> Don't think about this in terms of just governments tracking you. Consider if you have any work emails containing company secrets in them. Consider if you have 2FA apps installed that you would use to unlock or change your work password. And since it was almost certainly the Chinese Intel/Military that helps Huawei and other companies, you can be sure that whatever information Huawei gets access to doesn't need to just help them out, but might help any other company the Chinese government wants to see succeed.
-Me, 3 weeks ago on this website
Don't buy Huawei hardware. Their incentives to help their customers is far less than their incentives to help their government.
"Don't buy Huawei hardware. Their incentives to help their customers is far less than their incentives to help their government."
Every company in every country is going to jump if their government says them so. I wouldn't expect any telcos or phone manufacturers to act differently if they were paid or gag ordered to act against their customers.
But let's be honest, iphones and android parts are manufactured in china. There are most probably a lot of spying hardware we don't know about that call the mother land.
Do you think Apple blindly trusts the hardware that comes from their factories? I have no evidence either way, but I would be very surprised if their hardware experts in the US didn't tear down and verify the parts that get shipped to them, like they did with the SuperMicro motherboards.
The idea that there is a lot of spying hardware in an iPhone that Apple doesn't know about is an extraordinary claim.
Also, this person's argument is basically... we have proof that Huawei spies on behalf of the Chinese government/military but that's not as bad as a hypothetical where 2 major American corporations who spend tons of money on security do no due diligence to protect their hardware from security breaches from the exact same Chinese government/military. It's an absurd argument conflating a fact with a guess.
If someone is going to accuse a company of having third party spy chips in their phones, they'd better be ready to prove it. Especially if that company is known for their insanely strict (not very strict, actually insane) supply chain management and have been known to put suppliers into bankruptcy for not meeting the company's supply needs exactly (GTAT sapphire). Especially a company very recently in the news for having picked apart every chip on a server motherboard to find out if any of those chips were not in the BOM.
I don't have to blindly trust anything to know the burden of that proof is on the person making that claim. If you're going to accuse that company of mismanaging their supply chain and compromising the security of their users and their products while crowing publicly otherwise, you'd better come with some evidence.
Assume innocence over guilt, assume guilt over innocence; false positives or false negatives. Where burden of proof stands depends on the kind of error you're attempting to minimize.
In this case I don't think it's warranted to try and minimize the rate of error of accidentally not trusting even if you have had some trust before. It's because security is a hard, induction-based problem. You counter it with vigilance in the long-run. Ignoring local rumors with high potential impact adds up.
Additionally unless you truly believe you can't be impacted by privacy theft or think your actions are so petty that they would never be useful to analyze by a bad actor; or, you additionally have Apple stock or some equivalent stake, I don't know why you wouldn't be willing to distrust vehemently. To me it seems like accidentally being wrong about Apple is not worse than any of those things.
Alright then, I can play that game too. Apple Watches collect and process your DNA and the US Army uses it to create waves of genetic clone soldiers.
It must be true, because some random person said it on the Internet. If you want to assume Apple is doing awful things based on laughably improbable rumors with absolutely no proof, you must believe this is true. Every soldier is actually a genetic clone of an Apple Watch wearer, and you must explicitly accept this as true because I said it's true. I don't have to prove it's right, and you can't prove it's wrong, which by your logic means it must be true with no exceptions.
Unless you truly believe you can't be impacted by DNA theft or your genes are so petty that they would never be useful to the US Army, or you own Apple stock or some other stake, you must believe that Apple is creating an army of clones that will replace you and integrate into society as sleeper agents until the revolution is upon us.
You see how ridiculous that sounds? That is your argument.
My argument is weaker, it's just "trust but verify" plus our disagreement about the background probabilities of such rumors being correct based off of the contextual information we each believe is relevant. Chinese espionage and tech transfer is not a new thing but it's only recently been coming to a head in geopolitical discourse.
Most of the indicting evidence is mainly cyber-security related, which is not always the same as exploiting a hardware backdoor. But hardware backdoors are a solid vector for penetrating digital systems and this strategy has been exploited by state actors and corporate actors in domestic and foreign operations before. Like NSA plus Intel chips or their Google data-center taps as revealed through the PRISM leaks. Or Google with their microphones bypassing the recording lights.
So even if the evidence currently falls in Apple's favor, which is fine, there's still no good reason to believe that this will always be true and it's still good security hygiene to go through a cycle of paranoia to ensure that it stays true. China is just the most recent bad actor to add to the pile of institutions to defend against.
I agree that the rumor itself could be weak. But I would also be curious under what conditions you would be willing to take on the possibility of compromised hardware. Would it have to be Apple's CEO taking the issue public, risking their stock price? Would it have to be a verified Apple insider putting their reputation on the line for leaking trade secrets about their pipeline without confronting their superiors first?
It should also go without speaking that distrust is not quite the same as believing something. It's closer to holding doubt, and even if doubt can be motivated by a guess it's not the same as endorsing a guess as fact. You're misrepresenting my point in at least that regard.
Assume innocence over guilt is for individuals. For huge entities, the sane approach is to doubt them and request continuous never ending proof they are well behaving.
I wrote code used to design hardware semi-automatically. The size and complexity of the tinest chip make it impossible to check the finished hardware perfectly.
But even if you somehow managed to check it once, nothing proves it's going to be unchanged for years and years you order it.
Now add on top of that you have so many of them in one devices, and there are so many devices, and suddenly you can see how many wooden horses cross the border avec seconds.
The Snowden revelations caused tech companies to implement strong encryption for consumer facing communications. Apple, Google, and Facebook all offer encryption protocols that now piss off the US government and caused friction between the private and public sectors.
People saying "but PRISM" have missed the past five years of US politics. Even Obama was getting mad at US tech.
I always think of Ai Weiwei when considering just what's possible under the Chinese government and system. It's nice that my property won't be demolished and that I won't be kidnapped and beaten by police just because the government doesn't like my criticisms.
Do you have any proof despite statements that the entire internal surveillance programs of the NSA was dismantled or we should just believe because the US government would never lie to us?
Technically, while I do think that those companies have moved to stronger encryption over the past few years (which is a general trend I think) for consumer facing stuff, at least one of the changes that came out of PRISM was that Google started encrypting all of their communications in and out of their data centers (and in between) because PRISM was tapping at the datacenter level if I recall (something related to the note with the smiley face).
Encryption doesn't prevent state actors to require a secret backdoor. Your naive point of view ignore 40 years of history of spying and power abuse. It's worrying the past is erased so easily in the people's mind. It allows terrible behavior to come back rocking again and again.
One government is actually putting people into fucking camps[1], the other isn't.
The scale in which the Chinese Government is bad dwarfs the bad things the US Government may do. No Government is perfect, but there are orders of magnitudes in difference between the badness of the US and that of the Chinese Government.
So one is cancer, the other one is a broken leg. Yeah, I prefer to have the broken leg.
Doesn't mean it's a good thing to allow easily to break a leg.
Americans have been watching too much TV stating how great their country is, they now repeat it again and again without thinking about it. I've never seen any other free country population doing that anywhere in the world, and I travel a lot. It's even weirder when I come in the Valley and see that from the inside. Boy are you delusional.
I'm not American. I have no doubt that the American Government has its own daemons and is shit in many ways. However, it is at least notionally accountable to its populace, and has always claimed and aspired to be a beacon of freedom (I doubt its ever lived up t its claims). But the Chinese make no such claim, and do not act, nor try to act in such a virtuous manner.
As much as I detest America and their government, I'd rather a American hegemony than a Chinese one.
China putting some muslims, that may have been radicalizing, in camps to study Chinese history seems a lot better than the alternatives we employed in Iraq, Syria and Yemen.
What kind of transparency would you like to see from them? For some things, like active secret investigations how would you expect them to act transparently and publicly?
That'll never happen. Even if the case is closed and there are no loose ends for that particular case, it would still reveal the collection methods used, potentially impacting other foreign intel and FISA related cases.
What? The CCP can be accused of many things, but a lack of transparency isn't one of them. They're easily one of the most transparent governments. They're just transparently authoritarian.
Did the Chinese government spend the last century toppling democratically elected governments and subjecting the populations to the horrors that followed purely for economic gain?
Lets not mention the torture program, which the current head of CIA took part.
Or the "humanitarian" invasion of Iraq, Afghanistan, Lybia and Syria without UN Security Council mandate. Especially Lybya, which is much more democratic now with it's slave markets.
Or the protectionism that goes against the WTO treaties.
Or by weaponizing the dollar, which is supposed to be the world's reserve currency, by the means of sanctions.
Should I mentions the use of nuclear weapons and napalm against targets with dense civilian population close by?
China, Russia and the US are all draconian regimes. Some target it's own people, other target people overseas and others target both.
The difference is that one has holywood at it's side to show them saving the world time and time again from aliens, metheors and vile russians / nazis. And people just treat the US government as the good heart kid that makes a few mistakes.
Depends who is defining what is ethical of course. The fact that ethics is cultural will mean that each side will probably think they are the most ethical.
To disprove that claim: try to come up with an ethical framework which makes no mention of a higher power as justification, and tell us why it is better than all others. Most land on some variant of utilitarianism and then disagree what the objective function should be.
We can dance around the idea of ethics or we can actually look at historical actions taken by both. Putting the Chinese & US government interventionism on the same plain for objective ethics judgements is a joke (regardless of whos cultural ethical standards you use).
All of his/her comments in this post are seemingly only there to stir up people. There's no evidence behind the things they're saying other than a hand-waving attempt at minimizing China's bad faith actions by saying others do similar things. When arguing that someone who is 10/10 bad is equal to someone that is 4/10 bad you have to really reach to equate the two and not see the nuance.
There is no evidence? Too funny, I was hoping the work required was just reminding this (expected educated) audience of history, rather than teaching a full course myself.
There is a reason the statue of Lin Zexu is in Chatham Square, NYC.
Your posts in this thread have continually grown more and more incivil and arrogant in defense of Chinese spying. Stating that you thought this audience HN was smart but now you realize you have to teach this audience on HN is incredibly condescending. What do you get out of taking this stance towards this audience?
When did 'western powers' invade China and drug a large percentage of their population between 1918 and 2018? What was the percentage of their population? What were the drugs? What was the purpose? Who did it? How did something that you say supposedly happened 100 ago effect a country 200 years ago?
This is an extraordinary claim that should require extraordinary evidence. You've shown no evidence of the statements you've made in this thread so far so I hope you'll change that up and provide us with some here. I'd be very interested in seeing some for this.
Your condescension only seems to grow and you continue to get more incivil while crying out that you're getting attacked (elsewhere in this thread saying I'm attacking the messenger). I think I'll call it quits in trying to have a civil conversation with you since you only seem interested in spewing unsubstantiated pro-Chinese statements and attacking everyone in this thread that doesn't agree with you.
Even if that was true, as an American, I would much prefer leaking to my government over that of a Communist dictatorship hellbent on becoming the ruling super power.
-Me, 3 weeks ago on this website
Don't buy Huawei hardware. Their incentives to help their customers is far less than their incentives to help their government.