In today’s news is yet another story about Huawei and security as European telecommunications operator and regulators continue to scrutinize the gear in advance of 5G deployments. This one is historical though. Apparently Vodafone found security flaws in Huawei gear its Italian unit bought back in 2011 and 2012.
In the technical sense, this is hardly a surprise. Vulnerabilities and patches are an ongoing part of pretty much all software development, and in this case the problem came with the telnet protocol. There was a day when telnet was a thing for everyone, but these days it’s more a diagnostic thing. According to Vodafone, the flaw would not have been accessible via the internet and was quickly patched. All vendors have processes to handle exactly this sort of thing, and all have done so many times. So the fact that it happened eight years ago in this case is news today only because it was Huawei.
But the pressure to block Huawei from 5G deployments continues unabated. The contention is that because China requires all its companies to help its national security apparatus and Huawei (like every major Chinese company) has deep ties to that apparatus. On the one hand, it’s easy to envision spies doing this sort of thing. On the other hand, it’s very hard to imagine such deliberate vulnerabilities remaining undetected for long in a suspicious world.
The most recent development came a few days ago when KPN decided Huawei gear was fine for radios and antennas, but not when it comes to the gear in its core 5G network. They’ve got a deal in place, but with an exit clause in case regulators or lawmakers act to ban Huawei entirely. That seems to have emerged as the consensus response of European telcos to all this pressure, a way to keep Huawei in the mix while still mollifying critics and covering themselves legally.
If you haven't already, please take our Reader Survey! Just 3 questions to help us better understand who is reading Telecom Ramblings so we can serve you better!
Categories: Government Regulations · Security · Wireless
Vodafone wasn’t alone. At least one other Tier-1 telco put Huawei gear in a cordoned-off demo environment and started noticing stuff that wasn’t supposed to happen.