I recently published a longer-than-usual column at informationweek.com on the recent government report urging the masses not to buy anything from Huawei (as well as ZTE) on the grounds that such equipment might be fronting intelligence (or worse) efforts underway within the government and/or military of China. Make no mistake, every government, especially those with large economic and industrial capacity, seeks competitive advantage on the global stage, just as any enterprise or organization does. What bothered me about the report from the US House of Representatives Permanent Select Committee on Intelligence is that it's more about innuendo and speculation, and thus really competitive positioning, than fact. And, while I believe that any activity connected to the US government should buy American (tough, by the way, in the case of cellular infrastructure, as we don't build that here anymore), to encourage the private sector to shop elsewhere, again, based on nothing more than speculation, innuendo, and what seems to be a complete lack of understanding of international business on the part of our esteemed representative in Congress, is, um, way out of line - yeah, let's go with that.
You can read the above-referenced column for more; as you can tell by many of the responses posted, this subject is among the most controversial I've ever covered. But I stand by what I wrote - let's stick to the facts and not engage in unnecessary provocation. Such can easily snowball and lead to real, rather than imagined, consequences.
Further exploration of the general subject of commercial-sector intelligence-gathering and other mischief led to, and this was easy, another recent column at informationweek.com, this one on the secret (I can be provocative, too, but in this case such is absolutely correct) chips in Apple's new Lightning cable. Why didn't Apple just use the simple, cheap USB connector like everyone else? Well, Apple likes proprietary, as most for-profit firms do, because the margins are better and protected, and often for long periods of time. But, to get back on topic here, what's really going on in those chips buried in that cable? I'm not accusing Apple of anything here, but I'll bet few if any people outside of Apple know.
And yet millions of people are going to buy this cable, manufactured, no doubt in China. And what about all those consumer electronics built in China? And what about any random company, anywhere in the world, (unintentionally, of course) employing an engineer who is secretly an intelligence agent of a foreign power, inserting nefarious code into products? Or a firmware upgrade, many of these being automatically applied via the Web today, loading code that, well, has a function apart from that intended for the device in question here? Humm? And keep in mind that spying on the citizens of this country is perfectly legal with a court order, and may in fact occur in some cases without such? This is why I wrote earlier this year that privacy and security are really both dead. The systems that support our lives, from a music player to online banking to medical equipment to an eNodeB, are now well beyond our control.
The primary thesis of my Information Week article was that any covert information gathering, or other nefarious activity, buried in a commercial product from Huawei, or any other firm on this planet, for that matter, couldn't be kept secret for very long, and, when discovered, would, and especially if used, have dire consequences indeed - not the least of which would be the bankruptcy of the firm enabling such, and saber-rattling at the government level. The bottom line, though, is this: can we really trust any IT product today? And how do you know for sure?