Another consideration altogether is what is a backdoor to begin with? A hard coded password? Absolutely! Some other obviously nefarious code that can be proven to be left there for one possible reason only? Absolutely. But what about a buffer overflow kind of programming ‘mistake’ deep in protocol stack that just happened to be missed by QA? Most of the telecoms gear highly likely is running SW written in memory unsafe languages and runs on OSes lacking [many of the] modern protections such as w^x or aslr. I think it would be hard to definitively say if these were left in intentionally with someone possessing ready made exploit, or just because of mistake.
So when we talk about evidence of backdoor, it’s as usual, not a simple black and white yes or no question. It’s more of a risk question, with a twist of international power plays.
Also, technically such a backdoor capability is almost undetectable (down to a sub-microcode analysis level), as per the Ken Thompson compiler hack.
We can't just boycott because these companies are too big to fail often.
I was thinking about some sort of Etherium based capital escrow.
Basically every device you purchase has like a reward on it that's backed by capital in a wallet that Hauwei would purchase.
It's theirs and their can earn interest on it BUT it's also backed by a smart contract.'
If the customers all agree that their routers have been rooted they can unlock the wallet and take the money from Huawei effectively punishing them.
... this is just my rough thinking for now.
[0] Infamous "NSA intercepts Cisco equipment slide" https://archive.fo/7Zosk
https://qz.com/africa/1192493/china-spied-on-african-union-h...
I suppose what it boils down to is, which “silent partner” would you prefer?
The top 5 equipment manufacturers for 5G gear are — Nokia, Ericsson, Huawei, ZTE and Samsung.
I guarantee you'll never see a story titled
"Chinese law enforcement frustrated with high security/encryption of Huawei devices" like you do in the US with iPhones.
Whether that's because Hwawei has backdoors in their phones that allow the government to check for dissension at their pleasure or whether they simply use the xkcd wrench solution to get into any citizen's device is still in the air.
The press coverage, of course, leaves you free to let your imagination run wild.
If in this case they modified an existing backdoor to point somewhere else, evidence of the backdoor would also expose the original.
What is mind blowing to me is the "reality" that given that, and all of the other stuff happening in Venezuela, Venezuelan passport holders can still enter the EU without a visa, just a valid return ticket.
(1) https://edition.cnn.com/2017/02/08/world/venezuela-passports...
http://articles.latimes.com/2008/oct/22/world/fg-cocainering...
From Wikipedia: "There are small but influential Muslim, Buddhist, and Jewish communities. The Muslim community of more than 100,000 is concentrated among persons of Lebanese and Syrian descent living in Nueva Esparta State, Punto Fijo and the Caracas area."
Is it hard to imagine a terrorist organization would expand it's operations into drug smuggling?
Please stop using their backdoored equipment, use ours instead!
https://www.schneier.com/blog/archives/2018/08/backdoors_in_...
But still there are european providers such as nokia networks, ericsson..
