The IT Nerd

It seems that the executive order signed by Trump to keep Huawei out of the US seems to be moving forward. Word on the street is that Google has cut ties with the Chinese phone maker:

Alphabet Inc’s Google has suspended business with Huawei that requires the transfer of hardware and software products except those covered by open source licenses, a source close to the matter told Reuters on Sunday, in a blow to the Chinese technology company that the U.S. government has sought to blacklist around the world.

Huawei Technologies Co Ltd will immediately lose access to updates to the Android operating system, and the next version of its smartphones outside of China will also lose access to popular applications and services including the Google Play Store and Gmail app… Huawei will continue to have access to the version of the Android operating system available through the open source license that is freely open to anyone who wishes to use it. But Google will stop providing any technical support and collaboration for Android and Google services to Huawei going forward, the source said.

Well, the US gave ZTE similar treatment a year or two ago. And that only lasted a short time before a deal was cut to keep them alive. Is that what’s in the cards this time around? Who knows. But it’s clearly message sending time to Huawei.

Yahoo! Finance is reporting that Huawei who has been linked with Chinese spying is now willing to sign “no spy” agreements that would allow them to keep selling their gear into countries like the US, UK, Canada and others who have concerns about their potential spying activities:

“We are willing to sign no-spy agreements with governments, including the UK government, to commit ourselves to making our equipment meet the no-spy, no-backdoors standard,” Huawei chairman Liang Hua told reporters in London via an interpreter.

“Despite the fact Huawei has its headquarters in China, we are actually a globally operating company,” he said. “Where we are operating globally we are committed to be compliant with the locally applicable laws and regulations in that country.

Let’s think about this for a second. The fact that Huawei is willing to sign an agreement saying that they won’t spy on anyone…. Which to be frank shouldn’t even be a thought shows how much these spying claims have hurt the company. Having said that, while I am prepared to be proven wrong, I can’t see any nation that has concerns with Huawei taking them up on this offer.

From the “this won’t help your public image” department comes this Bloomberg story that Vodafone which is one of Europe’s largest telcos found vulnerabilities going back years with equipment supplied by Shenzhen-based Huawei for the telco’s Italian business:

While Vodafone says the issues were resolved, the revelation may further damage the reputation of a major symbol of China’s global technology prowess. Europe’s biggest phone company identified hidden backdoors in the software that could have given Huawei unauthorized access to the carrier’s fixed-line network in Italy, a system that provides internet service to millions of homes and businesses, according to Vodafone’s security briefing documents from 2009 and 2011 seen by Bloomberg, as well as people involved in the situation.

Okay. So this is from a while ago. I will give you that. But it is instructive as it shows that there is some evidence that at least some of the accusations that the US and others have made about Huawei have some merit.

Speaking of the US, the folks in Washington does not see any distinction between core and non-core parts of 5G networks and will reassess sharing information with any allies which use equipment made Huawei, a U.S. cybersecurity official said on Monday:

“It is the United States’ position that putting Huawei or any other untrustworthy vendor in any part of the 5G telecommunications network is a risk,” said Robert Strayer, deputy assistant secretary for cyber, international communications and information policy at the State Department. “If other countries insert and allow untrusted vendors to build out and become the vendors for their 5G networks we will have to reassess the ability for us to share information and be connected with them in the ways that we are today,” he said.

Clearly this is meant to pressure countries into not using Huawei gear. I guess this is being served up because of reports that the UK his given Huawei the go-ahead to supply equipment for the UK 5G data network as long as it’s in “non-core” parts such as antennas. It will be interesting to see if that decision gets reversed now that this edict is out. And now that the discovery of backdoors is more than just theory.

UPDATE: Vodafone is now denying the report… The plot thickens.

It seems that Huawei may be sending data from its new P30 Pro handset via Chinese servers without your permission. The report comes from a Taiwanese paper which talks of a handset purchased in Thailand which when tested was sending data to a Chinese server on the down low:

A brand new Huawei P30 Pro smartphone has been found to be sending queries and possibly data to Chinese government servers, without the user having signed up for any Huawei services, reported OCWorkbench.

The Facebook page ExploitWareLabs at 5:32 p.m. on Sunday uploaded a post which included a list of DNS (Domain Name System) queries being delivered behind the scenes from a new Huawei P30 Pro. A DNS query (also known as a DNS request) is a demand for information sent from a user’s computer (DNS client) to a DNS server.

In layman’s terms, it means the phone could potentially be automatically transferring user data back to cloud servers run by the Chinese government, unbeknownst to the device’s owner.

The list of DNS addresses includes beian.gov.cn, which was registered by Alibaba Cloud and managed by China’s Ministry of Public Security, according to Whois.com. Another frequently listed request was sent to china.com.cn, which was registered by EJEE Group and operated by China’s state-run mouthpiece the China Internet Information Center, according to Whois.com.

According to ExploitWareLabs, all of these queries were sent to Chinese government-run servers despite the fact that the user had not configured the phone for any Huawei services, such as Huawei ID or any Hi services.

Well, that’s not going to inspire any confidence that Huawei can be trusted. But to be fair to Huawei, the issue hasn’t been replicated on any other handsets. Though its a safe bet that people are trying to do so as I type this. I also haven’t found any evidence that Huawei has tried to spin comment on this. But they are going to have to sooner or later.

This isn’t going to help Huawei make friends and influence people. According to ZDNet, researchers at Microsoft have discovered a buggy Huawei utility that could have given attackers a easy way to undermine the security of the Windows kernel:

Microsoft has now detailed how it found a severe local privilege escalation flaw in the Huawei PCManager driver software for its MateBook line of Windows 10 laptops. Thanks to Microsoft’s work, the Chinese tech giant patched the flaw in January. As Microsoft researchers explain, third-party kernel drivers are becoming more attractive to attackers as a side-door to attacking the kernel without having to overcome its protections using an expensive zero-day kernel exploit in Windows. The flaw in Huawei’s software was detected by new kernel sensors that were implemented in the Windows 10 October 2018 Update, aka version 1809.

The kernel sensors are meant to address the difficulty of detecting malicious code running in the kernel and are designed to detect user-space asynchronous procedure call (APC) code injection from the kernel. Microsoft Defender ATP anti-malware uses these sensors to detect actions caused by kernel code that may inject code into user-mode. Huawei’s PCManager triggered Defender ATP alerts on multiple Windows 10 devices, prompting Microsoft to launch an investigation. […] The investigation led the researcher to the executable MateBookService.exe. Due to a flaw in Huawei’s ‘watchdog’ mechanism for HwOs2Ec10x64.sys, an attacker is able to create a malicious instance of MateBookService.exe to gain elevated privileges. The flaw can be used to make code running with low privileges read and write to other processes or to kernel space, leading to a “full machine compromise.”

Lovely. To be clear, this is a bug as opposed to a back door which is what everyone from national governments to security experts have accused Huawei of building into their products. But I suspect that people who are already suspicious of Huawei are going to take this and spin this as “see you can’t trust Huawei.” Having said that, I have to admit that this isn’t going to help their public image at all as it makes them look less than trustworthy.

From the “this must be really embarrassing” department comes this story about Huawei’s CFO Meng Wanzhou who is currently being detained by Canadian authorities at the request of the US on allegations of breaching US sanctions against Iran. When she got nabbed, she had a very interesting array of gear on her person:

When Canadian police arrested Meng Wanzhou at the behest of the U.S. on a Dec. 1 stopover at Vancouver International Airport, they seized her iPhone 7 Plus, a MacBook Air and an iPad Pro, according to a court filing Friday.

Keep in mind that she could easily be using a Huawei phone like a P20 Pro, a Huawei MateBook, and a Huawei tablet instead of all of that Apple gear that she was arrested with. To be fair, she did have a Huawei Mate 20 RS smartphone on her person as well. But seeing as lawyers wanted a copy of the data stored on the the Apple, and for those devices to be subsequently sealed, it’s a safe bat that the Apple gear were her daily drivers. What’s ironic about this is that Huawei flips out when anyone else who works for them is caught using Apple gear. Take this case for example. But I guess that Meng gets a free pass seeing as her dad runs Huawei. Still, this has to be embarrassing that even the CFO of Huawei doesn’t even use her companies gear and would rather use Apple gear instead.

Clearly Huawei is feeling the heat because they have built its own operating system for phones, tablets and computers in case they get cut off from the Android OS. That’s a very real possibility as Google would be required to cut them off under US law if their fight with the US escalates further. And seeing as they have Windows 10 devices in their lineup, you can likely copy and paste that for Microsoft too. The South China Morning Post has the details:

The Chinese company has developed a proprietary OS as tensions between the company and the US government could impact the availability of US-made operating systems used on Huawei devices, Huawei’s mobile chief Richard Yu Chengdong, said in an interview with German publication Die Welt.

Yu’s comments confirm an earlier report by the South China Morning Postin April 2018, which revealed the existence of a years-long project to build an alternative to Google’s Android OS. Huawei started building its own operating system after a US investigation into Huawei and ZTE Corp in 2012, a person familiar with the matter said in the report.
 
“We have prepared our own operating system, if it turns out we can no longer use these systems [Android], we will be ready and have our plan B,” Yu said in the interview.

You can’t be surprised that they have gone this route. But let’s be honest here for a second. The world is largely dominated by iOS and Android handhelds. Huawei may be able to use their own OS in China. But I would imagine that they would be pretty much ignored if they tried that elsewhere on the planet. After all, Samsung tried this with their Tizen OS and it at best has very limited success. So I cannot see how this strategy would be successful for Huawei. But good luck to them if they want to go down this road.

Huawei clearly had time to come up with new products rather than deal with their spying issues as today they unveiled their own foldable smartphone at Mobile World Congress, the Huawei Mate X. It’s a straight shot at Samsung’s Galaxy Fold and early reports say that it is better than the Galaxy Fold and way more expensive. The Mate X uses what Huawei calls a “Falcon Wing” design with a stretchable hinge that allows the smartphone to transform from a 6.6-inch OLED smartphone to an 8-inch OLED tablet. Also the display is visible on both the front and back of the device when collapsed down to smartphone view. So compared to the Galaxy Fold it has more screen real estate. The camera system includes a 40-megapixel wide-angle lens, a 16-megapixel ultra wide angle lens, and an 8 megapixel telephoto lens. There’s also a fourth camera that will be activated later. Whatever that means.

One key feature is that it comes with a 5G modem which is a big jump over the foldable phone from Samsung. A fingerprint sensor is integrated into the power switch for biometric authentication purposes, it has a 55W SuperCharge feature that lets the included 4,500mAh battery charge to 85 percent within 30 minutes.

You can score one in April for a mere $2600 USD. Affordable this is not. Check out this video from Engadget of the phone:

It seems that the UK and Germany may not ban Huawei from their respective countries despite allegations of state sponsored spying. First over to the UK:

Ciaran Martin, head of Britain’s National Cyber Security Centre (NCSC), said Britain had yet to decide on its security policy for national 5G networks, but that Huawei equipment was subject to detailed oversight and strict government controls over where it was used.

“Our regime is arguably the toughest and most rigorous oversight regime in the world for Huawei,” Martin, whose NCSC is part of Britain’s GCHQ intelligence agency, said at a cybersecurity conference in Brussels.

Asked later whether Washington had presented Britain with any evidence to support its allegations, he told reporters: “I would be obliged to report if there was evidence of malevolence … by Huawei. And we’re yet to have to do that. So I hope that covers it.”

So in the case of the UK, it’s business as usual until there’s a reason to change course. The Germans have gone further by actually considering letting Huawei in:

The preliminary decision made by a small group of relevant ministries two weeks ago is set to be discussed by leaders of Chancellor Angela Merkel’s conservative bloc at a meeting Tuesday night. Even if confirmed, it could still face opposition in her cabinet or in parliament, according to a small group of senior civil servants, diplomats and legislators who would prefer to ban Huawei on strategic and security grounds.

The government has been drafting changes to the country’s telecommunications laws—independent of the Huawei concerns—that would impose stricter security requirements on telecommunication equipment vendors, including a no-spy pledge.

A recent probe by Germany’s cybersecurity agency with help from the U.S. and other allies failed to show that the Chinese company could use its equipment to clandestinely siphon off data, according to senior agency and other government officials.

Both of these are a pretty stunning rebuke of the conventional wisdom that Huawei is a gateway for the Chinese to spy. And the fact that this is public is a problem for the US who is pushing the narrative that Huawei is evil. Let’s be clear, Huawei can hardly be considered the Archangel Gabriel of the tech industry, but the fact that the US is getting this sort of pushback is significant.