Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Pages: 1 [2]

Author Topic: Huawei Potential Spying  (Read 1609 times)

CarlT

  • Kitizen
  • ****
  • Posts: 1697
  • Software Defined WAN deployment engineer
Re: Huawei Potential Spying
« Reply #15 on: September 26, 2020, 12:07:08 PM »

Would it really be incredibly blatant for the modem to send data via the user's ISP's connection to Huawei? Not necessarily modify user traffic, just add its own. That seems like saying the ISP should somehow just know which packets should be present and which ones shouldn't.

A single modem no. All of them definitely.

If you can control or compromise enough to know who owns which modems you don't need mass surveillance capability in the modems as you already have enough information to mount a targeted attack.
Logged
WiFi: Nighthawk® AX12 RAX120
Routing: pfSense VM
Switching: Mikrotik 2* CRS305-1G-4S-IN, 1 * CRS309-1G-8S+; various cheap and cheerful TP-Link/Netgear
Exchange: Wakefield
ISP: BT Full Fibre 900. Zen Full Fibre 900.

burakkucat

  • Global Moderator
  • Senior Kitizen
  • *
  • Posts: 31947
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: Huawei Potential Spying
« Reply #16 on: September 26, 2020, 06:22:56 PM »

No idea why this was split in to its own thread.

Then I shall tell you the reason why. It was split off because it had been appended to topic where it served no purpose.
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 2066
    • My Broadband History
Re: Huawei Potential Spying
« Reply #17 on: September 26, 2020, 11:14:27 PM »

I wasn't suggesting it would be streaming video from your webcam to Huawei in 4k UHD!

LOL. No it isn't. I think you find that most of the software components from Broadcom and Huawei in the firmware aren't open source.

Then what is this? https://www.openreach.co.uk/orpg/home/products/super-fastfibreaccess/super-fastfibreaccess/landrgnu.do

Yes the modem is a closed-source binary blob, but that's hardly "most of" the software.  The core OS is Open Source, which means wherever its hooked into the OS you have some ability to see what its doing.  Plus further up the network I'd expect Openreach to monitor what is going over their backhaul to make sure its only what's supposed to be there.
Logged
INTAKE (ECI) Zen: Home Hub 5A OpenWrt Plusnet: VMG-3925-B10B Voxi 4G: Hauwei B535-232 Router: pfSense (i5-7200U) WiFi: Ubiquiti nanoHD
Thinkbroadband Quality Monitors & Zen Referral

ejs

  • Kitizen
  • ****
  • Posts: 2071
Re: Huawei Potential Spying
« Reply #18 on: September 27, 2020, 08:17:27 AM »

Then what is this? https://www.openreach.co.uk/orpg/home/products/super-fastfibreaccess/super-fastfibreaccess/landrgnu.do

Have you looked at what's in the open source code releases and what's in the firmware? What you've provided a link to is the open source parts. I am well aware of it. The vast bulk of that code will be the Linux kernel, the vast majority of which won't be of any relevance to the HG612.

Here's a list of binary programs in the HG612 and if you get the source code:

Y brctl
Y busybox
N cli
N cmfctl
N cms
N console
N cwmp
N dbase
Y dhcpc
N dhcps
Y dnsmasq
N dsldiagd
Y ebtables
N equipcmd
N ethcmd
N igmpproxy
Y ip
N ipcheck
Y iptables
N klog
N log
N mc
N MidServer
N monitor
N msg
Y pppc
Y ripd
Y siproxd
Y sntp
* sshd
Y tc
N upg
N xdslcmd
N xtmcmd
Y zebra

35 programs, 13 open source, 21 not open, * sshd appears to be dropbear which is open source but was not included in the source code release. This is why I say most of it is not open source.

Quote
Plus further up the network I'd expect Openreach to monitor what is going over their backhaul to make sure its only what's supposed to be there.

Again, I don't know how you expect Openreach to know what's supposed to be there and what isn't. You might as well be expecting Openreach to block all malicious traffic to/from the Internet and all spam and viruses, if they can monitor it all and know what's what.
Logged

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 2066
    • My Broadband History
Re: Huawei Potential Spying
« Reply #19 on: September 27, 2020, 08:44:27 AM »

How is the kernel irrelevant?  That's literally what any binaries have to talk through.  Plus as I pointed out earlier, what exactly is it going to do when its in bridge mode so can only see the ATM/PTM layer?

All we really need to know is don't give the HG612 a gateway, gives it a static IP and at most configure the NTP server address to a relay on the LAN.

Could a bridge/modem intercept PPP traffic and inject something that shouldn't be there?  Maybe (I don't know anything about PPP) but I'm 99% sure the HG612 is not powerful enough to do that, let alone to actually extract, process and report back what you are doing over that link.  Just monitoring an interfaces data flow is hugely expensive in CPU cycles, you do NOT do that unless absolutely necessary.

If they beefed up the SoC to do that sort of thing, it would dramatically increase the cost per unit and nobody would buy it, as these devices are all about the absolute cheapest, reliable solution for the job.  In the quantities they sold to Openreach they would need a darn good financial reason to sneak in a powerful SoC and take a huge loss per unit to do so, while hoping Openreach do not question WHY the hardware is so over-specced for the job or do any inspection of the firmware to see if its doing what they asked for.

[Moderator edited to remove the verbatim quote of the previous post.]
« Last Edit: September 27, 2020, 04:54:44 PM by burakkucat »
Logged
INTAKE (ECI) Zen: Home Hub 5A OpenWrt Plusnet: VMG-3925-B10B Voxi 4G: Hauwei B535-232 Router: pfSense (i5-7200U) WiFi: Ubiquiti nanoHD
Thinkbroadband Quality Monitors & Zen Referral

ejs

  • Kitizen
  • ****
  • Posts: 2071
Re: Huawei Potential Spying
« Reply #20 on: September 27, 2020, 01:10:33 PM »

What I meant was, that out of the 200MB of source code provided by Huawei, there's probably about 150MB in there that'll be for kernel features or drivers that aren't even compiled. Whereas most of the bits and pieces of software that make the box do it's job are not open source. Try and make a firmware for the HG612 using only open source components and you might just about be able to get it running not very well as a 2 port wired router.

Quote
Just monitoring an interfaces data flow is hugely expensive in CPU cycles, you do NOT do that unless absolutely necessary.

And yet I earlier linked to that old issue where the HG612 was picking out UDP port numbers within the data passing through it. In bridge mode it'll be PPP packets going into it, the ATM/PTM layer only exists over the DSL link.

Quote from: BCM6368 product brief
Powered by the advanced dual-core VIPER MIPS32 CPU and hardware
packet processing accelerator, the BCM6368 VDSL2/ADSL2+ modem
performs wirespeed bridging, routing, encryption, and decryption on all
packet sizes between the WAN and the various LAN interfaces.

There aren't that many different VDSL2 SoCs. It won't have so little CPU power that it can't do anything else besides be a bridging modem. I think at the time, Broadcom probably had the one VDSL2 SoC, the BCM6368 was also used in various wireless modem/routers, not just wired modems.
Logged

Chrysalis

  • Content Team
  • Addicted Kitizen
  • *
  • Posts: 6369
Re: Huawei Potential Spying
« Reply #21 on: September 28, 2020, 12:01:14 AM »

j0hn's comment nailed it, exactly in line with my views, America has been very anti China recently, note they state it as their reason for leaving the WHO as well, I have not seen one shred of evidence hauwei is nothing other than a telecoms company.
Logged
AAISP - Billion 8800NL bridge & PFSense BOX running PFSense 2.4 - ECI Cab - LINE STATISTICS CLICK HERE

thesmileyone

  • Member
  • **
  • Posts: 54
Re: Huawei Potential Spying
« Reply #22 on: September 28, 2020, 12:07:34 AM »

Damn didn't expect to be insulted. First time I've been here in 4 years it was just a question, and asked because I'm more into server stuff than home tech and this is therefore relevant: https://www.bloomberg.com/news/features/2018-10-04/the-big-hack-how-china-used-a-tiny-chip-to-infiltrate-america-s-top-companies

So my answer seems to be yes by the people who actually know what they are talking about, and "no you're a tinfoil hat wearer" by those who don't.  :baby:
Logged

Alex Atkin UK

  • Kitizen
  • ****
  • Posts: 2066
    • My Broadband History
Re: Huawei Potential Spying
« Reply #23 on: September 28, 2020, 04:15:19 AM »

So my answer seems to be yes by the people who actually know what they are talking about, and "no you're a tinfoil hat wearer" by those who don't.  :baby:

That's not what were saying at all.  What were actually saying is that in an ONT, DSLAM, the end-user connectivity networks in general, then it would be tricky and kinda pointless.

Now if you can get a chip or marlware into the servers themselves or the backbone routers (which ALREADY are capable of packet inspection and have enough traffic passing over them to potentially hide what you are doing) then yeah of course, THAT'S where you have to worry.

Once you get down to an end-users connection, its far more viable to infect the user with malware, exploiting the clients on their home/corporate network itself.  The ONT is kinda the worst place to try and attack from when there is low hanging fruit AFTER that point, you want to be right at either end of the connection where its easier to hide and plenty of CPU power to spare.

Even if a router is compromised, its only really to redirect traffic to a hijacked/spoofed server or to perform DoS.  The real work is done in the clients and servers.
« Last Edit: September 28, 2020, 11:45:33 AM by Alex Atkin UK »
Logged
INTAKE (ECI) Zen: Home Hub 5A OpenWrt Plusnet: VMG-3925-B10B Voxi 4G: Hauwei B535-232 Router: pfSense (i5-7200U) WiFi: Ubiquiti nanoHD
Thinkbroadband Quality Monitors & Zen Referral

j0hn

  • Kitizen
  • ****
  • Posts: 3316
Re: Huawei Potential Spying
« Reply #24 on: September 28, 2020, 10:31:12 AM »

Damn didn't expect to be insulted.

Nobody insulted you?

Quote
So my answer seems to be yes by the people who actually know what they are talking about, and "no you're a tinfoil hat wearer" by those who don't.  :baby:

You complain about being insulted (nobody insulted you) then you go all insult half the replies in this thread by suggesting they are tin foil hat wearers who don't know what they are taking about.

Way to go. Welcome back to the forum. I look forward to being insulted by you some more.
Logged
BT FTTP 160/30 - BQM - speed test

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5347
Re: Huawei Potential Spying
« Reply #25 on: September 28, 2020, 06:12:32 PM »

As far as I can see, OP did not suggest anybody among respondents was a tinfoil hat wearer.  He suggested certain posts might have made him feel like he was accused of being a tinfoil hat wearer.

Back on topic, seems to me there are two aspects to consider.

1)  Can the apparatus actually do any harm, even if it is malicious?   Some folks seem content to say ‘No’, on the basis that they can’t think of how such harm can occur. 

I think that’s missing the point that government sponsored hackers are probably cleverer than anybody here.  There’s probably hundreds of exploits waiting to be discovered.  Just because we can’t think of any harm doesn’t mean state spooks can’t.

2)  Is Chinese apparatus any more of a risk than other Nations?  Some folks rightly point out that if Chinese companies can do it, so could others, reasoning that make Chinese stuff equally safe/unsafe.

I think that’s folly.  The difference is that whilst (say) the US might try to influence Apple or Google, or the German government might try and influence Siemens, they’d meet strong resistance both from the Companies at corporate level and from individual engineer employees, because these are free countries.   Under Chinese law, my understanding is  a company can’t say ‘No’ to a request to aid state security.   There is very limited freedom of thought for Chinese workers who, for example, continue to be denied the truth about the 1989 Tiananmen square massacre.  It’s a mistake to compare the risk from such a country with the risk from free-thinking countries.

Just my thoughts, others are welcome to their own. :)

 

Logged

sof006

  • Reg Member
  • ***
  • Posts: 144
Re: Huawei Potential Spying
« Reply #26 on: October 28, 2020, 10:15:54 PM »

I think this is potentially something governments should be more concerned about, use of potentially malicious 3rd party equipment inside a government building. To an everyday user like me, the worst I can potentially foresee (correct me if you think i'm being naďve) is that they know what YouTube videos I like to watch or what I like to buy on Amazon... Maybe that will put me on a blacklist in China but honestly I never had plans to go to China nor do I ever want to go.

Sorry for semi-necroing a month old thread, was scrolling through the forums and was curious.
Logged
Pages: 1 [2]
 

anything