A tech-based view of Huawei shows insanity of politicization

There was a recent spate of news pieces concerning the “spy craft” allegation regarding the Chinese company Huawei, showing this firm to be nothing less than a dire threat to US national security. Prior to the “trade war” President Trump launched with China over the present and long-lasting trade imbalance, Huawei found itself in the sights of American politicians as well as the allies in much of Western Europe.

A great many electrons met their untimely demise with all the “news” that this situation created, as Huawei was for a time banned from sales in the US and the urging of American politicals affected the company’s business in Europe.

For example, Gordon Chang’s piece about Huawei makes some considerable allegations:

Huawei has, in fact, been implicated in stealing tech almost from the moment it was formed in 1987. The company was built on stolen Cisco Systems technology, and according to recent allegations, Huawei has never stopped stealing. The Justice Department in January unsealed an indictment against the company for the theft of intellectual property from T-Mobile. The FBI, according to a Bloomberg report, is investigating Huawei for pilfering smartphone glass technology from Akhan Semiconductor, an Illinois-based firm.

Huawei’s rampant theft has been effective in injuring its competition. For instance, many consider the company’s campaign to take tech was largely responsible for the 2013 failure of Nortel Networks, the Canadian company.

Additionally, Beijing has used Huawei servers to surreptitiously download data from others, most notably the African Union from 2012 to 2017.

Comments like these are steeped in the witch’s brew of paranoia and fear of the “Chi-coms” as Rush Limbaugh often calls them, because “Huawei is owned by Beijing, and is therefore a Communist operated intelligence-gathering agency…”

… and, they are all watching us, using their stolen tech to secretly infiltrate everything in the free world, in a plan “to turn you into us…”

Really.

But let’s examine this differently: First, Huawei’s activity is probably no different than the actions of anyone who wants to learn how to innovate. In fact, in one of the referenced articles above about the “stolen Cisco Systems technology”, the piece itself says something very interesting, which we reproduce here:

The agreement that ended that lawsuit allows either party to make a reasonable response to improper or impermissible statements by the other.  Mr. Ding’s statements of two weeks ago indeed misstate the facts and therefore merit a direct, factually accurate and proportionate response. Rather than providing Cisco’s interpretation of the facts, we think it better simply to set forth the facts themselves.  To that end, the following are verbatim excerpts from the Neutral Expert’s Final Source Code Report, dated June 15, 2004:

• From a section entitled Comparison of Cisco STRCMP and Huawei’s [CODE NAME REDACTED]:  “It must be concluded that Huawei misappropriated this code.

• From a section entitled Functionality:  “Because of the many functional choices available to the Huawei developers (including three of their own routines), the fact that they made the same functional choice as Cisco would suggest access to the Cisco code even if the routines had implementation differences.”

•  From a section entitled Comments and White Space:  “The exactness of the comments and spacing not only indicate that Huawei has access to the Cisco code but that the Cisco code was electronically copied and inserted into [Huawei’s] [CODE NAME REDACTED].”

• From a section entitled Findings:  “The nearly identical STRCMP routines are beyond coincidence.  The Huawei [CODE NAME REDACTED]routine was copied from the strcmp routine in Cisco strcmp.c file.”

• Finally, the Neutral Expert’s conclusion:  “Cisco’s source code has been used in Huawei’s version [CODE VERSION REDACTED] implementation of its Versatile Routing Platform.  Two library files from Cisco’s Internetwork Operating System were compromised.  Huawei has replaced the library code in VRP version [CODE VERSION REDACTED] but the replacement methodology was flawed and must be redone.  A proper procedure will be simple and straightforward.”

None of these source code strings involved  Cisco’s proprietary EIGRP routing protocol that Huawei had publicly admitted to using in their products and had said they had removed prior to the Neutral Expert’s review; rather, they  are all related to “core’ parts of the routing code.

So, Huawei copied Cisco code, verbatim. But, how is that sinister? Programming code is about functionality. There is nothing wrong with examining what works and then implementing it. While perhaps there could be a copyright restriction that Huawei broke, the next question is whether or not such a restriction is in force in China. Many copyright laws do not apply internationally. It is not the cleanest way of going about things, but it is very expedient.

Further, Huawei got some news for their doing this, but how many other companies steal each other’s secrets if the opportunity arises?

It is widely understood that the Chinese tech companies did a great deal of copying from other countries’ products, so that the Chinese could leapfrog ahead in their technological abilities and prowess.

This is simply good business. If someone else invented the wheel, does it make more sense to copy their design or must we start from the beginning and do all of it ourselves? It makes more sense to get a wheel from that source, learn all about it, and then work from there to improve it.

This is what Huawei did, along with many other Chinese tech companies.

In 2012, I worked with Huawei in Colorado, installing a HSPA+ wireless network for a regional carrier. At that time, our carrier began to offer Huawei smartphones (which run on Google’s Android, which does a lot more spying on us than Huawei ever would.) At that time, the company offered a GSM / WCDMA / HSPA+ network that ran on modified PC’s running Windows, and with a Windows-run interface. Nothing specialized like Nokia or Nortel, running LINUX – and from the point of view of a Network Operations person, the interface was superior to anything on the market, and a lot less costly.

One of the allegations is that Huawei ran Nortel out of business. Maybe it is because Huawei innovated more skillfully. What is wrong with that?

Further, the thrilling allegation of Huawei using its products as a gateway for Beijing to spy on Americans sharing funny cat videos with one another or taking absurd photos on their smartphones is… well… not so real either.

While the political haymaking on this issue is immense, a study of the problem conducted by actual techies and people who understand the workings of both cell communications and of smartphone operating systems came to a different conclusion entirely.

A piece we ran about the surveillance society’s reality in the US (and abroad) made notable reference to another large company, and it isn’t Huawei.

Yes, it is Google.

The Android platform is open-source, and this enables writers of Android application software to co-opt one’s cellphone to any purpose. I have seen this myself, as have others, perhaps you, the reader, have experienced something like this: You are talking to your family about taking a trip to Lake Tahoe, and have been discussing the subject for about three or four days. Inexplicably, your phone begins to show you advertisements about deals to Lake Tahoe.

Does this sound familiar? It should, because it is documented fact that some apps quietly turn themselves on at random, listen to conversation and send that data back to the app maker or some other desired marketing source, which makes use of the data. The Android operating system is quite secure, but again, it is open-source, which means that a developer can take quite a bit of liberty in terms of data collection.

However, this is not a property of the wireless network provider. While it is theoretically possible to use a cell network to track people or even listen in on them, these facilities come through application software. Huawei and other Chinese firms have responded to the allegation of “shadiness” by doing quite a bit to make sure their Android overlays are not compromised in this way.

The logic behind this is very simple. A foreign company that engages in such espionage poisons its own well. Huawei wants to lead in the wireless business. To make a move that would jeopardize the company’s ability to do business would be, well, bad business. It would kill Huawei and even if the Chinese government wanted to use the company as a vehicle for espionage, it would not be able to do so because no one would buy their products.

The Chinese are superb businessmen, and they know that making such a move is not in their own country’s best interests, especially as they know the level of distrust their Communist governmental structure garners with their biggest customer of all – the United States.

Google is able to do what it does because there was no cloud of suspicion hanging over this gigantic company until recently. Now, with its subsidiary YouTube and other big players like Facebook, Twitter and Apple getting into the field of information censorship, the removal of conservative posts and sites such or their demonetization, such as is happening with Alex Jones, Rush Limbaugh, Dr Steven Turley and others, there may come a time when significant pressure will be brought to bear to make these companies change their political biases being put into practice.

Maybe.

But to pin Huawei as the bad guys in this is a political gamble based on the fact that most people either do not know much about how communications networks operate, or care to learn for themselves about the real issues concerning personal security versus surveillance that uses said networks. This laziness works to political advantage, and it does so very effectively.

We saw this before, starting a few years ago with the Moscow, Russia-based company Kaspersky Lab. Kaspersky is presently number four in the field of the world’s biggest antivirus companies. It is near number one in terms of how well its applications actually provide internet security.

But during the press to demonize all things Russia over the last few years, scurrilous allegations were made, such as:

• That company owner Eugene Kaspersky is a KGB / FSB spy
• That Mr. Kaspersky is working for the Putin regime, and that in fact
• Mr Kaspersky works very close in physical proximity to the FSB headquarters

None of these are true. Kaspersky’s main offices are located at least 10 kilometers from the FSB main offices. I know this because I know where both places are in Moscow, since I live here. But most people in the States don’t know this, and they do not care to investigate for themselves, preferring instead to trust the news media, whoever it is. In this, the power of propaganda to mislead and stoke animus cannot be underestimated.

Finally, there has never been any observation that showed Huawei conducting any sort of surveillance on people or places in their customer’s countries, including the United States, through the use of their network equipment. ZDNet, a quite respected tech magazine, had this to say in one of their pieces on this subject:

So far, no such state-sponsored malware or an exploit has ever been detected in a semiconductor component originating from China, or, at least, such a discovery has never been validated. All we have received so far is an accusation from a reporter at Bloomberg that certain SuperMicro server systems had a chip that was intercepting and forwarding network traffic from data centers of 30 American corporations, including Apple. That has so far been proven to be categorically false by SuperMicro, as well as Apple and Amazon.

The only comparable out-of-band exploits that have been discovered are the Spectre and Meltdown bugs in Intel, AMD, and ARM processors, which are categorized as unintentional but exploitable architectural flaws and common issues related to modern microprocessor design — and they have nothing to do with China.

Oh, and the most significant discovered out-of-band exploit prior to those two? Also Intel in origin.

…Should we worry that China is plotting some master plan to Hoover all our data and penetrate our government?

No. There’s a chance it could happen, and we should be vigilant and take our best efforts to monitor that it isn’t happening, but we can’t preoccupy ourselves with this.

It seems the best sources to ask about a technological issue are people that know about technology. Politicians generally don’t. American politicians are expert in scaring their constituents, creating a more or less constant sense of “the whole world is against us because we are the best” – combining pride and paranoia with very predictable results.

The Huawei scandal is a propaganda effort, nothing more. The notion that China would destroy its own amazing success in international business by spying through one of its most significant corporations is silly at best. The fact that American politicians and business leaders easily resort to such a narrative to protect their business is a sign that the American level of innovation is falling behind the Chinese.

That is probably the real story.