Get the lowest-cost and the best server colocation service in the business. Learn more.
Information Technology News.

Huawei denies that it provides backdoors in its networking equipment

Share on Twitter.

Install your server in Sun Hosting's modern colocation center in Montreal. Get all the details by clicking here.

Do it right this time. Click here and we will take good care of you!

Click here to order our special clearance dedicated servers.

Get the most reliable SMTP service for your business. You wished you got it sooner!

April 28, 2014

Chinese hardware maker Huawei said today that allegations the company provides backdoors for espionage in its communications equipment remain unproven and would be commercial suicide.

“The hypothesis that our equipment could be used for espionage by the Chinese government has never been proven,” spokesman Scott Sykes said at the company’s annual global analyst event in Shenzen.

“If it were ever proven, we would lose 65 percent of our business overnight. That would be corporate suicide,” he added.

As the world’s third largest networking equipment supplier, Huawei has raised several concerns in the internet community.

For instance, Huawei was banned from bidding for contracts for the Australian national data backbone.

But documents disclosed by Edward Snowden this year suggest that Huawei may be more sinned against than sinner. The United States National Security Agency’s ‘Tailored Access Operations’ managed to break into Huawei’s corporate servers, and by 2010 was reading corporate email and examining the source code used in Huawei’s products.

“We currently have good access and so much data that we don’t know what to do with it,” boasted one NSA briefing. Worse, the slides also disclose the NSA intended to plant its own backdoors in Huawei firmware.

A report by Britain’s Intelligent and Security Committee in 2013 was critical of British Telecom, which uses Huawei for its C21 network, for not informing ministers of its decision to use the supplier for what it regards as critical national infrastructure.

But like the U.S. Senate’s report the previous year, the committee offered no evidence of existing back doors.

“The Security Service had already told us in early 2008 that, theoretically, China may be able to exploit any vulnerabilities in Huawei’s equipment in order to gain some access to the BT network, which would provide them with an attractive espionage opportunity”, the committee reported.

Overall, Huawei now works with second and third tier phone companies in the United States. It abandoned an attempt to purchase 3Com and says that it doesn’t plan on making any acquisitions in the next ten years.

“Broadly, we have an impeccable track record with 500 telcos in over 150 countries. There's never been a security issue of any kind,” Sykes told the press. “We wouldn't be a $40 billion company if we're not good at building secure networks. It simply would not be possible. About sixty-five percent of our business is outside China,” he added.

In other IT news

Oracle has been accused of unfair competition and of breaking U.S. anti-trust laws over its Solaris support division.

The claims are made in a counter-lawsuit lodged by the Solaris Support Group, Terix, which had previously been dragged into court by Oracle for allegedly stealing the database giant's copyrighted code.

The Terix suit claims that Oracle violated California's unfair competition laws and that it attempted to operate an illegal monopoly in violation of Section 2 of the U.S. Sherman Act.

It was the same Sherman Act that the U.S. Department of Justice accused Microsoft of violating over the bundling of Windows and Internet Explorer during that company's antitrust case during the 1990s.

Terix's case has been lodged in the Northern District of California, San Jose Davison. The Terix claim states-- "Oracle's efforts include (among other things) the use of Oracle's natural monopoly over Solaris patches (including error corrections, security fixes, and other updates) and Oracle's natural monopoly over firmware for Sun/Oracle hardware to force customers to purchase software and hardware support from Oracle, even in the many instances when those customers could and would otherwise obtain superior software and hardware support from third-part service providers such as TERiX at a significantly lower cost."

"Senior Oracle personnel have not only admitted but in fact touted Oracle's intent. Indeed, at a press briefing on the day Oracle acquired Sun, Oracle's executive vice president of global customer services announced-- "We believe we should be the ones to support our customers. If you're a third-party support provider offering multivendor support, we're coming to get you," the complaint read.

According to Terix, Oracle has succeeded in undermining and weakening third party providers of software and hardware support, including Terix, by forcing customers to sign up only with Oracle.

Oracle unleashed its case against Terix and Maintech in July 2013 saying they'd stolen its copyrighted code-- Solaris patches, updates and bug fixes through their work with customers.

Oracle also accused the two companies of mis-representing themselves to customers by claiming they are allowed to support Solaris.

Oracle wants unspecified damages over copyright infringement, false advertising, breach of contract, intentional interference with prospective economic relations, and unfair competition.

Oracle saw part of its case thrown out by the judge in January, as the court ruled Terix and Maintech had not duped users by saying they were allowed to fix and update Solaris.

In other IT news

Micron said late yesterday that it's now offering a middle-of-the-road flash drive for servers.

The M-500DC uses 20nm MLC NAND, and comes in 120 GB, 240 GB, 480 GB and 800 GB storage capacities. It seems to be a reworked version of the M-500 and M-550 personal SSD products, however.

The M-500DC comes with a 6 Gbit/s SATA interface, not the fastest in these 12 Gbit/s days but still good enough for most applications.

If we tabulate the performance of these three SSDs we can see what Micron has done to make the M-500/550 server-ready.

The M-550 is an upgrade to the M-500. The M-500-DC is downgraded from the M-500 and M-550 in raw performance terms so that it can have a longer life.

That’s the optimisation that Micron has carried out as the M-500-DC has significantly slower random IOPS and sequential I/O performance than its forebears.

The M-500-DC (server version) comes in both 1.8-inch and 2.5-inch form factors. Micron says it has “EXPERT features including adaptive read management (ARM/OR), data path protection, redundant array of independent NAND (RAID), reduced command access latency (ReCAL), and NAND customisations.”

Micron says the M-500-DC is designed to withstand 24/7/365 heavy duty cycles, and can sustain two drive fills a day, every day for five years. But we don't have the MTBF (mean time between failure) rating yet.

It looks like a competently designed mid-range server SSD, and is termed affordable by Micron, although no prices have been revealed as of yet. The M-500-DC SSD is available now from Micron's channel partners.

In other IT news

Earlier today, HP has warned its customers that one of its firmware updates can accidentally crash the network interface cards (NICs) in 100 Series ProLiant Server models. The Service Pack for ProLiant 2014.02.0 can potentially kill HP Broadcom-based network adapters in G2 to G7 series servers, HP said.

A machine relying on a dead NIC is not much use at all and may very well require a motherboard swap to fix if the slain silicon is a built-in component. The affected adapters range from PCIe cards to integrated controllers.

HP's online support centre admitted that applying the firmware upgrade on some vulnerable systems could have a disastrous effect, rendering the server useless in communicating with the outside world.

"On certain HP ProLiant servers, certain HP Broadcom-based network adapters listed may become non-operational when they are updated with the Comprehensive Configuration Management firmware Version 7.8.21 using our firmware smart component, HP Smart Update Manager or the HP Service Pack for ProLiant 2014.2.0," HP warned.

It also added that, in extreme cases, such a network adapter may require a hardware replacement to fully recover the NIC.

System admins who download and install the patch on a vulnerable machine will shortly discover that the server cannot detect its own network adapter, which will be an issue to fix correctly, especially when trying to subsequently load in the replacement firmware.

For some admins, the warning HP tacked onto the service pack's web page came too late in the day-- the firmware was released on April 18, giving unsuspecting IT departments plenty of time to crash the affected servers.

Richard Brain, technical director at security firm ProCheckup says that he was advised by HP to swap out a bug-hit motherboard-- the network adapter is embedded on it, but this was not a cheap nor a quick solution to the problem.

Source: Huawei.

Get the most dependable SMTP server for your company. You will congratulate yourself!

Share on Twitter.

Need to know more about the cloud? Sign up for your free Cloud Hosting White Paper.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.