Huawei: Should you put it in your data center?

Moderated by Larry Dignan | October 15, 2012 -- 07:00 GMT (00:00 PDT)

Summary: A U.S. House of Representatives report says no. But is this a question of security or competition?

Robin Harris

Robin Harris

Yes

or

No

David Gewirtz

David Gewirtz

Best Argument: No

21%
79%

Audience Favored: No (79%)

The moderator has delivered a final verdict.

Opening Statements

America needs strong competition

The House Committee's report is merely a Republican effort to look serious while pimping dollars from Cisco. It's Republicans who are blocking rules for corporate cyber security.

Locking out Huawei and ZTE from the American market is bad for competition, bad for America, and bad for relations between the world's #1 and #2 economies. Only by integrating China into the world economy do we give them incentive to behave.

Companies are penetrated every day who don't have Huawei or ZTE. Cisco's bloatware is a standing invitation for hacking.

This isn't an all-or-nothing game. Huawei and ZTE should fund a US security lab, staffed by Americans with security clearances, to beat up their gear and test for backdoors. ALL large companies have Chinese R&D. The Chinese already have access to America's latest and greatest.

America needs strong competition in network gear. Cisco is praying we don't get it.

No reason to take a chance

What value do you place on your security and the security of your customers? That's really the question we're asking. I suppose it's possible that Huawei is a perfectly legitimate company. However, the House Intelligence Committee, acting with rare bipartisan agreement, recently warned against buying gear from Huawei and ZTE.

Huawei was started by Ren Zhengfei who, as a former member of the Chinese military, was responsible for Chinese military telecommunications research. Huawei has sparked concern not just within the American government, but also in the governments of India and the U.K.

Because there are so many American technology providers who offer such exceptional equipment and services, there's absolutely no reason to take a chance on a highly-suspect vendor. Doing so puts your own data and that of your customers at risk. It may also prevent you from closing deals with customers unwilling to take a chance that your gear contains some kind of nasty Trojan Horse originating from a company initially funded by the Chinese government.

Talkback

44 comments
Log in or register to join the discussion
  • watch the smart guys at work

    FX already found and demonstrated serious buffer overflow holes in Huawei routers at the July DefCon. Fortunately foolish misinformed types like Harris who spout their ignorance all over the internet are not running this show.
    Stroyde
    Reply 1 Vote I'm for No
  • How I wish that were true...

    "Only by integrating China into the world economy do we give them incentive to behave."

    Oh how I wish that were true.
    CobraA1
    Reply 3 Votes I'm Undecided
    • Robin mentions that

      "Huawei and ZTE should fund a US security lab, staffed by Americans with security clearances, to beat up their gear and test for backdoors.should fund a US security lab, staffed by Americans with security clearances, to beat up their gear and test for backdoors."

      Good question - why haven't Huawei and ZTE offered that up? Are they afraid of something?
      William Farrel
      Reply Vote I'm Undecided
    • Thanks to melamine, lead, drywall,

      slave labor conditions, and a list as tall as the Empire State Building, the history of China's inclusion has not been anywhere near what the rainbow unicorn peddlers have suggested. China has not behaved, and who is responsible - their government, their companies and the management (since workers who don't do what management says are "insubordinate"), or anything or anyone else...
      HypnoToad72
      Reply Vote I'm Undecided
  • Email Links

    Any chance you can fix the links in the zdnet emails? The one for this debate just goes to the zdnet home page. Same with the previous debate as well.
    DJL64
    Reply Vote I'm Undecided
    • Must be because of a ...

      Chinese router!
      Bradish@...
      Reply Vote I'm Undecided
      • Hungry...

        I just had a Chinese router an hour ago and now I'm hungry again.
        gribittmep
        Reply Vote I'm Undecided
  • Keep your friends close

    and your enemies closer!
    ElTel
    Reply Vote I'm for Yes
  • To many GOOD American companies out there like Enterasys to bother with ZTE

    They may be great products but there are to many GOOD American companies out there. Companies like Enterasys/Siemens who have a great enterprise security network platform to bother with anything questionable at this point.
    dwayneair@...
    Reply Vote I'm for No
    • Oy...

      Now hold on here. This debate is not touching on key issues here. They barely referenced the actual report, and at least half of this debate is them taking shots at each others remarks.

      Also, David calls for Hauwei to be moved to completely open source. I doubt Cisco or other competitors would ever do that, so why should they?

      Stryode, get real! That is an exploit, its going to be pretty tough for you to convince me that an EXPLOIT was put there purposely as a backdoor (esp, a buffer overflow). I mean, Windows has issues every time a new patch comes out, yet I don't see you questioning them.

      I don't see you questioning Cisco Safeharbor for telling me NOT to update to a certain patch to ensure my network setup is stable.

      It appears that once again the public can't distinguish GOVERNMENTS from CORPORATIONS. Yes, China is quite heavy handed in dealing with their own corporations as well as external corporations. But how many companies over here do research for the US government? How many former military men and cops are in high positions in the IT world in the US? How many corporations would fold if the government asked for information?

      I agree with Robin, and add my own information:

      It is a security professionals JOB to ensure that everything they put on their network is safe. NOT THE COMPANY THEY BUY FROM.

      Also, it is a security professionals job to assume anything that is untested is unsecure.

      Simple as that. It doesn't matter what company it came from, or what country. If your allowing compromised products on your network, your not doing your job. And sure, as scary as it sounds for an entire network to fall into the hands of the Chinese at the click of a button, use your technical knowledge and remember how improbable it is.
      Theory5
      Reply 1 Vote I'm Undecided