[LINK] What's Behind the Huawei Fracas

Roger Clarke Roger.Clarke at xamax.com.au
Wed Mar 28 14:04:32 AEDT 2012 

The reporting on Huawei's exclusion from the NBNCo contracts has 
unfortunately been facile.

Even the business-writers and the ABC suckered for the proposition, 
attributed to ASIO, that this was all about "cyberattacks coming out 
of China".

The suggestion that Huawei is involved in those activities is a straw 
man.  It enables the company, through an ex-Australian Cabinet 
Minister, to defend, probably quite honestly, that they don't do that 
kind of thing.

The real issue is whether Huawei technology brings with it embedded insecurity.

This is an opportunity to get back on the agenda the much broader set 
of issues that NBNCo must be forced to deal with, in public.


1.  Compromised Devices on the Backbone

Serious concerns were expressed back in 2005 about features being 
built into backbone routers to facilitate surveillance and censorship.

No-one had any doubt that Huawei was building such capabilities in to 
satisfy the Chinese government.

Accusations were levelled at Cisco, and especially at Juniper.  They 
were under pressure from the Chinese government to comply if they 
wanted to keep getting business there.  And they were doubtless under 
pressure from the NSA and the US Administration as well.

Cherry S. (2005)  'The Net Effect'  IEEE Spectrum 'Special Report on 
China's Tech Revolution' (June 2005) 38-44, at 
http://spectrum.ieee.org/computing/networks/the-net-effect/0

That included this quote:  "The concern I have is that this is laying 
the foundation for a much more intrusive and censorship-friendly 
Internet infrastructure for all countries," says Roger Clarke, a 
consultant in Canberra, Australia, affiliated with the Australian 
National University. "The features that China wants installed in 
intermediating devices and software will gradually find their way 
into all of the suppliers' products, if only because it's cheaper 
that way."

The probability of Huawei backbone devices being compromised is very 
high, and with Cisco and Juniper the probability is a bit lower.

A bigger difference is the strategic significance of intermediating 
devices being compromised.  The polite thing to say is that the US is 
an ally of Australia (although of course the cynic would say that 
Australia is an acolyte of the US), and the US is seriously concerned 
about China's emergence as a super-power.  Whereas China is only a 
(currently very important) trading partner.


2.  NBN's Role

The NBN is a Layer 2.5 service, i.e. the IP Layer is provided by 
other organisations, not NBNCo.

So what, in practical terms, is NBNCo installing in the way of 
intermediating devices?  And to what extent does NBNCo's choice of 
technology providers determine whether, what and whose surveillance 
and censorship capabilities are built into the infrastructure?

IANATE (I am not a telecomms engineer), so my expression of these 
points is necessarily imprecise.  However, it seems to me that, even 
if NBNCo isn't technically deciding on the routers and proxy-servers, 
the choices that they're making will limit the choices available to 
other organisations when *they* make *their* decisions about routers 
and proxy-servers.

It's a very good move to ban Huawei from NBNCo's infrastructure, 
because that reduces the risk of compromise of Australian 
infrastucture and traffic by either Huawei or some client of Huawei 
(e.g. the Chinese government).

But, as a country, we remain exposed to the US companies that we're 
likely to use instead, and to the clients of those US companies (e.g. 
the NSA).


3.  NBNCo's Irresponsible Stance re Public Policy Issues

I wrote back in 2009 that:
http://www.rogerclarke.com/II/BBF-091211.html
"The Chinese government is building censorship into its backbone 
routers, to deliver the Great Chinese Firewall.  We need to make sure 
that the emergent NBN design doesn't facilitate censorship through 
our own form of Rabbit-Proof Fence".

I further argued that:
http://www.rogerclarke.com/II/NBN-PC-0912.html
"The NBN could be designed to embody, or to facilitate, the 
surveillance of content. Ways in which this could be done include the 
accommodation of the function in the NBN architecture and the NBN 
infrastructure, the provision of space on NBN Co.'s premises for 
specialist equipment, enabling the connection of extraneous devices 
to the network, enabling the inclusion of extraneous software in its 
own devices, and the permission of access to its premises by 
organisations that conduct surveillance.
"It is crucial to the public trustworthiness of the national 
infrastucture that it not be prostituted to the wishes of either 
marketing corporations or national security extremists.
...
"The NBN holds great promise. It also harbours considerable potential 
threats to privacy. There is to date no sign that NBN Co. is engaging 
with the issues. It needs to do so."

NBNCo continues to avoid discussion of a range of critical policy 
matters, and has been allowed to get away with it.  That bodes very 
ill for our future freedoms.


-- 
Roger Clarke                                 http://www.rogerclarke.com/
			            
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Faculty of Law               University of NSW
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list