Why is Huawei's potential spying activity a big issue given that communication protocols are supposed to be...












7
















This question already has an answer here:




  • What theoretical risks are posed by compromised 5G infrastructure?

    1 answer




As far as I understand, Huawei is currently accused of supplying hardware to Western countries that could be used for spying by the Chinese government.



But why would this be a big deal? Properly designed communication channels are supposed to be secure from MITM attacks and thus it shouldn't matter if the Chinese government has a back door. And if your communications are prone to MITM attacks, then you have a bigger problem on your hands than foreign meddling.










share|improve this question















marked as duplicate by Ángel, JonathanReez, AndrolGenhald, schroeder 5 hours ago


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.



















  • @Ángel agreed, could be closed as a duplicate

    – JonathanReez
    5 hours ago











  • @JonathanReez I believe there should be a button somewhere allowing you to agree with the close vote.

    – AndrolGenhald
    5 hours ago











  • @AndrolGenhald weirdly enough I don't see it

    – JonathanReez
    5 hours ago











  • if i can take a screen shot of your monitor every 5 seconds, and send it back to the mothership, what does MITM have to do with anything?

    – dandavis
    5 hours ago











  • @AndrolGenhald: once you get enough reps for the vote to close privilege, you can vote to close to agree with the close vote.

    – Lie Ryan
    53 mins ago


















7
















This question already has an answer here:




  • What theoretical risks are posed by compromised 5G infrastructure?

    1 answer




As far as I understand, Huawei is currently accused of supplying hardware to Western countries that could be used for spying by the Chinese government.



But why would this be a big deal? Properly designed communication channels are supposed to be secure from MITM attacks and thus it shouldn't matter if the Chinese government has a back door. And if your communications are prone to MITM attacks, then you have a bigger problem on your hands than foreign meddling.










share|improve this question















marked as duplicate by Ángel, JonathanReez, AndrolGenhald, schroeder 5 hours ago


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.



















  • @Ángel agreed, could be closed as a duplicate

    – JonathanReez
    5 hours ago











  • @JonathanReez I believe there should be a button somewhere allowing you to agree with the close vote.

    – AndrolGenhald
    5 hours ago











  • @AndrolGenhald weirdly enough I don't see it

    – JonathanReez
    5 hours ago











  • if i can take a screen shot of your monitor every 5 seconds, and send it back to the mothership, what does MITM have to do with anything?

    – dandavis
    5 hours ago











  • @AndrolGenhald: once you get enough reps for the vote to close privilege, you can vote to close to agree with the close vote.

    – Lie Ryan
    53 mins ago
















7












7








7


2







This question already has an answer here:




  • What theoretical risks are posed by compromised 5G infrastructure?

    1 answer




As far as I understand, Huawei is currently accused of supplying hardware to Western countries that could be used for spying by the Chinese government.



But why would this be a big deal? Properly designed communication channels are supposed to be secure from MITM attacks and thus it shouldn't matter if the Chinese government has a back door. And if your communications are prone to MITM attacks, then you have a bigger problem on your hands than foreign meddling.










share|improve this question

















This question already has an answer here:




  • What theoretical risks are posed by compromised 5G infrastructure?

    1 answer




As far as I understand, Huawei is currently accused of supplying hardware to Western countries that could be used for spying by the Chinese government.



But why would this be a big deal? Properly designed communication channels are supposed to be secure from MITM attacks and thus it shouldn't matter if the Chinese government has a back door. And if your communications are prone to MITM attacks, then you have a bigger problem on your hands than foreign meddling.





This question already has an answer here:




  • What theoretical risks are posed by compromised 5G infrastructure?

    1 answer








man-in-the-middle huawei






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 5 hours ago







JonathanReez

















asked 7 hours ago









JonathanReezJonathanReez

530148




530148




marked as duplicate by Ángel, JonathanReez, AndrolGenhald, schroeder 5 hours ago


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.









marked as duplicate by Ángel, JonathanReez, AndrolGenhald, schroeder 5 hours ago


This question has been asked before and already has an answer. If those answers do not fully address your question, please ask a new question.















  • @Ángel agreed, could be closed as a duplicate

    – JonathanReez
    5 hours ago











  • @JonathanReez I believe there should be a button somewhere allowing you to agree with the close vote.

    – AndrolGenhald
    5 hours ago











  • @AndrolGenhald weirdly enough I don't see it

    – JonathanReez
    5 hours ago











  • if i can take a screen shot of your monitor every 5 seconds, and send it back to the mothership, what does MITM have to do with anything?

    – dandavis
    5 hours ago











  • @AndrolGenhald: once you get enough reps for the vote to close privilege, you can vote to close to agree with the close vote.

    – Lie Ryan
    53 mins ago





















  • @Ángel agreed, could be closed as a duplicate

    – JonathanReez
    5 hours ago











  • @JonathanReez I believe there should be a button somewhere allowing you to agree with the close vote.

    – AndrolGenhald
    5 hours ago











  • @AndrolGenhald weirdly enough I don't see it

    – JonathanReez
    5 hours ago











  • if i can take a screen shot of your monitor every 5 seconds, and send it back to the mothership, what does MITM have to do with anything?

    – dandavis
    5 hours ago











  • @AndrolGenhald: once you get enough reps for the vote to close privilege, you can vote to close to agree with the close vote.

    – Lie Ryan
    53 mins ago



















@Ángel agreed, could be closed as a duplicate

– JonathanReez
5 hours ago





@Ángel agreed, could be closed as a duplicate

– JonathanReez
5 hours ago













@JonathanReez I believe there should be a button somewhere allowing you to agree with the close vote.

– AndrolGenhald
5 hours ago





@JonathanReez I believe there should be a button somewhere allowing you to agree with the close vote.

– AndrolGenhald
5 hours ago













@AndrolGenhald weirdly enough I don't see it

– JonathanReez
5 hours ago





@AndrolGenhald weirdly enough I don't see it

– JonathanReez
5 hours ago













if i can take a screen shot of your monitor every 5 seconds, and send it back to the mothership, what does MITM have to do with anything?

– dandavis
5 hours ago





if i can take a screen shot of your monitor every 5 seconds, and send it back to the mothership, what does MITM have to do with anything?

– dandavis
5 hours ago













@AndrolGenhald: once you get enough reps for the vote to close privilege, you can vote to close to agree with the close vote.

– Lie Ryan
53 mins ago







@AndrolGenhald: once you get enough reps for the vote to close privilege, you can vote to close to agree with the close vote.

– Lie Ryan
53 mins ago












2 Answers
2






active

oldest

votes


















18














The device in your hand may have any number of measures which circumvent standard protections against MITM attacks. If you cannot trust the equipment you're touching (or otherwise interacting with), then you have serious a problem.



MITM protections typically assume that both endpoints are trustworthy, and only the intervening network is untrustworthy. When you violate this assumption, there is no effective protection.






share|improve this answer



















  • 12





    +1 Man in the middle is irrelevant if the man at one end is maligned.

    – JMac
    7 hours ago













  • But isn't the big brouhaha over Huawei's routers rather than any endpoints?

    – JonathanReez
    6 hours ago






  • 3





    I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

    – DoubleD
    6 hours ago











  • @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

    – Bakuriu
    6 hours ago






  • 2





    @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

    – DoubleD
    5 hours ago



















5














Three huge reasons:




  1. Traffic analysis. You can encrypt all you want, but if I can see that you are suddenly exchanging a lot of messages with a server in Ruritania, it’s possible you are negotiating a missile treaty with them, or a contract for food, or doing something else interesting. In espionage, knowing who is talking is often more important than what they said.


  2. Security mitigations. Sometimes a critical device or system can’t be modified to bring it into security compliance within a reasonable timeframe. Imagine a large network of unpatchable IP cameras, and some hacker drops a 0-day attack on their protocol. Instead of a slow and expensive replacement process, you may be able to quickly mitigate the risk by implementing a secure tunnel at the router, either with IPSec or VPN. It’s probably never the ideal solution, but it’s a way to respond quickly to a hard situation.


  3. Malicious injection. A compromised device can allow an attacker a route into your network bypassing all your perimeter security or detection devices. Not everyone can keep up with patching hundreds of thousands of desktops and servers the minute that patches are released. (Not to mention the risk of deploying untested patches simultaneously on all redundant critical systems.) Patching the perimeter is much quicker than patching all the internal devices; firewalls help defenders buy time in these cases.



So no, having a compromised router is not good for your security. Nobody’s networks are perfect 100% of the time.






share|improve this answer






























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    18














    The device in your hand may have any number of measures which circumvent standard protections against MITM attacks. If you cannot trust the equipment you're touching (or otherwise interacting with), then you have serious a problem.



    MITM protections typically assume that both endpoints are trustworthy, and only the intervening network is untrustworthy. When you violate this assumption, there is no effective protection.






    share|improve this answer



















    • 12





      +1 Man in the middle is irrelevant if the man at one end is maligned.

      – JMac
      7 hours ago













    • But isn't the big brouhaha over Huawei's routers rather than any endpoints?

      – JonathanReez
      6 hours ago






    • 3





      I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

      – DoubleD
      6 hours ago











    • @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

      – Bakuriu
      6 hours ago






    • 2





      @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

      – DoubleD
      5 hours ago
















    18














    The device in your hand may have any number of measures which circumvent standard protections against MITM attacks. If you cannot trust the equipment you're touching (or otherwise interacting with), then you have serious a problem.



    MITM protections typically assume that both endpoints are trustworthy, and only the intervening network is untrustworthy. When you violate this assumption, there is no effective protection.






    share|improve this answer



















    • 12





      +1 Man in the middle is irrelevant if the man at one end is maligned.

      – JMac
      7 hours ago













    • But isn't the big brouhaha over Huawei's routers rather than any endpoints?

      – JonathanReez
      6 hours ago






    • 3





      I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

      – DoubleD
      6 hours ago











    • @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

      – Bakuriu
      6 hours ago






    • 2





      @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

      – DoubleD
      5 hours ago














    18












    18








    18







    The device in your hand may have any number of measures which circumvent standard protections against MITM attacks. If you cannot trust the equipment you're touching (or otherwise interacting with), then you have serious a problem.



    MITM protections typically assume that both endpoints are trustworthy, and only the intervening network is untrustworthy. When you violate this assumption, there is no effective protection.






    share|improve this answer













    The device in your hand may have any number of measures which circumvent standard protections against MITM attacks. If you cannot trust the equipment you're touching (or otherwise interacting with), then you have serious a problem.



    MITM protections typically assume that both endpoints are trustworthy, and only the intervening network is untrustworthy. When you violate this assumption, there is no effective protection.







    share|improve this answer












    share|improve this answer



    share|improve this answer










    answered 7 hours ago









    DoubleDDoubleD

    2,5001111




    2,5001111








    • 12





      +1 Man in the middle is irrelevant if the man at one end is maligned.

      – JMac
      7 hours ago













    • But isn't the big brouhaha over Huawei's routers rather than any endpoints?

      – JonathanReez
      6 hours ago






    • 3





      I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

      – DoubleD
      6 hours ago











    • @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

      – Bakuriu
      6 hours ago






    • 2





      @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

      – DoubleD
      5 hours ago














    • 12





      +1 Man in the middle is irrelevant if the man at one end is maligned.

      – JMac
      7 hours ago













    • But isn't the big brouhaha over Huawei's routers rather than any endpoints?

      – JonathanReez
      6 hours ago






    • 3





      I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

      – DoubleD
      6 hours ago











    • @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

      – Bakuriu
      6 hours ago






    • 2





      @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

      – DoubleD
      5 hours ago








    12




    12





    +1 Man in the middle is irrelevant if the man at one end is maligned.

    – JMac
    7 hours ago







    +1 Man in the middle is irrelevant if the man at one end is maligned.

    – JMac
    7 hours ago















    But isn't the big brouhaha over Huawei's routers rather than any endpoints?

    – JonathanReez
    6 hours ago





    But isn't the big brouhaha over Huawei's routers rather than any endpoints?

    – JonathanReez
    6 hours ago




    3




    3





    I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

    – DoubleD
    6 hours ago





    I can't load OP's link for details, but that's arguably worse. Routers are perimeter security devices. Compromised devices are bad in general; compromised security devices are really bad. A backdoor could allow all sorts of traffic that your network design assumes is already filtered/dropped. E.g., an outsider could perform Layer 2 attacks, or he could attack assets you have an isolated VLAN.

    – DoubleD
    6 hours ago













    @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

    – Bakuriu
    6 hours ago





    @DoubleD Worse in other ways. But a router would not be able to break the end-to-end encryption.

    – Bakuriu
    6 hours ago




    2




    2





    @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

    – DoubleD
    5 hours ago





    @Bakuriu True in general. Notably, however, the router is the endpoint for VPLS comms and some VPN connections. It's a disaster no matter what you're using TBH. With industrial espionage from China being rampant, no one in the US should be using their gear in the first place.

    – DoubleD
    5 hours ago













    5














    Three huge reasons:




    1. Traffic analysis. You can encrypt all you want, but if I can see that you are suddenly exchanging a lot of messages with a server in Ruritania, it’s possible you are negotiating a missile treaty with them, or a contract for food, or doing something else interesting. In espionage, knowing who is talking is often more important than what they said.


    2. Security mitigations. Sometimes a critical device or system can’t be modified to bring it into security compliance within a reasonable timeframe. Imagine a large network of unpatchable IP cameras, and some hacker drops a 0-day attack on their protocol. Instead of a slow and expensive replacement process, you may be able to quickly mitigate the risk by implementing a secure tunnel at the router, either with IPSec or VPN. It’s probably never the ideal solution, but it’s a way to respond quickly to a hard situation.


    3. Malicious injection. A compromised device can allow an attacker a route into your network bypassing all your perimeter security or detection devices. Not everyone can keep up with patching hundreds of thousands of desktops and servers the minute that patches are released. (Not to mention the risk of deploying untested patches simultaneously on all redundant critical systems.) Patching the perimeter is much quicker than patching all the internal devices; firewalls help defenders buy time in these cases.



    So no, having a compromised router is not good for your security. Nobody’s networks are perfect 100% of the time.






    share|improve this answer




























      5














      Three huge reasons:




      1. Traffic analysis. You can encrypt all you want, but if I can see that you are suddenly exchanging a lot of messages with a server in Ruritania, it’s possible you are negotiating a missile treaty with them, or a contract for food, or doing something else interesting. In espionage, knowing who is talking is often more important than what they said.


      2. Security mitigations. Sometimes a critical device or system can’t be modified to bring it into security compliance within a reasonable timeframe. Imagine a large network of unpatchable IP cameras, and some hacker drops a 0-day attack on their protocol. Instead of a slow and expensive replacement process, you may be able to quickly mitigate the risk by implementing a secure tunnel at the router, either with IPSec or VPN. It’s probably never the ideal solution, but it’s a way to respond quickly to a hard situation.


      3. Malicious injection. A compromised device can allow an attacker a route into your network bypassing all your perimeter security or detection devices. Not everyone can keep up with patching hundreds of thousands of desktops and servers the minute that patches are released. (Not to mention the risk of deploying untested patches simultaneously on all redundant critical systems.) Patching the perimeter is much quicker than patching all the internal devices; firewalls help defenders buy time in these cases.



      So no, having a compromised router is not good for your security. Nobody’s networks are perfect 100% of the time.






      share|improve this answer


























        5












        5








        5







        Three huge reasons:




        1. Traffic analysis. You can encrypt all you want, but if I can see that you are suddenly exchanging a lot of messages with a server in Ruritania, it’s possible you are negotiating a missile treaty with them, or a contract for food, or doing something else interesting. In espionage, knowing who is talking is often more important than what they said.


        2. Security mitigations. Sometimes a critical device or system can’t be modified to bring it into security compliance within a reasonable timeframe. Imagine a large network of unpatchable IP cameras, and some hacker drops a 0-day attack on their protocol. Instead of a slow and expensive replacement process, you may be able to quickly mitigate the risk by implementing a secure tunnel at the router, either with IPSec or VPN. It’s probably never the ideal solution, but it’s a way to respond quickly to a hard situation.


        3. Malicious injection. A compromised device can allow an attacker a route into your network bypassing all your perimeter security or detection devices. Not everyone can keep up with patching hundreds of thousands of desktops and servers the minute that patches are released. (Not to mention the risk of deploying untested patches simultaneously on all redundant critical systems.) Patching the perimeter is much quicker than patching all the internal devices; firewalls help defenders buy time in these cases.



        So no, having a compromised router is not good for your security. Nobody’s networks are perfect 100% of the time.






        share|improve this answer













        Three huge reasons:




        1. Traffic analysis. You can encrypt all you want, but if I can see that you are suddenly exchanging a lot of messages with a server in Ruritania, it’s possible you are negotiating a missile treaty with them, or a contract for food, or doing something else interesting. In espionage, knowing who is talking is often more important than what they said.


        2. Security mitigations. Sometimes a critical device or system can’t be modified to bring it into security compliance within a reasonable timeframe. Imagine a large network of unpatchable IP cameras, and some hacker drops a 0-day attack on their protocol. Instead of a slow and expensive replacement process, you may be able to quickly mitigate the risk by implementing a secure tunnel at the router, either with IPSec or VPN. It’s probably never the ideal solution, but it’s a way to respond quickly to a hard situation.


        3. Malicious injection. A compromised device can allow an attacker a route into your network bypassing all your perimeter security or detection devices. Not everyone can keep up with patching hundreds of thousands of desktops and servers the minute that patches are released. (Not to mention the risk of deploying untested patches simultaneously on all redundant critical systems.) Patching the perimeter is much quicker than patching all the internal devices; firewalls help defenders buy time in these cases.



        So no, having a compromised router is not good for your security. Nobody’s networks are perfect 100% of the time.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 6 hours ago









        John DetersJohn Deters

        27.6k24189




        27.6k24189















            Popular posts from this blog

            How to label and detect the document text images

            Vallis Paradisi

            Tabula Rosettana