I do not believe that this is a recent realization - this goes back to at least the Dutch East India company (VOC). The foundation of the British economy were the vast resources of the British Empire (read colonies) for many decades.
Hey Australian Government. You know what also protects confidentiality of customer data? Encryption.
It's a hard problem. Encryption is part of the solution, but it's not the solution.
Mandatory metadata is already retained for 2 years at the consumers expense, no one has ever released how much or what is actually kept as all freedom of information requests by journalists have been denied. It's estimated that every adult generates around 15000 data points a day, it's known that mobile phone signal strength is kept allowing triangulation within 100m or so of every citizen every few minutes.
Last year alone there was over 300,000 warrantless requests made by 60 government agencies, many more are legally allowed to make requests, right down to small local councils in the middle of nowhere with 15 staff members and obscure agencies such as horse racing officials.
There's absolutely no oversight, I'm stuggling to imagine how many people it would actually take to investigate around 1000 requests a day, every day of the week.
It's only a matter of time before some serious abuse of the system occurs.
I think it's inevident that the more precise geolocation data of 5G (due to an increased base station installations required by the mmWave frequencies) will be sold to advertisers. Essentially, Australia is betting that European manufacturers will respect privacy better than China - and sure, at least European companies do not need to hand over their data to authorities. Having seen surveillance implementations installed in Chinese IoT devices, it is more or less true that China is at least keeping the doors open for an intertwined database where information from various different Chinese companies can be built.
But really this decision was made in a snap by Scott Morrison in a powerplay to look tough on outsiders to the conservative base.
Right now Australia is doing it's 2.5 yearly cycle of deposing a prime minister and installing someone else. Like that Dutton guy from texas :P
They're drafting a law that's going to require encryption backdoors. They're completely ignorant about the impossibility of having "secure backdoors", going as far as the Prime Minister saying:
> The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia.
Every country is gathering data on everyone. If you think they are respecting your privacy, you’re naive.
The US has been doing it for years. Secretly. EU and I bet you Australia too.
And even China, yes. But hey, at least China is honest about what they’re doing. Gotta respect that at least.
Point is, it’s just a show.
There is a fundamental difference between "like in kind" and "like in severity".
Do the US and China both monitor telecom? Yes.
Has the US built a national firewall? No.
Do the US and China both have legal processes for acquiring court ordered telecom intercepts? Yes.
Is the US legal system wholly subordinate to political goals? No.
Do the US and Chinese governments lean on companies to comply with their wishes? Yes.
Do US companies survive at the whim of the US government and generally lack independent legal recourse to fight pressure? No.
If you want to go through point-by-point with what's similar between Chinese and US data monitoring regimes, I'm happy to do so. But they aren't close to the same.
Nationalizing 5G or specifying a specific source of origin will help at the margins, but I'm coming to the conclusion that without a fundamental redesign of the internet security isn't possible. Even then, I'm not sure. Even if you somehow change the internet at the protocol level and magically make it secure form the legion of vectors the surveillance can just move somewhere else. Sell some rooted phones on eBay. Buy a security company or a social network. The Chinese bought 500px (a company I was CDS of for a year before I quit) for a hot minute before selling it back to the Americans (to Getty). With the RAWs they now have the sensor fingerprints of a ton of DSLRs tied to real email addresses, etc. Plus countless photos of naked people that were private.
Sure they could probably have gotten that data some other noisy way, but this is basically risk-free, and they probably made a profit on it by scaring Getty that the photo licensing business was about to get into a margins war with China.
This thinking allows people to let the worse offender off the hook.
All countries have spy agencies - they usually have two roles to spy on other people, and prevent other people spying on them. This seems like a pretty reasonable state of affairs.
How does the fact Australia spies on China (one presumes) mean they shouldn't worry about China being able to spy on Australia?
This isn't about data gathering or respecting privacy, this is false equivalency. This is about infrastructure, specifically the integrity of a country's telecom infrastructure at the hardware level. The ability to compromise or disrupt a country's Telecom infrastructure is seen as a matter of national security by every country. The article even site the control plane difference in 5G:
>"“This new architecture provides a way to circumvent traditional security controls by exploiting equipment in the edge of the network – exploitation which may affect overall network integrity and availability, as well as the confidentiality of customer data."
There are basically only 5 vendors in the mobile switching space. ZTE and Huawei are both Chinese vendors while the 3 remaining vendors are European - Ericsson(Sweden), Nokia(Finland) and Alcatel-Lucent(France.) None of those last 3 non-Chinese vendors have a record of human rights abuses, censorship or state-sponsored hacking. If you worked in an agency in a Western government tasked with providing procurement guidelines for network operators in which vendors would you prefer?
As far as I know, China has denied all allegations of them spying on Australia. Has this changed?
Currently they're trying to prosecute the whistle-blower AND his lawyer for "revealing state secrets" as a tactic to draw out the process.
See here: http://www.abc.net.au/news/2018-06-28/witness-k-and-bernard-...
And for a larger history: https://en.wikipedia.org/wiki/Australia%E2%80%93East_Timor_s...
The ASD (Australian Signals Directorate - equivalent to the NSA) mission statement is: Reveal their secrets - Protect our own.
Which I suppose is in keeping with banning any non-purely-Australian-owned vendors from participating in any communications infrastructure project. I don't think there are any purely-home-grown Australian 5G infrastructure manufacturers though.
But if its only applicable to a favoured set and suddenly has all sorts of qualifiers when it comes to your own markets then the whole thing collapses. And everyone can see its politics with a fig leaf of process designed for one way benefit and as a system cannot deliver mutual benefits.
That depends on the calculation. Maybe there's a non-zero risk that China could remotely turn off their 5G network and including that in the calculation makes local sources a better value even when the dollar price is higher.
national security is going to win that one unless Australia is going to willfully become a Chinese vassal
Sounds like a good idea, what are the downsides if any?
It's just a matter of picking your poison. You think your Cisco router has no backdoors? Your Intel CPU? Your Windows OS? Your Gmail account?
This isn't about making you safer, it's about removing competition (as crappy as it may have been). And they eliminate competition both economically and in the spying game. The more companies there are that want to spy on you, the more you pay attention to security and you make life hard for everyone.
But phew, the spies were banned so no need to worry anymore :).
I'd expect our security people to have a very good idea of what backdoors are or are not present.
Accessible to a one-man dictatorship in Australia’s back yard? No. In any case, any backdoors in a Cisco product will be available to Canberra, a Five Eyes member.
Banning Huawei isn't going to increase the security or reduces the backdoors. I've been working many years for NEVs and later started a recruiting firm that did OSINT in this domain. First of all Lawful Interception is (as the name implies) legal. Despite the legality and the standardization in ETSI/3GPP the actual implementation of these black boxes is extremely shady & obscure. Siemens COM (now part of Nokia since some years already) for example has outsourced the implementation to their Milan site, where it has been further outsourced (using 2 intermediaries in a cascading supply chain) to a tiny Italian firm that does contracts mainly for the OEMs but other than that has zero vetting of their people (no security clearance etc). Code isn't reviewed and in fact the OEM didn't even have access to the code. I'm bringing this up because the problem isn't only because it's China and as I said has anyway no positive impact on increasing security (just because the company is European or US doesn't make it more trustworthy). Nevertheless if I get spied on (illegally) then I'd much rather have it done by my own jurisdiction which doesn't come after me and my family than by some thick-face black heart dictatorship in Asia.
How Huawei became so successful in EMEA?
#1) access to unlimited funding from Chinese gov. Huawei is financially backed by the state and able to cut out competitors with aggressive pricing in RFP/RFQs (even it doesn't financially make sense - "as long as it hurts the competitor it's a win")
#2) willingness to bid for projects in highly corrupt countries where a suitcase of cash changes hands using shady consultants, and ability to satisfy questionable requests from war-lords & repressive regimes (tailored Lawful Interception & DPI etc)
#3) bribing is illegal for companies located in US or EU (Nokia, Ericsson, ...) but pretty much a non-issue in China. It goes hand in hand with conducting business with the regime.
#4) Stealing the IP of competitors: Either by placing sleepers in other firms or (the easier way) by coercing and leaning on employees of Chinese origin working for competitors.
#5) employs workers under despicable conditions (complex outsourcing layers to ensure bad-PR never directly hits Huawei - questionable supply chain is also bad security)
Again I'm not anti China and I'm happy to rip into CISCO, Juniper, Nokia & Ericsson (and I have done so in the past on plenty occasions).
And this was for a company of lesser world-stage significance than a mosquito bite on a giant's lower leg.
Trump wants a 25% tariff on every EU car, he is going to welcome such a suicidal move by the EU.
China didn't allow free unrestricted access of Nokia and Ericsson in China either.
BMW largest car factory is located in Spartanburg, South Carolina, US.
They have and will continue their plans for mass surveillance and corporate espionage for the foreseeable future. It makes absolute sense that we don't want chinese hardware/software running our communication infrastructure.
Eh, this will be settled in the courts and the WTO. Western governments have conspired to manufacture this idea that Huawei and ZTE are exporting compromised devices. Everybody except the Western press who dutifully repeat this propaganda knows it is pure bullshit. Huawei and ZTE devices have been studied, taken apart and put together and analyzed over and over and over again. The British put together a whole special taskforce and studied every chip for years and found absolutely nothing [1]. The same happened in France and Germany and Japan. To date nobody has ever found any kind of actual backdoor or security trap on devices exported from China. There have been security bugs and holes but there are bugs in all devices and certainly when you compare Huawei and ZTE devices to say Cisco well the record speaks for itself.
Despite this complete lack of actual evidence the governments and the press are working hand in hand to distort the market because they know they can't actually compete with Chinese firms on fair conditions. Until today though nobody has had the balls to implement an actual import ban, instead what we've seen are bullshit directives not to buy the devices for government networks along with an endless propaganda campaign in the press. This crosses the line and makes it an actionable matter for the courts.
> However, let's not forget that china has put over 1 million Muslims in literal concentration or reeducation camps. That's wrong.
More propaganda. The only thing shocking here is that people will believe such complete nonsense without any evidence. Sorry, but a bunch of "credible reports" -- all undisclosed -- and satellite photos of half-constructed camps does not prove anything except that Western press will lie with impunity when it comes to Iraq/Iran/NK/China/enemy-du-jour and Western audiences will accept these lies uncritically without even the tiniest bit of skepticism. This happens again and again and again. Nobody ever learns.
I think the Chinese have the right idea. There's no winning in the court of public opinion. Westerners live in a hermetically sealed paranoid fantasy and there's nothing anybody can say and do to break them out of it. Focus all your energy on building better products and taking lawbreakers to court and over time you'll likely come out ahead.
There are no good guys.
How is providing a 5G compatible phone any more a security risk than providing a 4G one?
Edit: I should have read this more thoroughly since it's not just about phone, but rather that "Australia has blocked Huawei and ZTE from providing equipment for its 5G network". Key word: equipment, which I'm guessing spans to the installation of infrastructure in Australia.
In Modern Telco ( Telstra) , they are mostly setting up, dealing with land / cell site lease, backbone, customer support and Retails. Along with some Network Engineers working along side with Telecom Network Equipment manufacturers for their Services.
That Telecom Network Equipment manufacturers could be Huawei, ZTE, Samsung, Nokia, or Ericsson. Samsung is an new entry and has very little market shares. Huawei is bigger than both Nokia and Ericsson combined.
