Daily Archives: 2019-04-30

Bloomberg alleges Huawei routers and network gear are backdoored

Source: Ars Technica

Article note: Hiding behind Hanlon's razor (let's go with the modified "Any sufficiently advanced incompetence is indistinguishable from malice"): We _genuinely can't tell_ if internet connected garbage is insecure because it's garbage, or because it's backdoored.
5G Logo in the shape of a butterfly.

Enlarge / PORTUGAL - 2019/03/04: 5G logo is seen on an android mobile phone with Huawei logo on the background. (credit: Omar Marques/SOPA Images/LightRocket via Getty Images)

Vodafone, the largest mobile network operator in Europe, found backdoors in Huawei equipment between 2009 and 2011, reports Bloomberg. With these backdoors, Huawei could have gained unauthorized access to Vodafone's "fixed-line network in Italy." But Vodafone disagrees, saying that while it did discover some security vulnerabilities in Huawei equipment, these were fixed by Huawei and in any case were not remotely accessible, and hence they could not be used by Huawei.

Bloomberg's claims are based on Vodafone's internal security documentation and "people involved in the situation." Several different "backdoors" are described: unsecured telnet access to home routers, along with "backdoors" in optical service nodes (which connect last-mile distribution networks to optical backbone networks) and "broadband network gateways" (BNG) (which sit between broadband users and the backbone network, providing access control, authentication, and similar services).

In response to Bloomberg, Vodafone said that the router vulnerabilities were found and fixed in 2011 and the BNG flaws were found and fixed in 2012. While it has documentation about some optical service node vulnerabilities, Vodafone continued, it has no information about when they were fixed. Further, the network operator said that it has no evidence of issues outside Italy.

Read 9 remaining paragraphs | Comments

Posted in News | Leave a comment

UK to give iPads to all incoming freshmen this fall

Source: Kentucky.com -- Education

Article note: "UK to spend 1.5 million of students' tuition dollars to lock our freshmen into Apple's roach-motel ecosystem." It could be worse on the privacy invasion front but ...really? iPads? At least the press release says they're including "an Apple Smart Keyboard and an Apple Pencil" so it isn't _purely_ a consumption device, even if it isn't quite a full function computer.

All incoming University of Kentucky freshmen will be given an iPad as part of a partnership with the Apple corporation, officials announced Tuesday. “This is all about student success,” said … Click to Continue »

Posted in News | Leave a comment