1) The UK willingly submits all of its net traffic to monitoring, snooping and supervision by a Chinese firm. This is mindboggling. Why worry about NSA's ECHELON or PRISM now, when the government has just passed a law requiring every packet to be inspected by a Chinese system.
2) Let's learn from those who are best at censorship. Obviously China has significant experience in that area. UK has a lot to catch up, but they're working on it.
Think about it -- if somebody told you 10 years ago that the United Kingdom will outsource country-wide Internet traffic monitoring, policing and censoring to Chinese companies, you'd call them a nutjob.
I find it extremely unfortunate that more of the "democratic" countries are now starting to see China's model of censorship and surveillance of its population as something to aspire to.
This is not just a one-off. It's a trend. They all seem to want what the Chinese government has (full control over its population), while still "pretending" it's a democracy and everyone's rights are unharmed.
There's an unfortunate view in the learned press that business-like governments such as Singapore and China are able to work efficiently and generally get things done and are generally to be admired (though not always publicly). Combine that with the UK Government's Big Sister approach to managing the population and the worst effects of political correctness and you can see where this is all heading - a country safely protected from itself under the watchful gaze of those that know what's best for us - Downton Abbey on a grand scale.
It's unfortunate but it's true - China has the advantage that without those pesky elections to worry about it can take a longer term view of things and be planning over a 10 year period, not a 5 year period with re-election and all the populist stuff that requires.
Obviously that's only part of the story but the discussion certainly becomes more "interesting" than it did in the 80s when democracy seemed to give better results across the board having the moral and economic high ground.
Not for a moment endorsing the Chinese approach, just saying that there is a more interesting debate than there used to be.
Too bad that actual planning seems to take a backseat to "my own swiss bank account in 10 years" planning. The same problem "islamic democracies" (or the "islamic republic") or dictatorships have. And then western (and Chinese) companies come in who promise personal kickbacks in trade for contracts. And soon the situation happens that companies who don't do this simply can't get any business at all.
China will get killed by it's own politicians much quicker than any western democracy. They're still growing, today it's easy for them because China is growing at 7% per year. It will get hard soon and things will change. Fast.
Conversely when people in China (or elsewhere) campaign for more liberty and freedom, the Chinese government can point to the USA/UK/EU/etc and say "Look they block things too!". Likewise when UK/EU/USA/etc. tell China to stop blocking things, China turns around and says "But you block things!"
Let's be clear: government has not just passed a law requiring packet inspection, and there are ISPs who provide unfiltered connectivity. (Eg as discussed here: https://news.ycombinator.com/item?id=6082595)
The government is proposing that they may bring legislation to Parliament if the industry doesn't do something to thinkofthechildren, but what shape that might take is not yet clear.
It's "you do something 'voluntarily' now, which there'll be absolutely no democratic oversight over, or we force you". So instead of getting a nasty filtering system subject to freedom of information queries and parliamentary inquiries, we get a system where we are subject to the whims of these businesses, who will all point to the government and say "ask them", while the government will point to it being something the companies added "voluntarily".
Frankly, "voluntary regulation" like this should always be a massive warning flag.
Exactly. Let's all remember that we often call politicans sleeazy corrupt ineffective busybodies who'll appear for the opening of an envelope, and who make statements and press releases to manipulate the press & public. However when something like this comes along, suddely politicans are disciplined, determined, principled fighters of smut who can get their way....
> Let's be clear: government has not just passed a law requiring packet inspection
Correct. That happened in the past already when ISPs were required to block access to the pirate bay.
The Pirate Bay block was not a law imposed on all ISPs.
It was a court order imposed by a judge for a specific case brought by the recording industries against the few largest ISPs individually.
Part of the case was basically that the ISPs already had filtering systems in place (in that case for the IWF child abuse blocks - again, not required by law but installed "voluntarily"). So the industry essentially said that adding TPB to the existing blocklist wouldn't be too much of a burden.
(I believe that similar orders have expanded it to cover a few more sites since, but not sure whether those cover all the same ISPs again).
> Think about it -- if somebody told you 10 years ago that the United Kingdom will outsource country-wide Internet traffic monitoring, policing and censoring to Chinese companies, you'd call them a nutjob.
I would like to point out that this article does not state that all UK traffic is being filtered by Huawei. The article mentions David Cameron praises the filtering system used by a single UK ISP, TalkTalk, and has demanded that similar measures be enforced by other UK ISPs. The article then describes the filtering system that TalkTalk uses, which is provided by Huawei.
Ofcom (an independent regulator) reports (http://media.ofcom.org.uk/facts/) that TalkTalk has a 17% market share at the end of 2012. So not all of the UK's net traffic is filtered through a service provided by Huawei.
Michael Hayden (former CIA head) says there is 'hard evidence' that Huawei has spied for the Chinese government. However he hasn't released any evidence. To be honest I don't really trust the CIA/NSA or Huawei. I think you just have to assume that if they _can_ spy on you, they _will_.
BT own the monopoly on the copper infrastructure and they are the only company providing high speed ADSL. If you want 80Mbps broadband, you have no choice but to use the Huawei modem.
Interestingly, the BT router we had installed today appears to be from ECI Technology, Inc, an Israeli company. I had a quick look and I can't find them described as a Huawei shell or anything, only competitor. New back label, the rest looks the same as the Huawei one: http://www.imgur.com/0hJtXXH
Virgin resell BT ADSL as a virtual ISP, like Tesco. It isn't just BT to the exchange, it is BT all the way if you cannot get cable and still go with Virgin.
You're being facetious, but the UK and the USA are in some of the tightest relationships of any countries ever. The Anglosphere runs deep with the "Five Eyes".
The UK absolutely and fundamentally should trust the US over China -- after all, the UK and the USA have no-holds-barred sharing of intelligence and spying, while the UK and China have literally no pact at all and are adversarial in that regard.
USA equipment would be orders of magnitude more safe for the British people, as by forming a pact with the US, the US has responsibility to the British government for the intelligence gathered (and vice versa on the mass amounts they collect on us through GCHQ!)
But to pretend that the US is guilty and the UK innocent is absolutely, egregious biased and false. They dragnet over 200 fiber interconnects and literally copy all internet traffic for analysis. They are not our victims, they are our brothers in arms. Don't forget that!
I don't know if it's possible to describe in words the affection that the American people feel for the other members of the Anglosphere - it's not quite brotherhood, because it's stronger than that.
With that said, I don't want anyone copying all internet traffic and sharing it with intelligence agencies. Of course, if I had to pick, I think I'd prefer it to be Uncle Sam doing it, but I fear the U.S. Government for drastically different reasons than I do China, in that the Chinese government is highly unlikely to be a threat to my basic freedoms and liberties, whereas the U.S. Government is looking more and more like they might be.
"Crazy" conspiracy theory - China is under the control of the same group that has utter control of the US and the UK and to keep control, they create much of the chaos that we experience.
See: Mao Zedong (Yale graduate) and Every US Ambassador to China is a member of Skull and Bones.
The best way to predict the future is to create it. :)
>no-holds-barred sharing of intelligence and spying
Citation needed, except that by definition there can't be one, because if there were such a public claim, and an un-shared piece of intel existed (that in theory would refute it), then that intel could not be used publicly to refute the claim. Since the claim is irrefutable, it is also invalid.
So it's probably more accurate to say 'extensive sharing...'
The colonists revolted because they were being denied their rights as British citizens. And before WWII we, and intermittently France, were the world's only major democracies.
The relationship is somewhat akin to ancient Greece and Rome, but closer.
> We' have literally fought wars together. Don't think you can take that lightly.
Well this is highest-level political commentary. Let's ignore the wars the US and UK fought against each other, and the times they allied with other countries. That one time the US and USSR fought a war together made them BFFs too...
We're talking about foreign spies conducting industrial espionage and gathering state intelligence data. That's much less likely to happen from the USA than China.
I recently bought a Huawei phone from a large mobile phone dealer. £70 contract-free, with a dual-core processor and Android 4.1.
Is there something I should be concerned about with this thing? It is remarkably cheap and seems good quality so far. I'll probably put Cyanogenmod on it if they come out with it, though.
> but there's no real way of knowing what secrets the silicon holds.
Technically, some places do melt down the chips with acid layer by layer and dissect what is actually in them. It isn't easy, and tough to miss things, though, I imagine.
Will be interesting if we go back to the days when stories like the US managing to get back doored chips into Russia which blew up pipelines and stuff are actually happening.
That looks like a standard VDSL2 modem to me. If you do not want Huawei equipment, is there any reason you couldn't purchase your own VDSL2 modem from anywhere and use that?
In 2011, Huawei offered to give roughly 50MM GBP's worth of mobile equipment to the London Underground as a gift, which the UK declined due to "national security" reasons.
In 2013, the UK is going to pay Huawei to filter all its Internet traffic.
"Customers who do not want filtering still have their traffic routed through the system, but matches to Huawei's database are dismissed rather than acted upon."
In other words, when they screw up the implementation and it breaks something about your network connection (e.g. IPv6, TCP options, or dozens of other subtle things), there's nothing you'll be able to do to just get raw packets routed over the Internet.
It's been in place on TalkTalk's network for 2 years now, it really doesn't break things. It's not particularly aggressive, and only looks for HTTP and HTTPS traffic, not VPNs etc.
Whether you agree with it, like it, or want it, is an entirely different question (I don't want it), but it hasn't caused significant issues yet.
They also send a crawler to any urls that they've not "registered" before (by IP). About 30 secs after navigating to a new page their bot will crawl a visited page. robots.txt is not honoured.
Something to consider when testing, or using, "hidden" sites and pages.
I'm genuinely surprised that it isn't causing at least minor problems with some sites for more technical users.
I manage a virus-scanning web proxy for our company and this is enough to throw up regular little glitches with all sorts of sites which "just work" when going direct.
We have TalkTalk at home (although as soon as fibre optic comes in this area we are moving) and I have to admit: I had no idea this was happening. I'm a pretty 'technical' user and I haven't noticed any problems as such.
The corporate systems for this (usually) operate by proxying all HTTP traffic, so any sites which don't play nicely with a HTTP proxy are affected. I've seen "interesting" problems with some more esoteric HTTP 1.1 features and all sorts of things with streaming sites.
You're probably right that this system isn't proxying everything, so its impact would be a lot lower. It all depends on what layer it tries to operate, which we don't really know. I'd love to see an investigation from someone on TalkTalk.
> It's been in place on TalkTalk's network for 2 years now...but it hasn't caused significant issues yet.
Of course it hasn't; It's only been 2 years. You won't notice unless you're trying to build or deploy something innovative that breaks some of the assumptions that the designers of the filters never anticipated.
Layered protocols exist to allow them to evolve over time with a minimum of complexity (and cost). When you break the layering, you make that evolution more expensive. Look at how expensive it is to write a basic app that has peer-to-peer conectivity, thanks to NAT.
How are we supposed to deploy the next WebSockets when there are transparent HTTP proxies everywhere that aren't aware of it?
Economically speaking, widespread deployment of these sorts of filtering technologies are exactly like pollution: they look fine at first, but eventually they end up being very expensive for everyone, even the people who never used them.
I expect my ISP to never, ever fuck with the application layer. Do your job and route my traffic, thanks.
There is no valid reason to pass traffic through the filtering system if a customer has opted out and won't be filtered. This costs real money to the ISP, so I presume they analyze that traffic. It doesn't matter if they pretend to do this to train the filter or feed some agency's data warehouse, this is madness.
Huawei is a UK registered company isn't it, certainly appears to be on Companies House WebCheck database. It also used to be called Huawei Symantec FWIW.
It's not a Chinese system, it's using Chinese technology, but then the PM uses Chinese technology, along with the entire government, every day. As do the US President and government presumably.
Yes there should be due diligence to ensure that data is not being collected and off-shored. The BBC seem to be going to pains to suggest that this is a massive Chinese espionage coup without actually stating as much.
What're the facts here. Chinese made technology is part of the UK internet. ZOMG! If the tech was from Cisco would it really make a difference.
>both Huawei and TalkTalk employees are able to add or remove sites independently //
Right so TT employ a UK company whose UK employees are able to do their job.
I'm not saying oversight isn't necessary but this seems so overplayed unless the BBC have more facts they're choosing not to disclose.
But under the same token we should be stopping Facebook or Google from routing our internet traffic as "they're going to be working for the US Government". Indeed there's more evidence that FB and Google are maliciously colluding than there is for Huawei having done anything wrong here.
I'm not saying we shouldn't be vigilent just that this story has a measure of "Starbucks could be poisoning monarchists to further the aims of USA".
This should be on a T-shirt. Maybe borrowing the backdrop to Pink Floyd's Dark Side of the Moon album and cross it with the digital rain form The Matrix. ;)
> This is not surveillance, it's out right censorship.
Of course it's surveillance, you think this system doesn't log hits? At this point you have to expect a database query can return what porn sites you're visiting and when.
They're blacklisting sites but you don't have to have the filter on your connection. Doesn't censorship require that someone prevent you, or indeed impede you from seeing something.
TalkTalk just ask you [ie the person who pays the ISP] if you want to be filtered or not. Perhaps they also filter illegal sites, use of a list from the IWF was mentioned, but who's going to know.
Porn site 101: every site will constantly change its IP and provide alternative domains to avoid been blocked. Thus if UK need to cut out porn sites completely, they have to implement some kind of keywords based system, which is 100% what a censorship firewall is.
Are keyword based firewalls really all that effective?
What if someone's researching classical art and searched for "nude"? Surely, that will cause a fair amount of hair-pulling to deactivate the filter in public access locations like libraries and such.
So each time a UK residents visits a webpage his ISP will send the url to Huawei to ask for permission?
Good to see that Cameron don’t waste the opportunity and get the UK to use the same hardware platform as the Chinese. The Chinese are already one of the leaders in technology for censorship, with the great firewall and all, so it could be a lot of opportunities for synergy and cross border cooperation her…
> So each time a UK residents visits a webpage his ISP will send the url to Huawei to ask for permission?
No, each time a UK resident visits a webpage, his ISP will send the URL to a server in the ISP's network running software made by Huawei (which could be backdoored), loaded with watchlists maintained by a UK entity.
It's unclear how that software will redirect the request, but it's probably just a DNS hi-jack.
Maybe Mr. Cameron can ask for the url list used by the great firewall also? The authorities could save a lot of time if they had an initial list to start with.
What are we nicknaming this? Maybe "he Great Hadrian Firewall" after the Hadrian's wall?[0]
The Chinese list would lead to instant political death, because that'll block Facebook, Youtube, Twitter, and some Google+ services. A large number of businesses in the UK that rely on those services will soon follow Mr Cameron to the grave.
On the plus side, the message that the Internet is not a toy to be taken away at will would swiftly and surely be delivered, via the medium of being dragged out into the streets by an angry mob.
That's what they're trying to make it look like - in practice it seems more likely that Huawei are just providing a managed service in TT's server farms that filters a given list of sites.
Could Huawei maliciously use that data? Yes, like how the French/Russians can cut off our power. Or USA can poison all our coffee drinkers and fast-food eaters.
Maybe this is all a clever government ruse. If DC wants more of Britain's youth interested in technology, what better way than to force them to find ingenious technological solutions to get hold of their porn?
Cisco helped China government build the Great Firewall 10 years ago. It's very advanced and powerful.
I don't think Huawei can beat Cisco in the 'net filtering' business at GFW level.
I guess it's just a budget limited version :)
Do books and radio that children have ready access to have hardcore and/or illegal pornography.
Schools purchase from book catalogues that are "censored" in this sense and [legal] FTA radio is equally censored. So why shouldn't we allow people to get their internet equally censored.
Parental supervision includes using commercial services that censor hardcore pornography.
Well, the UK did have a country wide ban on "promoting homosexuality" in schools ( http://en.wikipedia.org/wiki/Section_28 ). They don't believe in parental supervision for some things.
As an aside, I find it very interesting that the BBC website is so selective about which articles they allow (moderated) comments on, for example here is an article with a comment form
The Green Dam project [1] which was advertised by the department of industry and information technology of P.R. China as protection of children from online pornography had been defeated after media exposure year ago. Now the authority in Britain wants to introduce essentially the same stuff!
Seriously, this incredibly misleading headline should get this post removed from HN.
Ever since the NSA story broke there seems to be a constant effort to post overly alarming headlines in the style of "look how much worse things are in places outside the US".
Can you explain why the headline is miseading? The UK is at least as bad as the US because GCHQ and NSA have a special relationship, there's no plot here to make America look good.
For me the headline, whilst technically true, was slightly misleading because "Chinese firm Huawei controls UK net filter" suggests a UK-wide net filter that Huawei controls. Whereas the BBC article headline of "Chinese firm Huawei controls net filter praised by PM" does not suggest that.
Hmm that's true, "Chinese firm Huawei to control proposed UK net filter" would probably be best if it fits. I think this is more of a proposal (albeit one he sees as de facto happening) by the PM than something he's praising.
Huawei is sort of "Chinese Cisco", ie. while they probably have some custom silicon in their products they don't market silicon directly instead focusing on complete devices. So, you are probably thinking of another company.
As an established enterprise company in the UK, we have our "own internet" which we run between our clients. It goes over encrypted point to point IPsec channels over leased POTS and LSE lines.
This is because we can't rely on the Internet as a business...
It has nothing to do with race, and everything to do with the concern of having a company that there are concerns might be influenced by the government of a dictatorship that are renowned for using net censorship to maintain its political control, potentially be in control of a network filter that most UK network traffic will end up going through.
I don't see anything in the article that complains about Huawei because it is Chinese in itself, as opposed to because of concerns there might be political connections at play, or the generic issue of having such filtering under control of a commercial actor in general.
How hard would it be to have a script creating millions of email accounts sending billions of random emails including words like "bomb", "attack", "taliban" among others rendering PRISM useless?
Work on the assumption that PRISM has spam filters at least as good as GMail, so it wouldn't be trivial to overload it with automatically generated content.
1) The UK willingly submits all of its net traffic to monitoring, snooping and supervision by a Chinese firm. This is mindboggling. Why worry about NSA's ECHELON or PRISM now, when the government has just passed a law requiring every packet to be inspected by a Chinese system.
2) Let's learn from those who are best at censorship. Obviously China has significant experience in that area. UK has a lot to catch up, but they're working on it.
Think about it -- if somebody told you 10 years ago that the United Kingdom will outsource country-wide Internet traffic monitoring, policing and censoring to Chinese companies, you'd call them a nutjob.