US Senator tables bill to ban intelligence sharing with Huawei friendlies

The Republican Senator for Arkansas, Tom Cotton, has tabled a bill which would ban US agencies from sharing data with countries do not ban Huawei.

With the UK reportedly on the verge of making a decision on whether Huawei should be allowed to sell network infrastructure equipment to its telcos, the US has once again piled on the pressure. Cotton, one of the more actively-aggressive politicians towards China, has introduced a bill which would ban US agencies from sharing information with Governments which have given the greenlight to Huawei.

“The United States shouldn’t be sharing valuable intelligence information with countries that allow an intelligence-gathering arm of the Chinese Communist Party to operate freely within their borders,” Cotton said.

“I urge our allies around the world to carefully consider the consequences of dealing with Huawei to their national interests.”

While there has been numerous promises to end intelligence sharing agreements to those governments who do not follow the US lead, this is the first official step towards making the threat a reality. This is the strongest statement made by the US to date directed towards European allies who have thus far refused to ban Huawei from providing equipment for 5G networks.

With many European telcos having already signed memoranda of understanding (MOU) or commercial contracts with the under-fire Chinese firm, this proposal from Cotton will certainly raise a few eyebrows.

Country Telcos with relationship with Huawei
UK Three, Vodafone, EE
Germany Deutsche Telekom, Telefonica Deutschland
Switzerland Sunrise
Bahrain VIVA
Austria T-Mobile Austria
Spain Telefonica
Indonesia Maxis
South Korea LGU+
UAE Du
Finland Elisa

Huawei has stated it has now signed more than 50 commercial 5G contracts with telcos around the world, though not all customers have been named to date. The firm has said 60% of these contracts are with European telcos. This will present numerous headaches from an intelligence and national security perspective.

Alongside the named customers, various countries have also suggested they would not ban Huawei. India, Italy, France and Norway are amongst these countries without having a telco in a named 5G relationship with Huawei.

Interestingly enough, the proposed bill only mentioned 5G equipment. Those telcos who have purchased equipment from Huawei for their 3G and 4G networks will not necessarily have to go through the expensive rip and replace process, unless the wording of the bill is changed as it progress through the various branches of US Government. There might be requirements from a backwards compatibility perspective, but this has not been included in the wording of the bill.

For countries like the UK or Germany, allegiances and confidences will be tested, as the US once again attempts to bully allies into line.

Although this could be viewed as the most serious threat to Huawei’s business to date, it is always worth noting that this could backfire quite spectacularly for the US. Although Governments will rely on the US for intelligence, the same dynamic works the other direction. Should the bill pass to law and should the US’ allies continue to ignore its demands, the US will find itself very isolated in the intelligence community.

One of the differences between the US and other nations seems to be the way the network is viewed. Some countries, the UK and Germany for example, view the network as having intelligent segments (the core) and ‘dumb’ ones (radio and transmission). One possible solution to the Huawei conundrum has been to allow Huawei products in the ‘dumb’ segments of the network but not the intelligent ones.

Some might believe that risk can be mitigated should Huawei be allowed to contribute to the ‘dumb’ segments of the network, though these semantics are largely irrelevant if the US views the network as a single entity. If this bill passes, it is Huawei or no Huawei, no compromises.

US Government says UAE is spying now as well – report

The US Government is now allegedly suggesting the United Arab Emirates (UAE) is using a popular messaging app to spy on individuals around the world.

According to the New York Times, Government officials have suggested the UAE Government is using a new messaging app known as ToTok to snoop on individuals. Citing classified briefings from current and former intelligence employees, as well as its own analysis, the NYT is suggesting the app can be linked to DarkMatter, a cybersecurity company some has said is a front for UAE intelligence activities.

Although the app is only a couple of months old, it has proven to be very popular around the world partly thanks to it not being subject to the same geographical restrictions as WhatsApp and Skype. It has risen through the ranks and has a huge number of positive reviews, fuelling the increasing popularity of the app.

The app itself is interested in quite a broad range of information, most notably the devices address book, location of the user and content of conversations including images and videos which have been shared. It doesn’t seem to dig deeper into other features of the devices, but this is more than enough information to keep intelligence agencies happy for the moment.

And while it is not uncommon for the US Government to shout and scream about foreign Governments spying on its citizens without proof, this seems to be a slightly different case. Both Google and Apple have now removed the app from their own app stores. There will of course be ways and means to download the app, though these are the simplest routes.

This is an important aspect of the story. Google and Apple are both money-making machines. These are companies which are not drawn into the isolationist and ‘patriotic’ cries of the US Government. The propaganda is usually ignored if there is an opportunity to create profit, though the fact the duo have dropped the app suggests there is some credibility to the claims.

Vodafone looks to Google to enhance intelligence game

Google has announced it has won out to host Vodafone’s strategic cloud platform for data analytics, business intelligence, and machine learning.

The intelligence platform, known as Neuron, allows the company to utilize real-time data analytics. It is one element of the digital transformation journey aimed at putting data as the keystone of operations. The Google Cloud Platform will be used to bring multiple data sources into a standardized format, as well as migrating Vodafone’s existing software to the cloud.

“We’re in an era of businesses leveraging the cloud to reinvent themselves and create entirely new offerings and services,” said Thomas Kurian, CEO at Google Cloud. “We’re excited that Vodafone has decided to leverage Google Cloud to ensure they successfully make the journey of business transformation.”

Vodafone might be the centre of the story here, though it is hardly alone in shifting data processing and storage away from owned-premises into partner data centres. Telecom Italia is another which is working with Google, though there are several cloud companies fighting to secure contracts with the telcos, which should be viewed as lucrative customers.

The Neuron initiative is an effort from Vodafone to embed more intelligence capabilities at the core of the business. Not only does this enable the team to offer a broader portfolio of services, but it will also ensure cost-efficiencies and proactive processes are realised for internal benefits, such as increased subscriber retention.

Intelligence is not a new concept for Vodafone, though bringing in the Google team will certainly add some more tools. On the customer experience front, Vodafone has been surging forward with the application of artificial intelligence with TOBi, a virtual assistant which not only interacts with customers to save phone calls, but aids customer service agents by presenting the most relevant information and making recommendations in real-time.

The telco industry has been slow to embrace the intelligence era, slow in comparison to the likes of Big Tech at least, though it does seem to be making progress.

With roughly 3.3 billion smartphones in use around the world, the telcos have access to a ridiculous amount of information to help in areas such as preventing customer churn, improving quality of service, targeted marketing, predictive maintenance and network planning. This data is available, they just need to figure out how to use it.

Huawei all smiles with $1.5bn developer plug amid the chaos

At its Connect Conference in Shanghai, Huawei executives attempted to put themselves on the front-foot with a $1.5 billion commitment to lure developers into its computing platforms.

This is one of the more notable challenges the business will face if it has to shift over to new operating systems. The technology might be fantastic, but if there isn’t the developer community and application ecosystem to back it up, there is little value. This is a massive consequence of Huawei’s entry onto the US Entity List, banning it from working with US suppliers, and should not be under-estimated.

The smartphone is the most obvious area to discuss, but there are others such as PCs and the developing IOT ecosystem. If Huawei is banned from using popular operating systems in these areas, its own version, Harmony OS, will have to suffice. If Harmony OS is to succeed, it needs developers to create products and applications which are compatible with it. With the additional funds, Huawei is aiming to increase the pool of developers it works with from 1.3 million to 5 million.

Looking at the rumours with the latest flagship smartphone, the Mate 30, it has been suggested the device will be delivered without any Google applications pre-loaded on the device. We’ll all find out in a matter of hours, though Huawei seems to be getting around the ban by including an open-source version of the Play Store on the device. This is not a long-term solution for Huawei, but it might suffice while it works on making the Harmony OS software and ecosystem battle-ready.

This is of course only one element of the Huawei business strategy moving forward. It is anticipating aggressive growth in the ‘Intelligence’ segment, and it does appear its enterprise business is going to get a supercharge moving forward.

This would appear to be a very sensible move for Huawei, as while it has dominated the network infrastructure market and made significant progress for consumer devices, it is little more than an ‘also-ran’ for enterprise. With numerous businesses becoming increasingly driven by digital models and technology, as well as the telcos aggressively promoting the promise of connectivity for future fortunes, there is a significant opportunity for growth.

“In terms of Huawei’s investment, they’re equally important,” Rotating Chairman Ken Hu said. “In the past, we mostly talked about connections. Today I’d like to focus on computing.”

If you are talking about autonomous driving, astronomy, and weather forecasting, the demand for compute power is only going to increase. Intelligence is going to be embedded on an increasingly large number of products moving forward, not simply limited to the cloud. And soon enough, the computing ecosystem is going to have to be a lot more collaborative.

All of these areas offer a lot of promise for those who can create solutions, cost effectively, to enable businesses to make money in the digitally-defined economy. For Huawei, this means new products in the semiconductor market, shifting to a more virtualised business model, opening up hardware products for customisable solutions and creating an opensource ecosystem to back-up the business.

Anyone reading these comments from Hu might think the business has just given up on telecoms infrastructure due to pressure from the US. This will never be the case, but often enough pressure forces innovative companies to find new ways to make money. We suspect this is the case at Huawei.

‘Five Eyes’ align security objectives but where does this leave Huawei?

After a meeting in London, the members of the ‘Five Eyes’ intelligence alliance has released a communique to reinforce the relationship and outline quite generic objectives.

As with all of these communiques, the language sounds very impressive, but in reality, nothing material is being said. In this document, the UK, US, New Zealand, Australia and Canada have committed to countering online child sexual exploitation and abuse, tackling cybersecurity threats and building trust in emerging technologies.

Although nothing revolutionary has been said, the reinforcement of this alliance leaves questions over Huawei’s role in the aforementioned countries.

“There is agreement between the Five Countries of the need to ensure supply chains are trusted and reliable to protect our networks from unauthorised access or interference,” the communique reads. “We recognise the need for a rigorous risk-based evaluation of a range of factors which may include, but not be limited to, control by foreign governments.”

Government officials will never be so obvious as to point the finger at another nation, at least not most of the time, but it isn’t difficult to imagine who this statement is directed towards.

So where does this leave Huawei? Banned in Australia and the US, denied work in New Zealand and on thin ice in Canada. The only market from the ‘Five Eyes’ where is does not look doomed is the UK. But can the other members of the intelligence club trust the UK while Huawei is maintaining a presence in the country’s communications infrastructure?

The US has already spoken of withholding intelligence data should the partner nation allow Huawei to contribute to 5G networks, and this alliance is already very anti-Huawei. In re-affirming its position to the alliance, the UK is certainly sending mixed messages only a week after a statement which suggested Huawei might be safe.

Of course, this might mean very little in the long-run, but it is another factor which should be considered when trying to figure out what Huawei’s fate will actually be.

For its own part, Huawei is doing as much as possible to disprove collusion and security allegations. Aside from the cybersecurity centres opened to allow customers and governments to validate security credentials, it has recently signed up to the Paris Call.

“The quest for better security serves as the foundation of our existence,” said John Suffolk, Global Cyber Security & Privacy Officer at Huawei. “We fully support any endeavour, idea or suggestion that can enhance the resilience and security of products and services for Governments, customers and their customers.”

The Paris Call is an initiative launched by the French Government in November 2018. It is a call-to-action to tackle cybersecurity challenges, strengthen collective defences against cybercrime, and promote cooperation among stakeholders across national borders. To date, 67 national governments, 139 international and civil society organizations, and 358 private-sector companies have signed up to the collaborative initiative.

Although we are surprised it has taken Huawei so long to sign up to the initiative, it is another incremental step in the pursuit to demonstrate its security credentials and build trust in the brand.

Even with this commitment from Huawei, you have to question how the UK can continue to be a member of the ‘Five Eyes’ alliance and work with the Chinese infrastructure vendor. The concept of the alliance is to align activities and this communique talks about managing risk individually but also about supporting the efforts of other partners.

It does appear the UK is attempting to have its cake and eat it too. We suspect there will be pressure on the newly-appointed Prime Minister Boris Johnson to fall into line before too long, and it will be interesting to see how the newly formed Cabinet manage expectations externally with international partners and internally with British telcos who rely on Huawei.

Virgin Media gives some smarts to wifi

Virgin Media has unveiled a new, ‘intelligent’, router which it claims will bring faster speeds to more areas of the home.

With the telco world becoming increasingly utilitised, and advertising authorities rightly cracking down on the ‘creative’ marketing claims, new ideas will certainly be needed to capture the attention of the increasingly demanding consumers. And in fairness to Virgin Media, this is not a bad attempt.

“Delivering ultrafast broadband to help make Britain faster is what we do best at Virgin Media but making sure this translates into reliable in-home connectivity is just as important,” said Richard Sinclair, Executive Director of Connectivity at Virgin Media

“Intelligent WiFi will allow our customers to make the most of their broadband while also helping to easily overcome any connectivity conundrums around the home. With families using more devices than ever before, it’s vital they can all be online whenever needed. Whether it’s streaming UHD movies on Netflix, playing the latest games online or video conferencing, Intelligent WiFi has your back.”

Starting with the intelligence side of the router, should the software work the way it’s supposed to, this could prove to be a very interesting addition. Firstly, Channel Optimisation allows the router to choose the least congested channel to decrease the likelihood of traffic jams. Secondly, a Band Steering feature allows devices to switch between 2.4GHz or 5GHz frequency to optimise performance. Finally, Airtime Fairness suggests bandwidth will be allocated between devices depending on the demands of that device.

The term ‘intelligence’ is thrown around relatively flimsily nowadays, though should the performance of these features be at the desired level, this could prove to be a very useful product.

 

And while the ‘intelligence’ aspects are more likely to enthuse those consumers who are more geekily orientated, a new app to manage the wifi experience is answers a lot of the simple bugbears and first-world problems of connectivity.

One example is sharing wifi passwords. It might not seem like a revolutionary idea but being able to log into the app and simply send the wifi password to a friend or guest will save customers from the inevitable digging around behind the TV. This is not necessarily a feature which will win customers for Virgin Media, but enough of these little quirky features will improve the customer experience and loyalty.

Another area which the app addresses is ubiquitous connectivity. Being connectivity everywhere and all-the-time is a necessity nowadays, though consumers are becoming increasingly cash conscious. Through the app, Virgin Media customers can now connect to any Virgin Media wifi hotspots, of which there are 3.5 million around the UK.

Most importantly for Virgin Media, this take the brand outside of the customers home, and allows the company to support customers through the entire day. This is Virgin Media adding value into the customer’s lives, going beyond the assumed perimeters of a home broadband provider.

“UK consumers have an insatiable appetite for data across a wide range of devices that will continue to grow over time,” said Paolo Pescatore of PP Foresight. “As well faster download speeds, consumers want a better and reliable connection in all parts of their home. This is starting to be a highly sought after service among users.”

BT has been playing in this market for some time, which offers Virgin Media a blueprint for success. Patchy performance and an irritating log-in process perhaps gave the BT wifi play a bad name, though progress has been made across the public wifi space in recent years. Hopefully Virgin Media will have learned these lessons.

With connectivity increasingly heading towards the dreaded limitations of utility, it is becoming increasingly important for telcos to prove they can add value to other aspects of the customers life. This is certainly an interesting play from Virgin Media and should the features work, Virgin Media goes some way in proving it is more than just a utility.

Maybe the Chinese espionage rhetoric is more than political hot air

Evidence has reportedly been found of China spying on more than 30 US companies, suggesting the anti-China rhetoric might be more than political posturing.

To date, little hard evidence has been displayed in the public domain regarding Chinese espionage, but that might be about to change. According to Bloomberg, a three-year old investigation has uncovered tiny microchips nestling on the motherboards of servers used not only in private corporations, but Department of Defense data centres, the CIA’s drone operations, and the onboard networks of Navy warships. These chips can be traced down the supply chain to a Chinese subcontractor used by SuperMicro.

While espionage has focused on locating and exploiting vulnerabilities in software in recent years, compromising hardware can be more effective. It is more difficult to do, but due to the life-cycle of these products, it can be longer until the issue is uncovered. Compromising hardware can be done in two ways; firstly, devices can be manipulated when on-transit between the supplier and the customer, or the nefarious activities can be conducted at the beginning of the manufacturing process. This is an example of the latter.

The microchips were first discovered after Amazon sought to acquire a company called Elemental. Elemental makes software for compressing massive video files and formatting them for different devices, but also provides expensive servers for customers installed on their sites to handle the video compression. These servers were assembled by SuperMicro, which in turn outsourced some processes to the Chinese subcontractor. These microchips allowed the controller to create stealth doorway into any network that had servers hooked up to it.

To conduct this sort of espionage is incredibly difficult. Not only does the microchip need to be small enough to avoid detection, and powerful enough to perform the desired actions, implanting the device would require an intimate knowledge of the products design. Considering how much of the worlds telecommunications manufacturing is done in China, the country is in an incredibly unique position to master the complex and intricate task. Sources states the microchips were inserted by operatives from a unit of the People’s Liberation Army, the armed forces of the People’s Republic of China and Communist Party of China.

Amazon has stated it had no knowledge of such a saga, though Bloomberg notes this is contradicted by its own sources. While the scale of such espionage activities are unknown for the moment, it is believed more than 30 companies could have been victims, including Apple which had planned to purchase servers from SuperMicro as part of the companies data centre expansion plans.

For the US government, this might just prove to be the justification it needs to chase Chinese companies off the shores. It has been battling to rid the country of Huawei and ZTE, though as little evidence has been released to the general public, a sceptic might suggest this was little more than anti-communist propaganda.

Unfortunately, this might simply compound the pressure which is being applied to China, instead of creating a resilient security framework. A whitepaper from the Rural Broadband Alliance entitled Domain5 suggests a supply chain can be compromised at any point and concentrating on one country might not be the best solution. Operatives are capable of infiltrating a manufacturing plant, in theory, irrelevant as to where it is, therefore concentrating too intently on one country might weaken the security protocols elsewhere.

This should not undermine what is perhaps the most damning evidence of Chinese espionage in recent years however. Various intelligence committees and sub-committees have pointed the finger of dodginess at China for years, though this is the most compelling evidence which we have seen.

5G could open us up to digital terrorism – GCHQ

Connecting our toothbrush to the internet might sound like a futuristic dreamland, but are we fast becoming the architects of our own downfall.

Writing for the Sunday Times, Head of GCHQ Jeremy Fleming has aired his concerns about the digital economy. Yes, it has the potential to create a sophisticated and efficient society with opportunity for all, but also runs the risk of a new form of danger with terrorists hijacking the very same 5G networks which are supposed to make our lives so wonderful. He even managed to drop China in, hinting at the threat of allowing the country to provide the majority of our critical communications infrastructure.

“They will transform healthcare, create smart, energy-efficient cities, make work lives more productive and revolutionise the relationship between business and the consumer,” Fleming writes. “But they also bring risks that, if unchecked, could make us more vulnerable to terrorists, hostile states and serious criminals.”

While it might sound very doom and gloom, Fleming is of course correct. The internet is a scary place with dark corners. New ideas are created every single day, some of them are a force for good, some of which will be utilised by nefarious individuals. The more light which is shed into these unexplored corridors of the web, the more we realise how exposed we are.

Unfortunately, Fleming is raising an argument which is not original; incorporating security into the building blocks of services and products, not simply treating it as an add-on. This should be the approach for making the digital economy secure, though this is rhetoric which we have been hearing for years. The more often it is said, the less impactful it becomes. Perhaps we are blindly wandering down the path to destruction purely because it is easier than tackling the difficulties of making consumers secure.

Another interesting point is collaboration. Again, this is not a new argument, but Fleming seems to be attempting justification for increased access to our digital lives. Using friendly words such as ‘collaboration’ or ‘public debate’ and ‘open co-operation’ should not put a smile on the face of an campaign which has been going on for years.

“We believe some principles allowing industry and governments to demonstrate responsible access that protects privacy are within reach,” Fleming states. “These do not require unfettered access for governments through so- called ‘back door’ or global ‘skeleton key’ schemes. But they do require public debate and close, open co-operation and agreement with technology companies. And when these solutions exist, they also require modern legislation and strong oversight to maintain public confidence.”

Fleming is right though. There does need to be a mechanism to ensure intelligence and police services can ensure our safety, but there is yet to be a sensible solution which offers security, accountability and justification. Last year, former Home Secretary Amber Rudd tried to scare us into submitting to government snooping by suggesting paedophiles use the same services as you and me. It didn’t work, though current Home Secretary Sajid Javid is yet to reveal his ambitions here. The encryption debate has been too quiet in recent months, perhaps another onslaught is on the horizon.

The dark corners of the web are full of nightmares which we are yet to discover. By connecting everything, we are making the digital dream a reality, but exposing ourselves more than ever before.