Bloomberg alleges Huawei routers and network equipment are backdoor

Vodafone, the largest mobile network operator in Europe, has discovered Huawei's equipment between 2009 and 2011, according to Bloomberg. With these back doors, Huawei could have gained unauthorized access to the "Vodafone fixed line network in Italy". But Vodafone disagrees, saying that although he has discovered some security vulnerabilities in Huawei devices, they have been corrected by Huawei and are in no way accessible to distance. They can not be used by Huawei.

Bloomberg's claims are based on Vodafone's internal security documentation and the "people involved in the situation". Several "back doors" are described: unsecured Telnet access to home routers, as well as "back doors" in optical service nodes (which connect last mile distribution networks to backbone optical networks) and "gateways to "Broadband Network" (BNG) (located between broadband users and the core network, providing access control, authentication and similar services).

In response to Bloomberg, Vodafone stated that router vulnerabilities had been discovered and corrected in 2011 and that BNG's failures had been detected and corrected in 2012. Although it has documentation on some vulnerabilities of optical service node, continues Vodafone, it does not have any fixed information. In addition, the network operator stated that he had no evidence of problems outside of Italy.

Sources speaking to Bloomberg dispute this. They claim that vulnerabilities persisted after 2012 and that Huawei's Vodafone equipment in the UK, Germany, Spain and Portugal had the same flaws. Despite this, Vodafone continued to purchase equipment from the Chinese company because of the cost competitiveness.

The sources also claim that the story was not so simple: "Vodafone is reporting a bug, Huawei is fixing a bug". Vodafone Italy discovered that Huawei's routers had unsecured Telnet access and the company asked Huawei to remove it. Huawei told Vodafone that he had done so, but further examination of the routers revealed that telnet could be reactivated. Vodafone told Huawei that Vodafone wanted to remove it entirely, but Huawei told him that the company should keep it for testing and configuration.

The Bloomberg Report does not offer any details about the other alleged "back doors" in the gateways or service nodes.

When is an entry door a back door?

The accuracy of Bloomberg's report is based on the distinction between a vulnerability and a backdoor. A vulnerability is an accidental coding error that allows unauthorized third parties to access the router (or other hardware). A backdoor, on the other hand, is a deliberately written code that allows unauthorized third parties to access the router. While a backdoor can be written in such a way that it is obvious (for example, one could imagine an authentication system allowing anyone to log in with the password "backdoor"), any relevant backdoor will look like a legitimate feature Accidental coding error.

Telnet access, for example, is a common feature of home routers. Typically, the Telnet interface provides better control over the behavior of the router than that available through the Web configuration interface of these devices. The telnet interface is also easier to automate, which makes it easier to preconfigure devices so that they are properly configured for the network of a particular Internet service provider. Even Huawei's initial response to Vodafone's request, which allowed users to reactivate the telnet service, did not go out of the ordinary: it is common for front-end Web servers to allow activation and deactivation of telnet. Vodafone's assertion that the telnet service was not accessible from the Internet is also likely; Typically, these telnet services are only accessible from the local network side, not from the Internet IP address.

As such, the position of Vodafone and Huawei that it is not a back door is quite defensible, and Huawei has not done anything particularly extraordinary. This is not to say that the hardware is not a back door: routers with unauthenticated remote access or pass-through authentication have already been discovered and will probably be in the future. But nothing indicates that these particular problems of Huawei constitute an attempt to hijack the routers, and nothing in the Bloomberg report corroborates this assertion.

The US government is concerned, however, about Huawei's willingness to undermine or undermine US and European-owned networks and systems, as well as the fact that the company is trying to illegally use the intellectual property from Western countries. Among Chinese companies, Huawei is considered with particular suspicion because of its ties with the Chinese army.

Huawei's chief financial officer was arrested in Canada on behalf of the United States, claiming that Huawei had violated US sanctions against Iran. The company has also been charged with stealing T-Mobile's robotic phone test technology. The US government lobbied domestic companies not to buy or sell Huawei hardware. More generally, the United States have pushed their allies to avoid Huawei network hardware. Huawei's review of the firmware and software by the UK government revealed a generally mediocre approach to security, but these issues appear to be a buggy code written with negligence and leaving piracy systems rather than the deliberate insertion of backdoors.

This pressure is particularly strong when it comes to deploying 5G networks. Huawei 4G hardware is already widely deployed in Europe, and its price is very competitive and considered essential to the rapid deployment of 5G infrastructure in Europe. Vodafone, for its part, continued to buy Huawei equipment until January of this year; other purchases were halted due to concerns about the company.