0day vulnerability in firmware for HiSilicon-based...

[elipsey]

This argument proves too much. By this reasoning, "Qualcomm-owned Cisco" is "injecting backdoors" into their chips as well.[1]

The real title of the article is "0day vulnerability (backdoor) in firmware for HiSilicon-based DVRs, NVRs and IP cameras" and the word Huawei doesn't even appear in it.

If OP wants to claim that Huawei are involved, maybe they should write their own article. :/

[1]https://www.zdnet.com/article/cisco-weve-killed-another-crit...

Edit: the title changed. criticism retracted.

[wolfgke]

> This argument proves too much. By this reasoning, "Qualcomm-owned Cisco" is "injecting backdoors" into their chips as well.[1]

I would not consider this to be past my belief ...

[DyslexicAtheist]

CISCO has not only a long history of creating backdoors, but have also been marketing them as features. They even wrote an IETF proposal (RFC 2804) for a LI backdoor:

https://tools.ietf.org/html/rfc2804

https://www.blackhat.com/presentations/bh-dc-10/Cross_Tom/Bl...

Edit: Schneier wrote in 2018: "We don't know if this is error or deliberate action, but five backdoors have been discovered [in CISCO] already this year." and linking to this article: https://www.tomshardware.com/news/cisco-backdoor-hardcoded-a... (the final count went up to 7 actual backdoors discovered in 2018.

From May 2019: https://www.scmagazineuk.com/cisco-firewalls-routers-switche...

[johnmaguire]

The IETF proposal you linked is not for a backdoor. It's IETF refusing to set rules on future IETF standards including, or not including wiretapping.

i.e. It states that whether a standard includes a wiretap or not is irrelevant to it being an IETF standard.

[elipsey]

I wouldn't either, but I'm gonna hold out for some evidence before I start telling people they are :)

Edit: hey, while we're on the subject, what ever happened with that supermicro thing? Check's in the mail?