients, major mobile networks, on its side against any government meddling. The Chinese firm is being too defensive and not open enough, and that needs to change.  — (c) 2019 Bloomberg LP



    Cisco Donald Trump Ericsson Huawei Nokia top Vodafone
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleSamsung unveils vertical TV aimed at millennials
    Next Article Vodafone is said to have found hidden ‘backdoors’ in Huawei gear

    Related Posts

    Trump tariffs could wreck South Africa’s vehicle manufacturing industry

    14 July 2025

    Nvidia CEO to hold high-stakes media briefing in Beijing

    13 July 2025

    Still in play: Ramaphosa banks on talks to ease US tariff blow

    8 July 2025
    Company News

    Banking on LEO: Q-KON transforms financial services connectivity

    14 July 2025

    The future of business calling: Voys brings your landline to the cloud

    14 July 2025

    How digital twins and AI are shaping the future of security

    14 July 2025
    Opinion

    In defence of equity alternatives for BEE

    30 June 2025

    E-commerce in ICT distribution: enabler or disruptor?

    30 June 2025

    South Africa pioneered drone laws a decade ago – now it must catch up

    17 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.