Catch up on stories from the past week (and beyond) at the Slashdot story archive
Huawei Laptop ‘Backdoor’ Flaw Raises Concerns (bbc.com) 90
Why is anyone buying anything from this company? (Score:4, Interesting)
by Rick Schumann ( 4662797 ) on Wednesday April 03, 2019 @06:32PM (#58381092) JournalSeriously, WHY? Seems clear as day to me that everything they’re producing is compromised in one way or another.- by Anonymous Coward
LOL
Facts. If you are honest, it comes down to which governments will you make it easy to spy on you. Telecoms are backdooring/MITM cells anyway, so no advantages there.
What about PC and tablets?
Windows, Android, Apple? The US already has your shit.
Huawei, etc? China does too.
Russia’s backward economy doesn’t actually make electronics products worth importing anywhere else, but they have decent software skills, hence Kaspersky.
Europe’s got a few things…Airbus?, but no real marquee stuff in tech. RIP Nokia, which is now basically an Android subcontractor.If you live in China, and aren’t politically active or ambitious, absolutely get a Huwei and save a 20% up to a hundred bucks vs a Nokia with equivalent specs.
If Russia already has your data, sure, go ahead and run Kaspersky to keep the Chinese out. Might be good for Russian aligned Linux users too.
But here is the real, practical deal:
If you use what 99% of other people use (aka not Gentoo) the US can get your stuff pretty easily.So it comes down to what companies ALSO get your data. Running office and chrome on your mac book? Apple, MS and Google all have your stuff. Hell even without chrome all your Gmail friends each gave their half of shit to Google anyway.
The US has my stuff. MS has my stuff. But Google doesn’t and apple doesn’t. Beat I can do. And even Google or Apple will get my phone stuff in a year when WinPhone is dead dead. What am I going to do? Not use a smartphone? Live like an animal on a cave? F that.
The US has been the most trustworthy of the admittedly low bar set by China, Russia and the US. Even with #orangemanbad stuff, the US is only dropping towards the other two. I’d love for some other empire to exist and be better, but right now, the obnoxious bumbling America is still better than the other two bidders.
Re:Why is anyone buying anything from this company (Score:5, Insightful)
We should probably consider ANY hardware manufactured in a country with an uber-authoritarian, paranoid government to be suspect.
How closely does Apple scrutinize iPhones coming out of Foxconn, I wonder?
We do though. We just haven’t as recently.
Correct. We did have a similar to Huawei exploit from Intel in the not too distant past. Difference is ‘Mericans want to crucify Huawei because ‘Merica.
What about a Commodore 64?
Re:Why is anyone buying anything from this company (Score:5, Insightful)
by WankerWeasel ( 875277 ) on Wednesday April 03, 2019 @06:52PM (#58381170)Curious why you single out Apple when Samsung, Nokia, Dell, Sharp, Google, Amazon, Sony, and everyone else have their stuff made by Foxconn too. All of these companies go over their devices thoroughly as they know any security issue could have HUGE negative repercussions for them.Curious why you single out Apple when Samsung, Nokia, Dell, Sharp, Google, Amazon, Sony, and everyone else have their stuff made by Foxconn too. All of these companies go over their devices thoroughly as they know any security issue could have HUGE negative repercussions for them.
Nothing to be curious about. When Slashdotters hate Apple, anything is fodder for for their angst and anger. The fact that other companies use FoxConn is irrelevant.
Also, lots of slashdotters hate Apple.
We’ve done so for a long, long time.
It isn’t angst or anger, btw. It’s an understanding of what kind of company Apple has been for a long time.
Also, lots of slashdotters hate Apple.
We’ve done so for a long, long time.
It isn’t angst or anger, btw. It’s an understanding of what kind of company Apple has been for a long time.
Sure it is. I’ve used Apples and Windows and before that MS-DOS for a long time. Your idea that you have some understanding of Apple’s special evil merely shows you don’t have an understanding of everyone elses.
- by Anonymous Coward
If you’ve used MS DOS, then you should be able to remember when Slashdot was for Linux enthusiasts. Then you should also remember that MS was the root of all evil in those days. Then you should also know that Apple and Google are today’s Microsoft, in Slashdot world.
If you’ve used MS DOS, then you should be able to remember when Slashdot was for Linux enthusiasts. Then you should also remember that MS was the root of all evil in those days. Then you should also know that Apple and Google are today’s Microsoft, in Slashdot world.
Well, I wasn’t on Slashdot until some time in the early Y2K’s. By that time Applehate was well established.
Sure it is. I’ve used Apples and Windows and before that MS-DOS for a long time. Your idea that you have some understanding of Apple’s special evil merely shows you don’t have an understanding of everyone elses.
I have a special place in my heart just for hating Apple. For you see they basically hate developers and are determined to make lives miserable for everyone who actually wants to do things professionally.
They won’t let you compile on other machines and they won’t sell decent servers.
There’s a special
I have a special place in my heart just for hating Apple. For you see they basically hate developers and are determined to make lives miserable for everyone who actually wants to do things professionally.
I’ve written a tiny little bit for iOS. Just different rules. But if you wanna hate, by all means have at it.
Samsung {…} Sony, and everyone else have their stuff made by Foxconn too.
Not every single company manufactures its stuff exclusively in China.
For example, Sony [androidauthority.com] still manufactures [zdnet.com] in Japan [reference.com].
(And Samsung obviously manufactures a lot in South Korea)Those non-China-made products include their smartphones (and other high-tech, hi-priced gadgets), they’ll prefer outsourcing less sensitive accessories (wall wart charger).
disclaimer: both of my latest two smartphones are Japan-made Sony Xperias. Though I still flashed an entirely different OS [jolla.com] (not Android) on them.
So it’s not *China*’s sThey go over it and send it back if their root exploit doesn’t work. Thanks Sony.
What’s the point of inspecting your products when they arrive from the Chinese factory when your own government just intercepts them during shipment to customers/vendors and installs malware? The US was caught red handed doing that, and pretty much nothing has been done about it.
Also security issues have no repercussions for any of these big tech companies. Dozens of celebrities’ private photos were stolen from Apple’s servers, didn’t touch their stock price. Sony deliberately installed malware on people’s
Dozens of celebrities’ private photos were stolen from Apple’s servers, didn’t touch their stock price.
That’s because it wasn’t Apple’s fault. Those celebrities were using bad passwords.
Sony deliberately installed malware on people’s computers, and hardly anyone even heard of it at the time.
That was a bit more puzzling. I feel like a lot of nerds didn’t do their job on that one, and make their non-nerd friends understand the repercussions.
- I would hope they load all their own firmware all the way down to bare metal and not let any 3rd-party company have anything to do with it.
We should probably consider ANY hardware manufactured in a country with an uber-authoritarian, paranoid government to be suspect.
Given how we actively know the NSA has sought exactly these kinds of back doors you can just remove all adjectives and say:
“We should probably consider ANY hardware manufactured in a country with a government to be suspect.”
We should probably consider ANY hardware manufactured in a country with an uber-authoritarian, paranoid government to be suspect.
If you credit Wired, the problem isn’t that Huwei is compromised by the Chinese government (although it probably is. Their government holds very tight control over everything.).
The problem is that their software QC is slipshod.
From https://www.wired.com/story/huawei-threat-isnt-backdoors-its-bugs/ [wired.com]:
“Though the geopolitical discourse has gotten heated, the report concluded that the flaws in Huawei’s code are related to “basic engineering competence and cyber security hygiene” and could be exploited by any
“.. never had a provable security issue..” So you didn’t even read the TFS title? Of course they have. Multiple. As documented here in slashdot and everywhere else. But you don’t care ’cause you’re just a shill (probably too stupid to be a paid one) trolling for social media points back home.
This is a weird thing to me, because at first actually it seemed like it was much ado about nothing, which was actually more suspicious than this highly predictable revelation. However, I still don’t know if there’s any way to tell who is backdooring these devices, only that it is now clear Huawei can’t protect their supply chain any better than anyone else.
Probably just a garden variety fuck-up. Like when Apple accidentally published the private signing key for their battery firmware, allowing anyone to create a malicious update that permanently backdoored the machine and could not be removed without tearing the laptop apart. Or the infamous GOTO FAIL bug.
Or how about Intel’s Management Engine flaws, which similarly allow an attacker to permanently pwn the machine?
Maybe they were all NSA implants into the codebase. The GOTO FAIL one looks particularly suspici
- Price? Looks just like an offering from another computer company named after fruit, but costs much less.
At least that is my guess.
That tool was leaked online and has been used by a wide variety of hackers, including those who are state-sponsored and criminal gangs. “It was introduced at the manufacture stage but the path by which it came to be there is unknown and the fact that it looks like an exploit that is linked to the NSA doesn’t mean anything,” Prof Woodward said.
And if you comprehend the summary, it says everybody now uses it because it was leaked. And they insinuate that its not the NSA, I assume because it was found.
- If you read the summary you’d realize that the experts said that they have no idea who put the backdoor in.
- Free trade.
The US and Uk “have” to accept equal and tech trade products from China.
Thats how its getting in to the USA and EU. - by Megol ( 3135005 )
Normally I’d expect such an opinion to be based on facts and not fear-mongering produced without proof. Here we are served an article without technical data, without any actual information at all but the speculation of some unknown person (to me at least) in combination with scary words from an obviously nontechnical writer. No links, no description of the exploit, no reason to actually believe the unknown person.
- and which company is producing anything that is not compromised in some way? this is the reality of the highly complex integrated world we live in. Consumers won’t pay the price that would be required for true verification and security that would guarantee no compromises.
- Did you notice the part in the summary that states that this flaw looks like an NSA backdoor?
If the company was really sophisticated, why would they name a product the “Matebook”.
Talk about something that’s never likely to be used by anyone serious…
- Looks over to Lifebook.
- It’s amusing to see all the whataboutism on
https://www.nbcnews.com/news/china/disappearances-forced-confessions-china-targets-dissent-n505046 [nbcnews.com]
https://www.vox.com/2018/8/15/17684226/uighur-china-camps-united-nations
https://en.wikipedia.org/wiki/Human_rights_in_China
https://freedomhouse.org/blog/china-s-quiet-drive-normalize-repression
https://www.theguardian.com/world/2017/jul/17/chinas-growing-intolerance-for-disse
- by Anonymous Coward
Seriously, them and the Chinese government are so in-bed, that the government is putting increasing pressure on Canada with imaginary claim like Canola being infested with pest and retrial a Canadian just to give him the death penalty right after the whole thing with Huawei’s CFO started by request of the US. Among other things.
- by Anonymous Coward
As a PSA, please remember that Trump overrode the various national intelligence agencies’ concerns and removed sanctions on Huawei.
Wait, what now? Wasn’t it his idea to sanction them in the first place?
Or we just don’t care about your silly government’s little delusions and temper tantrums.
But keep that tinfoil hat on. You might need it to protect you from the secret mind scanners that Mexicans agents are rumoured to be using against your shithole country.
Let me guess (Score:5, Funny)
by drinkypoo ( 153816 ) <martin.espinoza@gmail.com> on Wednesday April 03, 2019 @08:17PM (#58381442) Homepage JournalA flaw in Huawei Matebook laptops, found by Microsoft researchers, could have been used to take control of machines.
Windows 10?
- by guygo ( 894298 )Gee, what a surprise…
- I know, right? I am starting to think this company is not very reliable!
- Would you please quit playing around? We’ve got work to do.
clarification and link to the security advisory (Score:4, Interesting)
by nimbius ( 983462 ) on Thursday April 04, 2019 @09:28AM (#58383142) HomepagePathetic that slashdot has gotten to this point, but the original article has no link to any meaningful information.
in summary:– this is an exploit in a windows program written by huawei called pcmanager.
– Dell, HP, and even Lenovo have had security bugs in their software as well. The fact that this is a huawei bug means every news outlet gets to ratched up the terror factor for clicks.
– googling the name Alan Woodward returns the exact same article title at nearly 2 dozen news sites, but nothing meaningful about the guy outside of his singular report.
https://www.huawei.com/en/psir… [huawei.com]
There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.
Related Links Top of the: day, week, month.
- 477 commentsRecruiters Are Still Complaining About No-Shows At Interviews
- 447 commentsFBI Director Christopher Wray On Encryption: We Can’t Have an ‘Entirely Unfettered Space Beyond the Reach of Law Enforcement’
- 445 commentsShould Developers Abandon Agile?
- 441 commentsHackers Who Attended Black Hat and DefCon Conferences Say Hotel Security Personnel Demanded Access To Their Rooms
- 401 commentsInsect Collapse: ‘We Are Destroying Our Life Support Systems’
Slashdot Top Deals
- Get more comments
- 90 of 90 loaded
A bug in the code is worth two in the documentation.
