That’s probably too general. I mean, it’s true – but let’s focus more narrowly: Huawei.
I have written before about Huawei and US government’s reactions to getting handed a plate of their own well-sauced gander [stderr] [stderr] [stderr] [and more] It turns out that they don’t like gander so much – to imperialists, it’s gotta be all goose, all the time. How’s that for over-stretching a bon mot? So, we have truly weird things happening regarding TikTok, and the US intelligence community and Cisco appear to be winning the weirdest marketing battle ever against Huawei. It’s my opinion that what’s driving all of this is certain big vendors trying to lock Chinese competitors out of the US market, because damn it, it’s their money. Put another way: if Cisco had a successful and affordable 5G solution stack, we wouldn’t be having this discussion because, as usual, they’d be too busy cashing checks.*
Try to follow the bouncing ball:
The US literally strong-arms the UK and some of its other allies into de-committing to Huawei gear (some of which is already paid for and installed) on their core networks. Ostensibly, the reason for this is because – in all probability – the Chinese government has gotten Huawei to build backdoors in their gear. That is the aforementioned gander-sauce: the US government has gotten many companies to build backdoors into their gear, so the US can say with certainty that having someone do that is very unpleasant, if not outright immoral.
As part of its leverage campaign against Huawei, which has included attempts at judicial kidnapping [see notes] the US has blocked export of critical microprocessor components used by Huawei in their phones. This was a bold/big move: Huawei phones are outselling iPhones in China – I’m sure that has nothing to do with the ridiculous cost of iPhones and everything to do with nationalism. [reuters]
WASHINGTON (Reuters) – The Trump administration on Friday moved to block global chip supplies to blacklisted telecoms equipment giant Huawei Technologies, spurring fears of Chinese retaliation and hammering shares of U.S. producers of chipmaking equipment.
This is an interesting move because it pushes back the development lifecycle on a bunch of Huawei stuff. Huawei now has to find someone else to develop (or has to license) things like cell phone antenna controller chipsets. And the US has pushed Google, controller of Android and the Android app store, into blocking access for Huawei customers. [verge]
Google on Friday evening published a support article meant to clarify the ongoing situation with Huawei. Last year, the United States government barred companies in the US from working with the Chinese hardware maker. “Google is prohibited from working with Huawei on new device models or providing Google’s apps including Gmail, Maps, YouTube, the Play Store and others for preload or download on these devices,” Tristan Ostrowski, legal director for Android and Google Play, wrote in the post, which was picked up by 9to5Google.
Because they hate us for our freedoms, I suppose. It appears that the US is doing an across-the-board push to make Huawei’s stuff later to market – almost as though they’re trying to give Cisco a chance to catch up. I’m surprised they haven’t “Tik Tok”ked Huawei and basically said, “you have to sell part of your company to Cisco if you want access to the US market.” Oh, now that’s an idea.
Anyhow: company that we’re worried about backdooring everything, we want to deny you access to our backdoor’d stuff that you’d normally get from Google and Qualcomm, etc. Pause for a second, and think about that: the Chinese spy-phone is running an operating system provided by a US company – an O/S that comprises 12-15 million lines of code, none of which are backdoors or known vulnerabilities that can be exploited by the NSA. I’d imagine in a non-bizarro-world scenario that the US would be not pointing this out, and would quietly let Huawei build their own backdoors in, which ran next to NSA’s backdoors, and it’s all smiles and detente.
I’m just trolling you, there. Surely nobody cares (other than Tim Apple) about a little thing like that. It’s not at all relevant. Hush. I’m ashamed of you for being so cynical!
Qualcomm makes one of the most important components of a cell phone: the radio/antenna/digital signal processing encoder/decoder do stuffer. These chips are basically a full blown computer that does all the comms for the phone asynchronously, so the phone’s processor can display animated dancing badgers [weeb] and important things. The best way to think of a current generation shine-slab is that it’s a network of computers connected on a small LAN, each of which does some stuff (and some have capabilities that aren’t used but just happen to be there, like Intel Management Engine on any Intel mainline CPU since 201?2) Within that LAN environment, there is no security at all: everything trusts everything else. So, you can have an antenna controller, which has several of its own CPUs, talk to the fondle-slab’s memory and change stuff. Stuff like the process table of the running Android kernel. I saw a nifty demonstration of this at CANSECWEST back in 2010 [csw] [presentation] – the fellow found an exploitable vulnerability in a Broadcomm antenna controller that was popular at the time, sent it a packet that exploited the hole, then started a process running in the antenna controller that created a running process in the android kernel that was in the device and, while it was at it, set the user-id of that process to 0. It was impressive: he had a phone and it was running and suddenly a shell popped up with a root prompt – nobody touched a thing. Anyhow, the point is: there are so many processors with great power and complexity that all you have to do to side-step operating system security on the main processor is to exploit a flaw in a coprocessor. Antenna/wifi controllers are one place, expensive graphic cards are another.
The US ban on exporting tech to Huawei has been hurting Qualcomm because Huawei is now the #1 cell phone manufacturer and they sell metric fucktonnes of integrated coprocessor-on-a-chip components to Huawei. [gizmodo]
The Trump administration’s sanctions are hitting Huawei hard, and the Chinese tech giant now says it will run out of processors chips for its smartphones by September without access to U.S. venders, according to a weekend Associated Press report.
In other words, says Qualcomm: “US: you are punching yourself in the face.”
A life preserver may be incoming, however. According to the Wall Street Journal, the American chip company Qualcomm is lobbying U.S. policymakers to ease sanctions and allow it to sell chips to Huawei for the production of their 5G phones. The company argues that the export ban doesn’t just hurt Huawei: By cutting Qualcomm off from potential sales of essential components in Huawei’s device, the ban is essentially handing the market—worth as much as $8 billion annually – to foreign competitors like Samsung and Taiwan’s MediaTek.
There is more to this particular bounce than just Qualcomm but I want to focus there. Huawei also makes their own processors (like Apple does, and Samsung, and everyone else) which are currently fabricated in the US. Basically, this ban is a great big knife-cut across Huawei’s throat that is going to take them probably a year to repair the damage to their supply-chain. Maybe Cisco will buy a decent 5G offering by then and we’ll be through this whole sordid affair, but, wait, there’s more.
[ars] “That processor with fucktonnes of holes in it, that you Chinese people used to use to build your phones? No, you can’t have that anymore.”
Now, remember, if someone wanted to build a really sweet backdoor into a billion cell phones, the way they’d do it is have a bit of extra somethingsomething in that Qualcomm chip. There’d be a couple access paths: you could hand the chip a piece of image data to decode that was treated as payload, instead, or perhaps a weird option on some cell handoff negotiation. Then the local FBI dude would just have to enter the target phone number and, when it connected to a network, they’d have a root prompt (or whatever). It beggars my mind to imagine that that capability has not already been developed by some Israeli company or other, or some NSA contractor.
The vulnerabilities can be exploited when a target downloads a video or other content that’s rendered by the chip. Targets can also be attacked by installing malicious apps that require no permissions at all.
From there, attackers can monitor locations and listen to nearby audio in real time and exfiltrate photos and videos. Exploits also make it possible to render the phone completely unresponsive. Infections can be hidden from the operating system in a way that makes disinfecting difficult.
“Disinfecting difficult” is a huge understatement. It makes disinfecting impossible. Unless you put your phone in a blacksmith’s forge or crush it in a hydraulic press. It means the vulnerability is not accessible to the operating system at all – it’s the other way around – the vulnerability completely owns the platform and the operating system is just along for the ride. It’s all backdoor, baby!
Snapdragon is what’s known as a system on a chip that provides a host of components, such as a CPU and a graphics processor. One of the functions, known as digital signal processing, or DSP, tackles a variety of tasks, including charging abilities and video, audio, augmented reality, and other multimedia functions. Phone makers can also use DSPs to run dedicated apps that enable custom features.
“Phone makers can also use DSPs to run dedicated apps that enable custom features” sounds like “a framework for deploying invisible monitoring and spyware applications” to me.
That’s exactly what the US doesn’t want Huawei to build into their phones. Uh.
What. The. Fuck?! I can’t follow this any more, it’s all bouncing around too much and none of it makes sense except in the context of trying to protect Apple’s iPhone prices and Cisco’s lack of an affordable 5G stack to sell.
* I was a very happy Cisco shareholder from the 90s up ’till the early oughts, when I had a meeting out at their HQ that convinced me that they had no technology vision except “we will buy whatever is best” so I came home and dumped all my Cisco stock. A few days later, the tech market crashed and my financial advisor thought I was some kind of genius. Here’s a riddle: “name one product other than the IOS router that Cisco has made.” As far as I can tell, they have not innovated at all, except in the field of dominating a market by not innovating.
Judicial kidnapping: [wik]
Meng Wanzhou (Chinese: 孟晚舟; born February 13, 1972; also known as Cathy Meng and Sabrina Meng) is a Chinese business executive with permanent residency in Canada, who is the deputy chair of the board and chief financial officer (CFO) of telecom giant and China’s largest privately held company,Huawei, founded by her father Ren Zhengfei.
On December 1, 2018, Meng was detained upon arrival at Vancouver International Airport by Canada Border Services Agency officers for questioning, which lasted three hours. The Royal Canadian Mounted Police subsequently arrested her on a provisional U.S. extradition request, in regard to breaches of U.S. sanctions against Iran. On January 28, 2019, the U.S. Department of Justice (DOJ) announced financial fraud charges against Meng. The first stage of the extraditionhearing for Meng began Monday January 20, 2020. On February 13, 2020 Meng was personally indicted by the DOJ on charges of trade secrets theft. If proven guilty, Meng potentially faces up to 10 years’ imprisonment per 18 U.S.C. § 1832.
WTF is a “provisional extradition request”? – oh, right a “grab order.”
How do you even patch this sort of thing? Well, the O/S would have to be able to reliably trust that its memory can’t be tampered with. Uh, “game over, man!” as Private Hudson would say. And how do you update the firmware in the Qualcomm chip? Oh, there’s probably going to be some kind of BIOS updater thing that a few thousand out of a billion phone users will run.
Google might be able to do something, but we should not expect Google to be coding patches against fuckery in other devices – because Qualcomm’s processor-making idiots are going to be idioting away on a different trajectory than Google’s idiocy-fixing idiots, and it’ll be hard to re-converge on something non-borked later. If you want to get an idea what that looks like, there is a presentation about Windows UEFI ‘secure’ boot [petri]
Microsoft Windows Secure Boot has a big problem. It’s no longer secure, and can’t be fixed – or so say a pair of security researchers who found the issue.
Apparently, Microsoft created a secret backdoor, for internal QA use. But two Ring Of Lightning researchers uncovered the so-called “golden key.” Now that the cat’s out of the bag, IT can’t rely on UEFI and Secure Boot to prevent boot-time malware, such as bootkits. Oops.
Meanwhile, Google’s got a problem because they are trying to make Android boot with some kind of minimal guarantees of integrity, on hardware that is 99% backdoor.
My advice: give up on computing. Global climate collapse is going to make high tech civilization unsustainable anyway so you may as well get used to not having a smartphone, now.