Did Chinese security firm snag too many American security secrets before the barn door closed?

Did Chinese security firm snag too many American security secrets before the barn door closed?

Summary: Just how much of Symantec's security code does and has Huawei had access to? And how much of a risk does that present to American interests?

SHARE:
TOPICS: Security
25

Let me be upfront about this: I do not trust this Huawei company. On the one hand, they could be like any other enterprise, trying to sell their products all across the world. On the other hand, they have ties to the Chinese military and keep trying to insert themselves into America's networking infrastructure.

A few years ago, they tried to buy supercomputer technology by acquiring the assets of 3Leaf Systems. They tried to acquire networking giant 3Com back in 2008. Then, in 2010, they tried to insert themselves into the Sprint Nextel network.

In each of these cases, surprisingly wise heads in the U.S. government interceded and prevented the company's incursion into our security infrastructure.

Now, you need to understand that while Huawei could be just another technology company, it probably isn't. Their CEO is a former Chinese military officer, the company has known ties to the Chinese military, and -- as we sadly know -- there's some concern about China's behavior when it comes to the United States.

See also:

Back in April, I wrote a piece expressing my concern about Symantec's joint venture with Huawei. I was very concerned that Huawei's code could find its way into all of our computers via Symantec's products (Disclosure: A long time ago, in a valley far, far away, I was an executive at Symantec).

Today, that threat may be reduced. I say "may" because there are still a lot of questions. Symantec is selling its stake in the joint venture back to Huawei.

Apparently, Symantec has chosen to distance itself from Huawei's worrisome security shenanigans and wants to cash out of the venture. Symantec employees will be reassigned. The troubling part of this story is that Symantec will be getting royalties for seven years on technology that Huawei is using. This, presumably, means that Symantec's security technology is visible and available to Huawei engineers.

And that's the crux of this entire issue: just how much of Symantec's security code does and has Huawei had access to? And how much of a risk does that present to American interests?

It remains a troubling relic of an ill-fated and ill-considered venture.

Articles on this from around the net:

I'll leave you with one final thought. Huawei sells a line of network security appliances in America. Don't. Buy. Them.

Thanks go to reader Dwight Kunder who pointed out this news to me this morning, just as I was having my first cup of coffee.

Topic: Security

About

David Gewirtz, Distinguished Lecturer at CBS Interactive, is an author, U.S. policy advisor, and computer scientist. He is featured in the History Channel special The President's Book of Secrets and is a member of the National Press Club.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

25 comments
Log in or register to join the discussion
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    Spot on. Appreciate you conveying this concern to those who might understand it. Marty Young, Ct. USA
    mustang335ahc
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    Yeah, I've already dumped Symantec and installed free Microsoft Security Essentials.
    UseYourHead
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @UseYourHead

      Woops, you exchanged a useless paid anti-virus for a useless free anti-virus.
      Scarface Claw
      • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

        @Scarface Claw

        MSE isn't useless, it works. I've personally seen it catch some "Drive by" crap in a VM that I created just to visit some known "drive by" websites to see what happens and if it would work.

        Remember, the only really safe computer is one that's turned off.
        PollyProteus
  • Symantec had secrets?

    Even their current products will happily without warning let in 2 year old virus/spywares. Just to make you feel better their software asks if (place ms exe here) should be allowed to access the internet or make changes. You would think the firewall would have been 'preprogrammed' with the usual stuff.
    Net-Tech_z
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    You should never trust a China company, especially in this case. Thats all.
    phankhanhhung@...
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    You shouldn't even be asking yourself how much you trust them. The fact is, they engaged in behavior that puts your data at risk, they are run by a member of that country's military, and they are a company in a country known to engage in computer espionage and sabotage.

    You can't trust the chinese on I.T. issues any more than you can trust the current American President not to issue an order for your death if he thinks you're a terrorist.
    Dr_Zinj
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @Dr_Zinj ,,, Uhh, don't look now, but it's not the prez putting out those orders, lol!
      tom@...
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    Your concern about Huawei is of course not unfounded, I'm sure cyberespionage between countries are rife, but put yourself in China's shoes, while you worry about lttle Huawei, they see a large US company entering virtually every single home in China by deliberately allowing pirated versions of their software to be used (when they can technically easily disable every PC that uses their software, as demonstrated by their sometimes use of warnings and black screens). Who can say whether any sleepers are placed in this software to be activated against China...
    (See how conspiracy theories can always justify themselves?)
    Wmou
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @Wmou I am not sure that this is a fair point.<br><br>- The Chinese military is not a branch of the state of China but of the Chinese Communist Party.<br><br>- The Chinese legal system is not a branch of the state of China but of the Chinese Communist Party.<br><br>So, whatever the party, the military and their associates do is per definitionem legal in China. They do not have to adhere to laws. They are the law.<br><br>The scenario that you describe would be illegal for a US company. <br><br>Many big telco providers use Huawei products to build their LTE networks.<br><br>What if the party/military decides one day that it is no more legal to support network functions in countries with which they have an issue? Then remotely switch off routers, switches etc.?<br><br>Or if they decide that certain web pages are too much driven by topics like democracy and basic human rights and are therefore illegal to read? Then use their hardware to block these pages? <br><br>So, yes, both sides can do that. But only in China, this would be considered as legal.<br><br>Good read, by the way: <a href="http://www.fas.org/irp/world/china/docs/const.html" target="_blank" rel="nofollow">http://www.fas.org/irp/world/china/docs/const.html</a>
      oliver@...
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @Wmou Seeing how Microsoft gave China and Russia the source code to Windows they know there is no backdoor off switch in it. But at the same time we have already found backdoors and off switches in some products from China, i think they were fake versions of network switches. Why would they not also put them in their "legit" products.
      sysop-dr
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @Wmou

      Uh, apparently, you weren't paying attention. Microsoft DID try remotely detecting and shutting down "pirated" copies of software. I don't know why you think such a thing is easy? Detecting hardware changes? Do you have any idea how many millions of enterprise systems are virtualized?! Microsoft globally harmed their credibility and image in a desperate and futile attempt to curtail piracy of Windows XP. The assertion that they leak their OS in the first place is absurd.
      tkejlboom
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @Wmou ,,, Yeah, and MS showed them three different ways to do it! If it stops piracy, regardless of how it's done, GOOOODDD!!!!!

      Block .cn; it won't stop it all, but it'll stop most of their gibberish.
      tom@...
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    Folks, I have worked in China and gotten to know a few people in government and China's goals have never changed. World domination. They don't care if that is done with bullets, bits or dollars as long as they achieve their goal.
    NoAxToGrind
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    @mlev
    US airforce vs China airforce
    US Navy vs China (almost non-existent)navy
    US missiles vs China missiles..
    must be twenty year gaps in all cases?
    Wmou
    • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

      @Wmou

      The threat isn't of a direct invasion of Hawaii. The threat is that they wreak havoc in India and Pakistan via Kashmir. They can create economic instability by tinkering with the capital investment in countries like Greece. Remember when they fired missiles at Taiwan, just to prove that they could? In the past, they've backed North Korea. They could easily do harm to South Korea.

      U.S. interests are global interests. This is a good thing. We should be concerned for a fellow human beings. It makes for a better world. We should also look askance and those that think that they themselves and anyone else who has been born in a particular region is superior to those humans born somewhere else. We should look askance at such people whether they be in China or Texas.
      tkejlboom
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    @scarface claw
    and these yellow peril army will walk across the Pacific Ocean to attack the US?
    Modern warfare is all about hardware and Info-technology, all areas where the extremely militant USA is the single far away leader ahead of any other country including Russia and China.
    Wmou
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    It is about time this country wakes up. Most of the American work has gone to China and where has this left the American worker? China is a communist country so why did our leaders let China take our jobs away. China cannot be trusted with a ten foot pole let alone turn your back with them. To all those Americans with no jobs - Wake up and start voting for leaders that will support you the citizen and buy only what you have to from China.
    marlorcomp
  • RE: Did Chinese security firm snag too many American security secrets before the barn door closed?

    @Wmou
    USA population?
    China population?
    redbear2
  • USB Dongles mean the horse is already gone.

    Don't a lot of Americans use "mobile data dongles"? And aren't those usually made by either Huawei or ZTE (both chinese). The software ("drivers" if you choose to believe that) comes straight off the device. Full access to inbound and outbound traffic (and potentially, disk access).
    peter_erskine@...