this post was submitted on 01 Jan 2024
192 points (94.4% liked)

No Stupid Questions

34333 readers
1670 users here now

No such thing. Ask away!

!nostupidquestions is a community dedicated to being helpful and answering each others' questions on various topics.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules (interactive)

Rule 1- All posts must be legitimate questions. All post titles must include a question.

All posts must be legitimate questions, and all post titles must include a question. Questions that are joke or trolling questions, memes, song lyrics as title, etc. are not allowed here. See Rule 6 for all exceptions.

Rule 2- Your question subject cannot be illegal or NSFW material.

Your question subject cannot be illegal or NSFW material. You will be warned first, banned second.

Rule 3- Do not seek mental, medical and professional help here.

Do not seek mental, medical and professional help here. Breaking this rule will not get you or your post removed, but it will put you at risk, and possibly in danger.

Rule 4- No self promotion or upvote-farming of any kind.

That's it.

Rule 5- No baiting or sealioning or promoting an agenda.

Questions which, instead of being of an innocuous nature, are specifically intended (based on reports and in the opinion of our crack moderation team) to bait users into ideological wars on charged political topics will be removed and the authors warned - or banned - depending on severity.

Rule 6- Regarding META posts and joke questions.

Provided it is about the community itself, you may post non-question posts using the [META] tag on your post title.

On fridays, you are allowed to post meme and troll questions, on the condition that it's in text format only, and conforms with our other rules. These posts MUST include the [NSQ Friday] tag in their title.

If you post a serious question on friday and are looking only for legitimate answers, then please include the [Serious] tag on your post. Irrelevant replies will then be removed by moderators.

Rule 7- You can't intentionally annoy, mock, or harass other members.

If you intentionally annoy, mock, harass, or discriminate against any individual member, you will be removed.

Likewise, if you are a member, sympathiser or a resemblant of a movement that is known to largely hate, mock, discriminate against, and/or want to take lives of a group of people, and you were provably vocal about your hate, then you will be banned on sight.

Rule 8- All comments should try to stay relevant to their parent content.

Rule 9- Reposts from other platforms are not allowed.

Let everyone have their own content.

Rule 10- Majority of bots aren't allowed to participate here.

Credits

Our breathtaking icon was bestowed upon us by @Cevilia!

The greatest banner of all time: by @TheOneWithTheHair!

founded 1 year ago
MODERATORS
ja2@lemmy.world
_MoveSwiftly@lemmy.world
Rooki@lemmy.world
Thekingoflorda@lemmy.world
automodbeta@lemmy.world
L3s@lemmy.world
192
Do Huawei phones have a secret backdoor that the Chinese government can access? (lemmy.world)
submitted 6 months ago by skeezix@lemmy.world to c/nostupidquestions@lemmy.world
76 comments fedilink hide all child comments
top 50 comments
sorted by: hot top controversial new old
[–] ryathal@sh.itjust.works 112 points 6 months ago (2 children)

It wouldn't be very secret if it was published on the internet. It's definitely a credible concern given the level of control China demands of companies operating in the country. The US also essentially has backdoors into most communication, and possibly phones as well, so it's not that crazy for China to also have them.

China is also very aggressive in hacking into companies. Even if they didn't have a custom backdoor, them finding a way in and essentially banning Huawei from fixing it, is another option.

[–] CleoTheWizard@lemmy.world 14 points 6 months ago

This is the exact reason Lenovo is the way that it is. The US didn’t trust them not to have a back door and so they grew US operations to keep from getting banned. This has all played out before

[–] fishos@lemmy.world 12 points 6 months ago (2 children)

I was under the impression it was was common knowledge/rumor that Cisco hardware all has a US installed backdoor. Huawai having a backdoor specifically wasn't the big revelation/concern. It was that it was Chinese/foreign government controlled. Everyone puts backdoors in, it's just a matter of only having friendly backdoors you can control.

[–] ryathal@sh.itjust.works 11 points 6 months ago

The rumor probably exists, but the US seems to just bully companies into getting access rather than building back doors into equipment, based on available evidence. They do maintain unpublished 0 day exploits though, so it could also be both.

[–] GadolElohai@kbin.social 3 points 6 months ago (3 children)

@fishos It is emphatically not common knowledge. I'm reading everyone asserting that such and such governments have backdoors on phones or whatever device, but you're the first person to cite an example. If you have more, I would appreciate you sharing those.

[–] fishos@lemmy.world 3 points 6 months ago

Let me do some digging and try to find you some sources when I'm not stuck at work. I know there are Wikipedia articles for the literal rooms inside of telecoms that are known to be government taps into telecom and internet infrastructure. I just can't remember the room names off the top of my head. I'll come back with a few different sources to hopefully get you going down the right rabbit hole.

load more comments (2 replies)
[–] LillyPip@lemmy.ca 90 points 6 months ago (11 children)

Yes.

Also phones made in the US have back doors that the US government can access. It’s not really secret.

[–] ringwraithfish@startrek.website 47 points 6 months ago

It's secret like Area 51 is secret. We know it's there, we know the government is doing something with it, but we don't know fully what, when, why, or how.

[–] Dark_Arc@social.packetloss.gg 23 points 6 months ago* (last edited 6 months ago) (2 children)

I don't think the US Govt backdoors phones anymore ... mostly because they don't need to. They find other ways to get the information, like warrantless surveillance of Google and Apple notification servers.

The other reason I don't think it happens is that there are just too many security researchers trying to find exploits and backdoors. Also it's pretty well known that any backdoor can be used against you. The NSA has an interest in domestic phones being secure.

Granted, international models might have some alterations/backdoors... Even then, that would be egg on the face that they don't really need if they got caught with a backdoor that applied only to international phones.

[–] Cinner@lemmy.world 13 points 6 months ago

The backdoors the NSA uses are known vulnerabilities, 0days, USB drops, all the normal hacker tools... and if it's a target of sensitive enough in nature, maybe a warrant requiring Apple Update/Windows Update/whoever or whatever device needs spied on, to deliver a payload to that specific machine.

https://www.vice.com/en/article/wnx5bm/nsas-hacker-in-chief-we-dont-need-zero-days-to-get-inside-your-network-rob-boyce

load more comments (1 replies)
load more comments (9 replies)
[–] linearchaos@lemmy.world 82 points 6 months ago (4 children)

They're definitely grabbing analytics and statistics. But so is AT&T, Verizon, T-Mobile, Apple, Amazon, Samsung, Google, Microsoft.

If the Chinese government asked any of those other companies to give them all the data they have on you in particular, They probably tell them to get bent.

But if the US government told them to do it, they would comply and then have a gag order slapped against them to keep them from telling you it happened.

Huawei is beholden to the Chinese government. So it works kind of in the opposite way.

[–] FuglyDuck@lemmy.world 33 points 6 months ago

If the Chinese government asked any of those other companies to give them all the data they have on you in particular, They probably tell them to get bent.

More likely they’ll send an invoice. They’re already selling your data to them. (And everyone else.)

load more comments (3 replies)
[–] CluelessLemmyng@lemmy.sdf.org 66 points 6 months ago (3 children)

Short answer is "likely".

If you work in a field with sensitive data (financial, healthcare, technology, politics) you don't get a phone designed by a China-government owned company.

[–] Treczoks@lemmy.world 14 points 6 months ago

I upgrade to "most likely".

[–] Dazawassa@programming.dev 8 points 6 months ago

You don't really want a device linked to any third party to be fair.

load more comments (1 replies)
[–] NeoNachtwaechter@lemmy.world 50 points 6 months ago (1 children)

I don't have any specific knowledge regarding the specific question, but:

I would rather expect a frontdoor.

load more comments (1 replies)
[–] pimento64@sopuli.xyz 43 points 6 months ago* (last edited 6 months ago) (1 children)

If Lenovo's multiple rootkit fiascos are anything to go by for Chinese-corporation-designed electronics, yes.

[–] adespoton@lemmy.ca 7 points 6 months ago

Most of Lenovo’s rootkit fiascos are due to lack of vetting bundleware providers though; Huawei is actually unlikely to have a backdoor in their phones. Their 5G infrastructure on the other hand is known to have at least two different potential backdoors designed in such a way that they may just be a chain of unfortunate vulnerabilities. Or not.

[–] lseif@sopuli.xyz 24 points 6 months ago (5 children)

not trying to argue 'both-sides', but most likely so does the US government/five eyes/whatever for android (and sometimes ios)

[–] trustnoone@lemmy.sdf.org 16 points 6 months ago

I mean, it's written into law in Australia https://fee.org/articles/australia-s-unprecedented-encryption-law-is-a-threat-to-global-privacy/

And you can be sure that data is shared with 5eyes.

load more comments (4 replies)
[–] queue@lemmy.blahaj.zone 23 points 6 months ago (1 children)

Probably, but iPhones and Android have them for the Five Eyes and anyone else who is willing to pay/push for laws to make it happen. All you do with a phone is pick your poison, do you want China to spy on you, or America, the UK, or some other government or company who then sells it to the highest bidder.

Any cell phone, dumb or smart, is a tracking device. The smarter it is, the better it is as snooping on you. Doesn't matter how or where the phone's hardware is made, it's going to track you without consent. You just need to ask "Am I worried about China or am I worried about another government?" to even "If the backdoor is big enough, can third parties get me too as I walk by on the street?"

[–] 50gp@kbin.social 5 points 6 months ago (1 children)

yea phones constantly ping something so at least the network operator can map out where it has been with good accuracy if you become person of interest

[–] Aceticon@lemmy.world 4 points 6 months ago

The network operator will naturally have a log of the nearest cell tower to your phone as you move around and each entry there gives an (almost, but not quite in heavilly built places because line of sight obstructions and signal bounces) circular area within which that phone was at that time (not absolutelly sure about the tower measuring and keeping logs of radiowave power levels, but if it does that circular area can be further improved to something like a torus), and the higher the density of cell towers around the phone (i.e. in cities) the smaller the areas and hence the higher location precision.

Also, at least in the US, it's possible to get the operator to triangulate the phone's position using multiple towers to get a much more precise location, which is how law enforcement (and who knows who else) can find people via their phones.

Even the dumbest of mobile phones can be tracked this way.

[–] seedd@lemmy.world 23 points 6 months ago

Not a backdoor, a loading dock

[–] ReginaPhalange@lemmy.world 20 points 6 months ago (1 children)

On the same vein, do wo know if Intel Management Engine is a NSA backdoor?
I keep hearing about the potential of it beeing a back door, but haven't heard an exploit using it roaming about the interwebs

[–] al177@lemmy.sdf.org 10 points 6 months ago (1 children)

It's not known to be a backdoor, but it's a juicy attack surface that customers are largely ignorant of and provides little consumer benefit. If I were an NSA employee and my boss handed me a blank check to develop a preboot exploit for Intel PCs, I'd start with IME.

[–] sarchar@programming.dev 4 points 6 months ago (1 children)

Is there an IME equivalent on AMD cpus?

load more comments (1 replies)
[–] Flax_vert@feddit.uk 18 points 6 months ago (2 children)

Probably. Also, look at myactivity.google.com . Any info you have there can be handed over to a government

load more comments (2 replies)
[–] ohlaph@lemmy.world 18 points 6 months ago (1 children)

Probably a garage door.

load more comments (1 replies)
[–] Hjalamanger@feddit.nu 16 points 6 months ago (4 children)

It doesn't matter if it's a Huawei or some American phone, China, USA and others will spy on you no matter what phone you choose only the means differ. If you buy a Huawei china will have backdoors in your phone and the USA will buy all your info and if you get an American phone the USA will have backdoors and china will buy the data.

Also I find the focus on china kinda weird. I ultimately don't want anyone stealing my data, not even the USA. Just like china the USA has been involved in mass surveillance and a lot of war crimes. For example American soldiers have been found guilty of rapping and killing children. From Wikipedia (United States war crimes > war on terror > Iraq war):

On 12 March 2006, a 14-year-old Iraqi girl named Abeer Qassim Hamza al-Janabi was raped and subsequently murdered along with her 34-year-old mother Fakhriyah Taha Muhasen, 45-year-old father Qassim Hamza Raheem, and 6-year-old sister Hadeel Qassim Hamza al-Janabi.

After all of that I want to ask you one question, do you really want the USA sterling your data?
Also what you answer that question with doesn't matter since both china and the USA will be stealing your data no matter if you want it or which phone you buy.

As a final note I should maybe mention that I'm not American if you haven't figured that out yet. Also please don't accuse me of spreading Chinese propaganda. I'm advocating against the USA and the CIA, not for china.

Also sorry for being so political in a kind of not that political thread.

[–] RandomVideos@programming.dev 9 points 6 months ago

So if i want China to not have my data i should by a chinese phone?

/s

[–] SRo@lemmy.dbzer0.com 3 points 6 months ago (2 children)

But it sounds like you are advocating for china. Look how much you wrote about another country when someone asked specifically about china and a Chinese phone manufactured in china.

[–] andrewta@lemmy.world 4 points 6 months ago (2 children)

If you think he is advocating for China then you need to reread what was wrote

load more comments (2 replies)
load more comments (1 replies)
load more comments (2 replies)
[–] A_A@lemmy.world 13 points 6 months ago

if they don't, it's the only phones without.

[–] walter_wiggles@lemmy.nz 6 points 6 months ago

Are you the FBI? You have to tell us, you can't lie.

[–] 0x4E4F@sh.itjust.works 4 points 6 months ago (1 children)

Have no idea...all I know is, everything is manufatcured in the PCR.

[–] Flax_vert@feddit.uk 6 points 6 months ago

PRC*

PCR is funny, though

[–] moon@lemmy.cafe 3 points 6 months ago

I'm sure it's nothing in comparison to what the CCP get from TikTok

load more comments
view more: next ›