Hacker News new | past | comments | ask | show | jobs | submit login

So the theory is that chinese vendors put existing exploits into their firmware deliberately? That seems rather hard to believe. Would it not be much simpler to create a few new holes?



What do you mean by 'existing exploits'? It seems like they are accusing them of writing insecure code on purpose, which is exactly how i'd go about inserting a backdoor if I were going to do it.


That is correct because plausible deniability is very important.

However writing insecure code is also the defacto standard across industry, definitely including in the US.

If we accept this as proof, then Microsoft, Google, Facebook, etc, (all the way down like the turtles, until we hit every one man company) are all government controlled corporations deliberately installing sneaky back doors through security vulnerabilities in code, which cleverly simply look like incompetent programming.


That's right, but I think the article is asserting that:

a) The vulnerability density is much higher in Huawei's code.

b) When vulns were reported to them, they simply moved them to another location, rather than actually patch them.

Those are the things that I consider to be (weak) evidence that they are backdoors.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: