Home page logo

funsec logo funsec mailing list archives

Re: Huawei
From: Jeffrey Walton <noloader () gmail com>
Date: Mon, 22 Jul 2013 21:42:23 -0400

On Mon, Jul 22, 2013 at 8:47 PM, Bruce Ediger <bediger () stratigery com> wrote:
On Mon, 22 Jul 2013, Rob, grandpa of Ryan, Trevor, Devon & Hannah wrote:

"Huawei Is a Security Threat and There's Proof, Says Hayden"

However, they are not going to tell you what the proof is.

I assumed that because it was Hayden, that was just more "Let's keep
the Cyberwar Boogieman going, because otherwise, how will we keep the
pig's trough with taxpayer dollars?"

I mean, the End of Communism was pretty tough on the Beltway Bandits.
People wanted a Peace Dividend.
Lol... All of that is do true!!!

I'm not personally familiar with what Huawei sells. Is there some way
to slip data back to Unit 61398? I suppose you could use some kind of
covert channel, but given the amount of data available, wouldn't that
amount overwhelm any side channels?
The Chinese simply encrypt it and send it out - no need for a side
channel. The US and its contractors are usually no wiser, and the US
does not usually know what's been egressed once detected because its
been encrypted (no, they don't use SSL/TLS). Confer: America the
Vulnerable: Inside the New Threat Matrix of Digital Espionage, Crime,
and Warfare, ISBN 159420313X.

If you just used IP packets, wouldn't they be visible on other company's
routers and egress filtering appliances?  What other kind of packets
could get routed from a random Huawei box in a telecomm center back to
It gets proxied through a compromised host. I doubt it goes to China directly.

Fun and Misc security discussion for OT posts.
Note: funsec is a public and open mailing list.

  By Date           By Thread  

Current thread:
  • Huawei Rob, grandpa of Ryan, Trevor, Devon & Hannah (Jul 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]