Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Security Expert: Huawei Routers Riddled With Vulnerabilities 126

sabri writes "Cnet reports that German security expert Felix Lindner has unearthed several vulnerabilities in Huawei's carrier grade routers. These vulnerabilities could potentially enable attackers, or the Chinese government, to snoop on users' traffic and/or perform a man-in-the-middle attack. While these routers are mostly in use in Asia, Africa and the Middle East, they are increasingly being used in other parts of the world as well, because of their dirt-cheap pricing. Disclaimer: I work for one of their competitors." Via the H, you can check out the presentation slides. Yesterday Huawei issued a statement 'We are aware of the media reports on security vulnerabilities in some small Huawei routers and are verifying these claims...'
This discussion has been archived. No new comments can be posted.

Security Expert: Huawei Routers Riddled With Vulnerabilities

Comments Filter:
  • by X.25 ( 255792 ) on Thursday August 02, 2012 @10:00AM (#40855501)

    And hundreds of vulnerabilities in Cisco IOS were somehow different, of course.

    But of course, their vulnerabilities were not related to 'Chinese government' and wouldn't make 'news for retards'.


  • by Anonymous Coward on Thursday August 02, 2012 @10:05AM (#40855547)

    They do usually rebrand their stuff. Some "lower-end" mobile phones, probably ones that carry the operator's brand name and not the manufacturer's, are likely to be made by Huawei or similar companies (ZTE, as another example).

    Another reason Huawei is so cheap is because they don't "innovate" like (most?) Western companies do. They kinda consider R&D to be a profit center and will not move an inch to develop something that is not _known_ to be profitable. I have first-hand experience with this. I work for Huawei. There!, I said it.

    Most customer meetings we have involve going to ask for requirements that they can be sent back up the chain to HQ (R&D) to get started on the development. Seriously. Our Chinese bosses (can't call them managers) and counterparts (some of the "local" staff have a Chinese "mirror") are constantly asking to find the customer's Strategy for a particular product/service and what the business model is going to be....even from technical staff at the customer.

    I recently ready this article and it paints a pretty accurate picture of my everyday life working here.

    As much as they "sell" the idea of being a communist country, they are still very much a feudal culture with a close-minded and I'm-never-ever-wrong-because-I'm-the-boss mentality. And it'll catch up to them...soon

    When people mention something about the Chinese taking over the world, I worry too. Just for very different reasons.

    (Posted as AC ((from work)) for obvious reasons)

  • by Anonymous Coward on Thursday August 02, 2012 @10:08AM (#40855581)

    Oh, and the R&D guys that I've met, look like they're fresh out of the University (or ...idk) and no one has bothered to create any formal programming practices or the like...which is why I totally believe the comment about security coding practices being from 15 years ago.

  • by faedle ( 114018 ) on Thursday August 02, 2012 @11:51AM (#40856901) Homepage Journal

    It is catching up to them.

    I work for a telecom company that has a significant investment in Huawei gear. Their equipment often has serious bugs, and upper management is starting to notice that the ability of the service and support teams to "do their jobs" is being hurt by Huawei's bugs, and we're seriously entertaining bids from other vendors.

    The sad part is that their equipment is SO much cheaper than anything else on the market.. I don't know if we could afford to even convert a fraction of our gear to some other vendor. The economics of the business is such that we couldn't afford to provide the service at the prices we charge without using the cheapest option available.

  • by JDG1980 ( 2438906 ) on Thursday August 02, 2012 @12:03PM (#40857023)

    From the article you linked []:

    Chinese business culture values interpersonal over institutional relationships, and business decisions are often oriented towards short-term profit. There is also a lack of transparency and oversight, which has been linked to a high degree of corruption.

    Right, because stuff like that would never happen in the United States...

"Never face facts; if you do, you'll never get up in the morning." -- Marlo Thomas