a thoughtful web.
Share good ideas and conversation.   Login or Take a Tour!

Huawei has been a known security issue vector for at least 5 years. I worked at F5 Networks as a Competitive Analyst, and we would get competitors hardware into our secure lab, tear it down, test it, and figure out every detail of how they worked. These were network ADCs, firewalls, WAFs, etc., that could be $300k a piece.

The Huawei boxes had a LOT of weird stuff going on. As soon as you turned them on, they'd try to reach out to a variety of servers around the world, and transfer sensitive network config data to unknown services. They'd suck up network traffic, and output to multiple destinations... not just the intended recipient IP.

There were a number of completely opaque circuits that did who-knows-what to data. Unlabeled chips on the motherboard through which all traffic passed, seemingly unchanged.

The NSA and secure government agencies would not buy Huawei devices of any type, and would bar their contractors from doing so as well.

But the Huawei boxes were interesting when run in a secure lab environment. They'd quickly figure out that they were in a test environment and start acting differently. It seemed like it would switch into "basic ADC" mode, and just diligently pass traffic thru, and act all normal.

But as soon as you moved it into an active network, the box would start trying to talk to foreign servers again. Some of these connections were normal "phone home" events which any ADC does, to ensure it is being operated by a legal owner, and has the latest software updates, etc.

But 'phone homes' are pretty standard messages across the industry, and can generally be easily identified by adhering to a pattern. The Huawei boxes did these, of course... but much more.

There is a BIG security story that will come out about Huawei's electronics some day. I am absolutely confident of that.

In fact, that sweater may already be unraveling...