There was a time when America and Russia, the world’s two great superpowers, were obsessed with nuclear weapons technology. Today the flashpoint is between the US and China, and it involves the wireless technology that promises to connect your toaster to the web.
The two countries are embroiled in a political war over the Chinese telecommunications company Huawei. The Americans have recently stepped up long-standing criticisms, claiming the tech giant has stolen trade secrets and committed fraud, and that it has ties to the Chinese government and its military.
The company denies the charges and has sought to defend its record on privacy and security. Meanwhile, US allies including Great Britain, New Zealand, Australia, Canada, Germany, and Japan have all either imposed restrictions on Huawei’s equipment or are considering doing so, citing national security concerns.
Behind the headlines, though, the spat is really about the coming wave of networking technology known as 5G, and who owns it. America is clearly worried about losing its edge both in terms of technology and in terms of control.
Here are five things that need to be known about the technology and its role in the tensions.
1. What is 5G?
Rather than a protocol or device, 5G refers to an array of networking technologies meant to work in concert to connect everything from self-driving cars to home appliances over the air.
It is expected to provide bandwidth of up to 20 gigabits per second — enough to download high-definition movies instantly and use virtual and augmented reality. On your smartphone.
The first 5G smartphones and infrastructure arrive this year, but a full transition will take many more years.
2. Why is it better?
5G networks operate on two different frequency ranges. In one mode, they exploit the same frequencies as existing 4G and Wi-Fi networks, while using a more efficient coding scheme and larger channel sizes to achieve a 25% to 50% speed boost. In a second mode, 5G networks will use much higher, millimeter-wave frequencies that can transmit data at higher speeds, albeit over shorter ranges.
Since millimeter waves drop off over short distances, 5G will require more transmitters. A lot of them, sometimes just a few dozen meters apart. Connected devices will hop seamlessly between these transmitters as well as older hardware.
To increase bandwidth, 5G cells also make use of a technology known as massive MIMO (multiple input, multiple output). This allows hundreds of antennas to work in parallel, which increases speeds and will help lower latency to around a millisecond (from about 30 milliseconds in 4G) while letting more devices connect.
Finally, a technology called full duplex will increase data capacity further still by allowing transmitters and devices to send and receive data on the same frequency. This is done using specialized circuits capable of ensuring that incoming and outgoing signals do not interfere with one another.
3. What are the security risks?
One of 5G’s biggest security issues is simply how widely it will be used.
5G stands to replace wired connections and open the door for many more devices to be connected and updated via the internet, including home appliances and industrial machines. Revolutionary processes like self-driving cars, industrial robots, and hospital devices will rely on 5G’s ever-present, never-lagging bandwidth to run without a hiccup.
As with any brand-new technology, security vulnerabilities are sure to emerge over the life of the technology.
Researchers in Europe have already identified weak spots in the way cryptographic keys will be exchanged in 5G networks, for example. With so many more connected devices, the risk for data theft and sabotage — what cybersecurity experts call the attack surface — will be that much higher.
Since 5G is meant to be compatible with existing 4G, 3G, and Wi-Fi networks — in some cases using mesh networking that cuts out central control of a network entirely — existing security issues will also carry over to the new networks.
Britain’s GCHQ is expected to highlight security issues with Huawei’s technology, perhaps involving 4G systems, in coming weeks.
With 5G, a layer of control software will help ensure seamless connectivity, create virtual networks, and offer new network features. A network operator might create a private 5G network for a bank, for instance, and the bank could use features of the network to verify the identities of app users.
This software layer will, however, offer new ways for a malicious network operator to snoop on and manipulate data. It may also open up new vectors for attack, while hardware bugs could make it possible for users to hop between virtual networks, eavesdropping or stealing data as they do.
4. Can 5G be made secure?
These security worries paint a bleak picture — but they are not new and there are technical solutions to all of them.
Careful use of cryptography can help secure communications in a way that protects data as it flows across different systems and through virtual networks — even guarding it from the companies that own and run the hardware. Such coding schemes can help guard against jamming, snooping, and hacking.
Two research papers offer a good overview of the risks and potential solutions: “5G Security: Analysis of Threats and Solutions” (pdf); “Security for 5G Mobile Wireless Networks” (pdf).
“If you do it correctly, you will actually have a more robust network,” says Muriel Médard, a professor who leads the Network Coding and Reliable Communications Group at MIT.
5. Why is Huawei’s 5G causing so much concern?
As the world’s biggest supplier of networking equipment and second-largest smartphone maker, Huawei is in a prime position to snatch the lion’s share of a 5G market that, by some estimates, could be worth $123 billion in five years’ time.
Stalling the company’s expansion into Western markets could have the convenient side effect of letting competitors catch up. But there are also legitimate security concerns surrounding 5G — and reasons to think it could be problematic for one company to dominate the space.
The US government appears to have decided that it’s simply too risky for a Chinese company to control too much 5G infrastructure. Would it have the same approach to security threats if it was an American Company ?
The focus on Huawei is justified by the importance of 5G, the new complexity and security challenges, and the fact that the Chinese company is poised to be such a huge player.
And given the way Chinese companies are perceived to be answerable to the government, Huawei’s apparent connections with the Chinese military and its cyber operations, and the tightening ties between private industry and the state, this seems to be the main consideration.
But the ongoing fight with Huawei also goes to show how vital new technology is to the future of global competition, economic might, and even international security.
The same hold of technology has allowed American players such as Facebook and Google to collect invaluable information on billions of individuals outside of the USA with our anyone querying the safety concerns or the spying potential of these companies.
And although there no official links or rapport between these companies and the US Government, there is a high probability that the US intelligence services have access to these companies data, with or without their consent.
The world is happy to gang up against Chinese company Huawei with state sponsored ties, but Google, Amazon and Facebook remain unregulated.
While the U.S. is pursuing criminal charges against Huawei for alleged theft of trade secrets, the U.S. has been undermining Huawei’s reputation for quite some time as a ‘national security threat’.
Huawei, is a 5G leader that has shown an ability to scale into other countries in recent years, and it is now under grave suspicion from the global community and national security services of most Western countries.
The U.S. banned Huawei from selling smart phones in the U.S., while Apple still profits from Chinese consumers as one of their key markets.
The US intelligence community has been worried about the Chinese tech giants’ government ties for many years and in 2018 ramped up with political propaganda to the point that cyber espionage in now considered the real reason the U.S. embarked upon a ‘trade war’ with China.
Huawei appears to be at the center of the controversy setting up a China vs. U.S. tech wars in the years ahead that the U.S. cannot win.
Huawei’s founder says he would not share user secrets, but that is not the only issue the probe is about.
The Chinese tech giant is accused of stealing trade secrets from American business partners. The probe follows civil lawsuits against Huawei for misappropriating robotic smartphone-testing technology from T-Mobile.
The criminal probe is in advanced stages and by U.S. federal prosecutors that could lead to some major repressions. Huawei’s CFO, Meng Wanzho who is the daughter of the founder of Huawei, was arrested in Canada in December, 2018 and faces extradition to NY to face unrelated and separate charges in the U.S.
In the past few weeks, an employee was arrested in Poland on espionage charges, the company’s products, which include both phones and network gear, were banned from Taiwanese government systems. Australia announced in 2018 that it will ban the country’s carriers from buying equipment for next-generation 5G networks.
Czech cyber espionage experts also put out a warning against Huawei devices and products. Chinese infiltration efforts of cyber and corporate espionage are rumored to be very deep, but the ban on Huawei could lead to further escalation of authoritarian nationalism.
Huawei has officially become the black sheep of the tech world, a world afraid of Chinese authoritarianism and cyber espionage practices (“cheating”) to become a technological super power.
There’s little hope of a resolution to the trade war since the reported probe would complicate efforts by the US and Chinese governments to reach a deal since Huawei is one of the China’s brightest stars in tech and the emergence of Huawei as one of the global leaders in 5G, smartphones, IoT and in a few years time the Cloud as well.
Beijing’s reaction to the CFO’s arrest and bizarre apparently retaliatory moves on foreign citizens has also raised a lot of questions.
Meanwhile the U.S. continues its campaign to persuade allies such as Canada and Britain to ban the telecom-equipment maker’s gear from next-generation 5G networks.
Without open criminal charges though it has felt for years like witch-hunting for Huawei, a guilty-until-proven scenario of a global mob of news propaganda. This reality is exasperated considering Chinese consumers are among the most influential for the global economy.
If China felt misunderstood and like an angry empire before the Huawei fiasco and trade war, how will it feel when it has become a technological giant and a leader in innovation considering Huawei could be significantly hampered due to these charges?
The WSJ was the first to break this ongoing and developing story.
DOUBLE STANDARDS
The question of whether Huawei as China’s flagship tech company can be trusted is interesting considering how trustworthy Facebook has been in manipulating recent events in global politics as a weaponized platform.
Why are we banning Huawei and not Facebook?
Unregulated tech is dangerous, America was the first to suffer from security flaws and mass manipulation, why does it not apply the same to its own companies.
Perhaps the U.S. cannot afford to regulate and break up monopolies in its own back yard since Chinese tech companies are growing faster and will likely eclipse them sooner if they did so.
The ultimate irony here is U.S. companies are guilty of all kinds of things that will never see the legal light of day.
Yes Mark Zuckerberg was called in front of Senate and apologized loudly, but no sanctions, interdictions or indemnities were ever claimed. A simple change to the terms of services was enough.
Moreover, America is worried and is rallying its allies against a threat of espionnage from China through Hua Wei.
But it is interesting to take a look at what we know about what America does in terms of espionnage worldwide. We reproduce hereby some articles that are in the public domain that highlight the activities of America on that front through its National Security Agency ( NSA )
The NSA is responsible for global monitoring, collection, and processing of information and data for foreign and domestic intelligence and counterintelligence purposes, specializing in a discipline known as signals intelligence (SIGINT).
The NSA is also tasked with the protection of U.S. communications networks and information systems.The NSA relies on a variety of measures to accomplish its mission, the majority of which are clandestine.
The NSA’s actions have been a matter of political controversy on several occasions, including its spying on anti-Vietnam-war leaders and the agency’s participation in economic espionage.
In 2013, the NSA had many of its secret surveillance programs revealed to the public by Edward Snowden, a former NSA contractor. According to the leaked documents, the NSA intercepts and stores the communications of over a billion people worldwide, including United States citizens.
The documents also revealed the NSA tracks hundreds of millions of people’s movements using cellphones metadata.
Internationally, research has pointed to the NSA’s ability to surveil the domestic Internet traffic of foreign countries through “boomerang routing“.
Monitoring
A record of most calls made in the U.S., including the telephone number of the phones making and receiving the call, and how long the call lasted. This information is known as “metadata” and doesn’t include a recording of the actual call (but see below). This program was revealed through a leaked secret court order instructing Verizon to turn over all such information on a daily basis.
Other American phone companies, including AT&T and Sprint, also reportedly give their records to the NSA on a continual basis. All together, this is several billion calls per day.
Email, Facebook posts and instant messages for an unknown number of people, via PRISM, which involves the cooperation of at least nine different technology companies. Google, Facebook, Yahoo and others have denied that the NSA has “direct access” to their servers, saying they only release user information in response to a court order. Facebook has revealed that, in the last six months of 2012, they handed over the private data of between 18,000 and 19,000 users to law enforcement of all types — including local police and federal agencies, such as the FBI, Federal Marshals and the NSA.
The NSA intercepts huge amounts of raw data, and stores billions of communication records per day in its databases. Using the NSA’s XKEYSCORE software, analysts can see “nearly everything a user does on the Internet” including emails, social media posts, web sites you visit, addresses typed into Google Maps, files sent, and more.
Currently the NSA is only authorized to intercept Internet communications with at least one end outside the U.S., though the domestic collection program used to be broader.
But because there is no fully reliable automatic way to separate domestic from international communications, this program also captures some amount of U.S. citizens’ purely domestic Internet activity, such as emails, social media posts, instant messages, the sites you visit and online purchases you make.
There have been several reports that the NSA records the audio contents of some phone calls and a leaked document confirms this. This reportedly happens “on a much smaller scale” than the programs above, after analysts select specific people as “targets.”
Calls to or from U.S. phone numbers can be recorded, as long as the other end is outside the U.S. or one of the callers is involved in “international terrorism”. There does not seem to be any public information about the collection of text messages, which would be much more practical to collect in bulk because of their smaller size.
The NSA has been prohibited from recording domestic communications since the passage of the Foreign Intelligence Surveillance Act but at least two of these programs — phone records collection and Internet cable taps — involve huge volumes of Americans’ data.
Does the NSA record everything about everyone, all the time?
The NSA records as much information as it can, subject to technical limitations (there’s a lot of data) and legal constraints.
This currently includes the metadata for nearly all telephone calls made in the U.S. (but not their content) and massive amounts of Internet traffic with at least one end outside the U.S.
It’s not clear exactly how many cables have been tapped, though we know of at least one inside the U.S., a secret report about the program by the NSA’s Inspector General mentions multiple cables, and the volume of intercepted information is so large that it was processed at 150 sites around the world as of 2008.
We also know that Britain’s GCHQ, which shares some intelligence with the NSA, had tapped over 200 cables as of 2012, belonging to seven different telecommunications companies.
Until 2011 the NSA also operated a domestic Internet metadata program which collected mass records of who emailed who even if both parties were inside the U.S.
Because it is not always possible to separate domestic from foreign communications by automatic means, the NSA still captures some amount of purely domestic information, and it is allowed to do so by the Foreign Intelligence Surveillance Court.
The collected information covers “nearly everything a user does on the Internet,” according to a presentation on the XKEYSCORE system.
The slides specifically mention emails, Facebook chats, websites visited, Google Maps searches, transmitted files, photographs, and documents of different kinds. It’s also possible to search for people based on where they are connecting from, the language they use, or their use of privacy technologies such as VPNs and encryption, according to the slides.
This is a massive amount of data. The full contents of intercepted Internet traffic can only be stored for up to a few days, depending on the collection site, while the associated “metadata” (who communicated with whom online) is stored up to 30 days.
Telephone metadata is smaller and is stored for five years. NSA analysts can move specific data to more permanent databases when they become relevant to an investigation.
The NSA also collects narrower and more detailed information on specific people, such as the actual audio of phone calls and the entire content of email accounts. NSA analysts can submit a request to obtain these types of more detailed information about specific people.
Watching a specific person like this is called “targeting” by the Foreign Intelligence Surveillance Act, the law which authorizes this type of individual surveillance.
The NSA is allowed to record the conversations of non-Americans without a specific warrant for each person monitored, if at least one end of the conversation is outside of the U.S. It is also allowed to record the communications of Americans if they are outside the U.S. and the NSA first gets a warrant for each case.
It’s not known exactly how many people the NSA is currently targeting, but according to a leaked report the NSA intercepted content from 37,664 telephone numbers and email addresses from October 2001 to January 2007. Of these, 8% were domestic: 2,612 U.S. phone numbers and 406 U.S. email addresses.
How the NSA actually gets the data depends on the type of information requested. If the analyst wants someone’s private emails or social media posts, the NSA must request that specific data from companies such as Google and Facebook.
Some technology companies (we don’t know which ones) have FBI monitoring equipment installed “on the premises” and the NSA gets the information via the FBI’s Data Intercept Technology Unit.
The NSA also has the capability to monitor calls made over the Internet (such as Skype calls) and instant messaging chats as they happen.
For information that is already flowing through Internet cables that the NSA is monitoring, or the audio of phone calls, a targeting request instructs automatic systems to watch for the communications of a specific person and save them.
It’s important to note that the NSA probably has information about you even if you aren’t on this target list.
If you have previously communicated with someone who has been targeted, then the NSA already has the content of any emails, instant messages, phone calls, etc. you exchanged with the targeted person. Also, your data is likely in bulk records such as phone metadata and Internet traffic recordings. This is what makes these programs “mass surveillance,” as opposed to traditional wiretaps, which are authorized by individual, specific court orders.
What does phone call metadata information reveal, if it doesn’t include the content of the calls?
Even without the content of all your conversations and text messages, so-called “metadata” can reveal a tremendous amount about you.
If they have your metadata, the NSA would have a record of your entire address book, or at least every person you’ve called in the last several years. They can guess who you are close to by how often you call someone, and when. By correlating the information from multiple people, they can do sophisticated “network analysis” of communities of many different kinds, personal or professional — or criminal.
Phone company call records reveal where you were at the time that a call was made, because they include the identifier of the radio tower that transmitted the call to you.
The government has repeatedly denied that it collects this information, but former NSA employee Thomas Drake said they do. For a sense of just how powerful location data can be, see this visualization following a German politician everywhere he goes for months, based on his cellphone’s location information.
Even without location data, records of who communicated with whom can be used to discover the structure of groups planning terrorism. Starting from a known “target” (see above), analysts typically reconstruct the social network “two or three hops” out, examining all friends-of-friends, or even friends-of-friends-of-friends, in the search for new targets. This means potentially thousands or millions of people might be examined when investigating a single target.
Metadata is a sensitive topic because there is great potential for abuse. While no one has claimed the NSA is doing this, it would be possible to use metadata to algorithmically identify, with some accuracy, members of other types of groups like the Tea Party or Occupy Wall Street, gun owners, undocumented immigrants, etc.
An expert in network analysis could start with all of the calls made from the time and place of a protest, and trace the networks of associations out from there.
Phone metadata is also not “anonymous” in any real sense. The NSA already maintains a database of the phone numbers of all Americans for use in determining whether someone is a “U.S. person” (see below), and there are several commercial number-to-name services in any case. Phone records become even more powerful when they are correlated with other types of data, such as social media posts, local police records and credit card purchase information, a process known as intelligence fusion.
Is all of this legal?
It is legal in the USA, assuming the NSA adheres to the restrictions set out in recently leaked court orders. By definition, the Foreign Intelligence Surveillance Court decides what it is legal for the NSA to do.
But this level of domestic surveillance wasn’t always legal, and the NSA’s domestic surveillance program has been found to violate legal standards on more than one occasion.
And it is completely illegal internationally.
The NSA was gradually granted the authority to collect domestic information on a massive scale through a series of legislative changes and court decisions over the decade following September 11, 2001.
The Director of National Intelligence says that authority for PRISM programs comes from section 702 of the Foreign Intelligence Surveillance Act and the Verizon metadata collection order cites section 215 of the Patriot Act. The author of the Patriot Act disagrees that the act justifies the Verizon metadata collection program.
The NSA’s broad data collection programs were originally authorized by President Bush on October 4, 2001. The program operated that way for several years, but in March 2004 a Justice Department review declared the bulk Internet metadata program was illegal. President Bush signed an order re-authorizing it anyway. In response, several top Justice Department officials threatened to resign, including acting Attorney General James Comey and FBI director Robert Mueller. Bush backed down, and the Internet metadata program was suspended for several months. By 2007, all aspects of the program were re-authorized by court orders from the Foreign Intelligence Surveillance Court.
In 2009, the Justice Department acknowledged that the NSA had collected emails and phone calls of Americans in a way that exceeded legal limitations.
In October 2011, the Foreign Intelligence Surveillance Court ruled that the NSA violated the Fourth Amendment at least once. The Justice Department has said that this ruling must remain secret, but we know it concerned some aspect of the “minimization” rules the govern what the NSA can do with domestic communications. The Foreign Intelligence Surveillance Court recently decided that this ruling can be released, but Justice Department has not yet done so.
There do not appear to be any legal restrictions on what the NSA can do with the communications of non-U.S. persons.
Since a substantial fraction of the world’s Internet data passes through the United States, or its allies, the U.S. has the ability to observe and record the communications of much of the world’s population. The European Union has already complained to the U.S. Attorney General.
The U.S. is hardly the only country doing mass surveillance, though its program is very large. GCHQ, which is the British counterpart to the NSA, has a similar surveillance program and shares data with the NSA.
Many countries now have some sort of mass Internet surveillance now in place.
Although passive surveillance is often hard to detect, more aggressive governments use intercepted information to intimidate or control their citizens, including Syria, Iran, Egypt, Bahrain and China. Much of the required equipment is sold to these governments by American companies.
All the above shows without a doubt that spying is a general practice and that technology and communication companies are cooperating with Governments to provide the data.
Hua Wei’s case is nothing special and the campaign launched by the USA against Hua Wei has more to do with trying to keep America’s supremacy in spying and data collection than with any out-of-line activities of Hua Wei.
Recent Comments