CHOICE membership

Huawei cyber vulnerabilities


#41

The US has sanctions on so many countries it’s probably hard for companies to keep track of them! In fact, it has sanctions/tariffs on Chinese imports at the moment, so…

Off topic: why is it that one country imposes sanctions based upon its own messed-up internal politicking and the rest of the world is expected to follow?


#42

It’s all fairly clear within the circles that need to know. Sometimes the reasoning is not divulged, because the reason might expose the threat - not all threats can so easily be advertised. Such is the nature of threats …

There are a range of reasons sanctions are imposed - from what I have seen it is very often a construction of an ill informed (by virtue of the nature of these issues) press that things like sanctions are ascribed to mere politics. Maybe sometimes it actually is, but in my experience there is more often than not (by a long shot) a defined need that is not obvious to someone buying ‘The Sun’ to make their judgement :wink:

Said country doesn’t ‘expect’ others to follow, but if you want to share the oranges at half time, you need to be on the same team …


#43

The political will of the US government - but you know, and you know I know you know.

Subservience is what it is, and has it rewards, so long as one remains subservient in the proper manner. As with swing seats sometimes not being blindly subservient has its advantages also.


#44

Because they can. For example ours is a country that has sacrificed its self interest for the US position 100% of the time since WWII.


#45

Threats can indeed be political, economic, or military, and some countries classify all of the choices at the same level.


#46

But did you know that I knew you knew I knew you knew?


#47

… if we have swung higher, it is because we’ve swung on the swings of giants …

Maybe we’ve got further to fall when the swing breaks though, just keep swinging … My personal view is that Australia is not typically being blindly subservient, maybe not always totally informed, but that works both ways as well …

I don’t believe it’s anything like 100% either in the context of this topic or generally - my perception is that political point-scoring is attempted/made of us agreeing our positions are the same by often making it look like we didn’t stand our ground. It seems often the case that the people scoring and defending said points may not be completely informed - certainly it is the case that what we have left of journalism in this country is not completely informed, sometimes not informed at all. In the context of this topic, often even just knowing some knowledge of something is out there is dangerous - that some scant knowledge of the Huawei issues is generally known is actually far more surprising than the fact issues exist - probably only because the brand is so (potentially) pervasive in a popular consumer market (namely the zombification of the masses through smartphone and internet tech :wink: ).

It’s not inconceivable one could lead to the next … hypothetically of course :wink:

no :rofl:


#48

You’re right - we haven’t moved our embassy to Jerusalem… yet. We have fought in pretty much every US foreign adventure (invasion/freeing the people from oppression) since WWII. The only exceptions would probably be the regime changes that have been conducted via less direct means such as funding ‘freedom fighters’ (or undermining governments from within [cough] Whitlam [cough] - and yes, they pretty much admitted to it). That said, we’re backing the US on Venezuela without bothering much with the details.


#49

We can disagree, but Australian votes in the UN as well as sending troops wherever the US suggests would be beneficial is not always in our best interests as I see it.

I sometimes compare us and our government to that of NZ, that seems to have comparative pride in what they do as well as their sovereignty. Not always done by all their governments, but even if for a week here and there they usually get the gong. ‘All the way with LBJ’ has been ‘our’ modus operandi for decades.


#50

I agree! What number State of the USA are we almost certainly set to become in oh so many ways. In the USA they have States that disagree on federal matters and either choose to act separately from others or seek to over-turn federal laws. Are we then much different when we may disagree on some level but when it comes to “patriotic” duty to the USA we can almost trip over ourselves in the rush to comply with the call to arms.

Only subtle in some areas still but our language, our eating habits, our affection for so much US style entertainment whether TV, film, gaming, the rise of Bloods and Crips, the almost awe like devotion to US style cars, and so on it goes links us ever more inevitably to a US centric view of all things in the World.


#51

NZ declared a nuke free zone, Australia dodged the MX - other than that, Australia, NZ and the US all held hands and sang “Kum ba yah” in Malaysia, Korea, Vietnam, the Persian Gulf, Afghanistan - the US came with Australia and NZ to East Timor, in some support roles only until the UN took over. NZ came to Iraq, but only with Engineers - so it seems mostly it’s been a rather happy three-way with the occasional spat by all parties involved … If anything, NZ is just better at marketing …

But back on topic - Huawei - just the tip of the iceberg. If we are going to trust what the Chinese ‘Government’ tells us over our own Government, well … that would be ‘interesting’ …


#52

I trust neither to tell us truth, I am more inclined to think we will ever only hear what they consider is appropriate for us to hear and let the “grown ups” deal with the “adult” stuff that we simply cannot understand in their way of thinking.

I doubt either really is benevolent just the Australian Government may be a little closer to it than the Chinese Government is definitely further from it.

Kaspersky have on a similar note to built in vulnerabilities have now advised they will comply with the Russian Govt Act that the Roskomnadzor oversees that allows the Roskomnadzor to read and collect any data of any user of those products supply to Kaspersky…this includes the Kaspersky VPN, so don’t trust any really personal material to that communication avenue. This will mean they have to build in back doors (if not already in place) so that they can supply the data when requested.

To read a bit about Kaspersky’s announcement see:

http://www.interfax.com/newsinf.asp?id=894709

The World is Orwellian and increases that apace.


#53

So Russia now has the same powers over data within its borders as the US? Of course, the US is the centre of the Internet while Russia deals with very little other than Russian Internet usage, so the powers are very different.

It also does not appear from that announcement that Kaspersky’s main line of AV/security products are affected.

The Australian government has had the power to order companies to change their software (e.g. insert back doors) since the security theatre last November/December - far more broad than anything on the books in either the US or Russia, as far as I am aware. Certain three letter agencies interpret their own countries’ laws to similar effect, but we have made the power clear!

On a side note, someone in my office was complaining a few weeks ago about all these ‘three letter acronyms’ they were having to deal with. I piped up with “you mean TLAs?” Oh, the stare!


#54

As quoted from the afrticle “The functions of Kaspersky Lab protection solutions” (there is other online commentary that this does involve any of their products) notes not just a service but rather services.

A quote by Kaspersky’s founder and boss Eugene Kaspersky and his company have denied reports that it colludes with the Russian government ““Kaspersky Lab has never helped, nor will help, any government in the world with its cyber espionage efforts, and contrary to erroneous reports, Kaspersky Lab software does not contain any undeclared capabilities such as backdoors as that would be illegal and unethical,” the company tells Information Security Media Group in a statement.” It makes no distinction in it’s statement about AV, VPN, or any other service KL provides yet it has advised it will do so and thus makes the statement less than reliable. Again this particular Russian Act may only currently state VPNs, the reality is all Russian businesses must provide information and access to any data they have under other Acts that require that compliance.

I can only say that there is commentary out there that Kaspersky does provide these backdoors, as most if not all intelligence agencies hold their evidence close to their chests and so really verifiable evidence can be hard to source. But US & EU Govts among others in the world now view Kaspersky Lab products with at least at the kindest level suspicion but some outright declare the products to be malicious.

Risk to a home user may be negligible in most circumstances but forewarned is forearmed.


#55

Also from the article:

This is how Kaspersky Lab commented to Interfax on the Russian telecommunications regulator Roskomnadzor’s demand that their VPN service be connected to the single register of information outlawed in Russia.

That’s about their VPN service, not AV or anything else.


#56

Many Americans trust their current leader in spite of substantial evidence to the contrary. They have been ‘educated’ in who to believe, eg nobody but him, not even their own agencies. Or they have ceased caring about reality.

A real question, how many governments have demanded and received copies of American source code or hardware for verification? While now history remember CoCOM? I suspect we can agree American sourced is probably as porous as any, notwithstanding the often global cadres of participants, and if we cannot agree on that, I can attest I worked on the periphery of people who worked for ‘government contracts’ who made it so when destined for ‘select’ customers.

Thus my concern for any companies’ products is tempered as it comes down to who does one believe in the absence of hard evidence, either way?


#57

Pick your enemy. US and EU governments already have control of and access to most people’s sensitive data. Australia is part of the ‘Five Eyes’ group of countries and participates in US data collection, so should I worry more about a country on the other side of the world with very limited influence online or my own government?


#58

As I said above “Orwellian”, is there one Govt I can trust to not seek access to data held by businesses of any size and my answer would be no and a most emphatic no at that. Are any governments and their appendages benevolent, that may be harder to answer with certainty but they might be “kind and caring” until compliance ceases or the leaders change or age.

I would perhaps trust more the ones I have an ability to somewhat influence than those I have not even the smallest real fraction of influence with. My influence here may not be very much but it is possible and has at least a chance of holding some to account but my influence on China, Russia, USA, EU and others is at most a mere grain of sand in the Sahara desert. Huawei as a product in my circumstances is like Kaspersky or Symantec or Cisco of such small worry that I probably could use them without much fear but when it comes to national concerns then using products of “friends” is less likely to bite than when using those of those who definitely don’t care for us or even desire to cause us ill.


#59

Would that imply ‘we’ might be more trusting of friend’s malicious intents than those of known enemies, considering the lack of evidence and the accusations appear to be based on conjecture and suspicion that originated in the US, a truly unbiased source seeking its own commercial (and military) advantages.

I briefly worked with an x-Asst Secty of Defence and it was beyond enlightening at the difference in morality, world view, and so on, from those I would call 'most of ‘us’. A sample of 1 is not all of them, but it is my experience dealing at that level, and reflects other government agencies (US and AU).


#60

(not to mention Australia)

Any company has the option of departing Russia / US / Australia / China - if it values its reputation. Its choice!

No statement made by an affected company can be trusted because the laws would prevent the company from telling the truth.