The US Government has recently announced a few bans of products from use by its government agencies. These include antivirus software from Kaspersky (Russian) and mobile phones from Xiaomi (Chinese). The basis for the bans is that the products are considered to be potentially compromised by the parent governments. (I have not included links here, but there is plenty of online discussion about the bans.)
A security podcast to which I subscribe, produced in the US and with a fairly US-centric view of the world, recently asked the (hypothetical) question “Why would any other country rely upon Microsoft or Intel products?” This is a fine point.
We have plenty of evidence of the US spying on other countries and collecting vast amounts of Internet data, as well as pressuring web and other companies to give it open access to all the data they have - whether via secret court order or simply through ‘handshake deals’. There is also evidence of other countries being ‘bad actors’ on the web - but none of them have the reach of the inventor of the Internet, through which most Internet traffic travels.
Apparently Microsoft has opened its source code to some governments in order to get permission to sell in those countries. Perhaps Intel has done something similar with its chip designs, but it still came as a shock to many to find that most Intel chips have a ‘back door’ called the Intel Management Engine or Active Management Technology, which stays on even when you turn off the computer via its power button (turning it off at the wall means all bets are off).
So - has the Australian government checked Microsoft’s firmware for any nasties that might be planted therein? Should Australians be worried about their Xiaomi - or Apple, or Samsung - phones? Is someone sucking all my top secret information out of my computer every night, and selling it somewhere on the TOR network?
I suspect that the answers to these questions are no, maybe, and probably not - but they remain concerns for consumers and their employers, whether government or business (one of the leaked US spy efforts was against a Brazilian oil mining company, and intellectual property is extremely valuable).
Does Choice have a view on whether - and how - consumers might minimise their risks when buying technology, almost none of which is invented, designed or manufactured in Australia?