Ken Hu Huawei cyber securityAt Reseller News Rob O’Neill covers a speech by Huawei rotating chair Ken Hu. Hu says the world lacks a global, common understanding of cyber security.

… In Brussels yesterday, Hu said what the industry needed was a mutual understanding of security to build a trustworthy environment. Huawei was now operating on an “ABC” model for cyber security, he said.

The A stands for “assume nothing”, the B for “believe nobody” and the C for “check everything”.

“Both trust and distrust should be based on facts,” he said. “Facts must be verifiable and verification must be based on standards.”

Government and standards bodies needed to work with all stakeholders on developing such standards, he added. The implications was that a standards-based environment, would help defuse current tensions by creating a vendor-neutral environment.

Hu’s ABC is a beautiful, simple way of getting to the heart of a sensible security strategy at any level. 1

The speech was at the opening of Huawei’s “cyber security transparency centre” in Brussels. With the company under pressure to show that it is not a threat and not a puppet of the Chinese government, Huawei has gone on the front foot.

As the company’s top communications executive Joe Kelly told New Zealand journalists a week earlier at Mobile World Congress in Barcelona, it’s hard to prove you’re not doing something.

Cyber security as part of a bigger picture

Which explains why Huawei is stepping up its rhetoric to argue against accusations while at the same time maintaining a charm offensive and investing in projects like the Brussels centre.

It was clear at Barcelona that there’s enough high quality business selling communications network to the rest of the world outside of the US and allies like New Zealand who express fears about security issues.

Yet Huawei knows, in the long-term, respectability and trust will get it further. Pushing a cyber security agenda is a good way to get attention. Building centres like the one in Brussels will help build trust.


  1. It is also a great summary of the basic tenants of good journalism. Reporting also needs to be fact based. ↩︎

Huawei MWC 2019All over Barcelona banners advertise the city’s 2019 Mobile World Congress event. The slogan is “intelligent connectivity”. The phrase is about generic as things can be in this business. What is it supposed to mean?

There are answers in the eight giant exhibition halls and the numerous conference theatres that dot the event’s site. Everywhere you look, you’ll see the term 5G. Then the penny drops, fifth generation mobile phone technology is meant to be intelligent connectivity.

Judging by MWC, 5G must be at the peak of Gartner’s Hype Cycle. It’s been front and centre for the last three years. Now carriers are building 5G networks and tentatively switching them on. 5G phone hardware is here. It’s all ready to fly except for one thing, practical business applications for 5G are still few and far between.

Huawei everywhere

If it’s hard to avoid 5G hype at MWC. It’s also hard to avoid Huawei. The company’s logo is everywhere. Huawei has the biggest stand in the largest exhibition hall, although the word stand is not the best way to describe a hectare or so of space showing 5G network hardware, end-user kit and even the occasional practical business application.

One user case is a Norwegian salmon farm that uses 5G. Almost all part of its operation would work just as well with 4G or even 3G. However, the fish farmers use 4K television to monitor fish health. They can’t see the lice that attach themselves to salmon on a lower resolution screen and 5G is the only practical way to transmit that much data from the fish pens to the land-based monitoring stations.

Travel for about kilometre on the showground travelator and you’ll get from Huawei’s carrier exhibit to the company’s consumer device stand. There you can see the Mate X, a folding phone handset. It looks like any other 2019 Android handset until you open it out. Then it turns into an iPad-like tablet.

Tablet or phone?

It’s not entirely clear if the Huawei Mate X is a phone that can double as a tablet, or if it is a tablet you can fold up and put in your pocket. Either way, it feels a little like magic when you first get your hands on one. Also magic is that no-one seems to want to use the awful term phablet to describe the device.

The likely NZ price will be the thick end of $4,000 which seems a lot, but for a lot of people this is going to be a valuable hardworking device. Like every other phone is has cameras and all the smartphone trimmings, unlike every other phone it does 5G straight out of the box.

Other phone makers also showed folding devices. Huawei appears to have the edge over Samsung and Alcatel who both displayed folding tablet-phones.

Politics

Huawei’s Mate X was the most talked about phone at MWC. The company was also seen in a less flattering limelight. Huawei has been locked out of some markets and is on the receiving end of negative attention from the US government.

The fear is that Huawei is either already using its network hardware to pass secrets to the Chinese government or that it will soon start doing so.

Huawei fought this on two fronts at Barcelona. On the positive front it showcased its products and services aiming to woo telecoms executives with its superior, in some cases outstanding products.

Billion dollar charm offensive

The charm offensive was huge. Off the record I was told Huawei spent getting on for a billion dollars on MWC. Thousands of employees attend. Plane loads of journalists, including myself, were flown in from around the world to see the company in its best light.

Huawei appears to have fed a large proportion of the 100,000 or so people who turned up to MWC. The catering budget must run into many millions.

There was a day zero event. In effect, a mini-conference held the day before MWC was officially open. Huawei used MWC to show the world it is the leader in the technology needed to make 5G happen.

Huawei’s second front was more aggressive. On the second formal day at MWC, Huawei chairman Guo Ping hit back at US claims in a measured, but angry keynote speech. In effect he said what Huawei officials have been telling journalists for months; that the company doesn’t do bad things and that there are no backdoors in network kit.

Nothing yet

Well, he would say that even if Huawei was up to its eyeballs in espionage. But no-one has any evidence of anything untoward to date. While that doesn’t mean nothing is going on, given the scrutiny the company is under, you might expect a whiff of evidence by now.

Those of us who aren’t in Huawei’s inner circle or who work at a high level in intelligence can never know for certain. MWC 2019 debated the questions, it didn’t resolve them.

In hindsight we should probably have guessed that a telecommunications industry event would find itself on the geopolitical front line. From a journalist’s point of view, it’s definitely more interesting that writing about a phone maker putting an extra camera on their back of their hardware.

Disclosure: While Huawei flew me to Barcelona and was a gracious host, the company was MWC’s biggest story by a long shot. I’d have written the same as above if I had paid my own way.

It’s understandable people worry about Huawei phones. Recent news reports suggest the company either is, or could one day, use its network equipment to help China spy on or disrupt other nations.

If that’s true, then the company’s phones may also be weaponised.

Huawei phone owners can relax. Well, actually you can’t, read on to find out why. But, unless you work in an important strategic role, Huawei’s brand on your handset is not your biggest phone problem.

While it is possible China’s spies are interested in hearing you call home to say “I’m on my way” or knowing how often you watch cat videos, it’s unlikely.

Easier routes to your data

And anyway it would take a lot of resources and energy to get that information from your phone when there are easier tools at a spy’s disposal.

As another recent online snooping scandal shows, spies can and probably do buy the information they need from Facebook or Google.

We’ve heard that Russian trolls know enough about individuals to target them with vote-changing propaganda.

The level of data available from Facebook or Google is so intimate that motivated snoops can know things about you that none of your close acquaintances do.

They know…

They know if you are closeted. They can know you’re pregnant before your family does. They definitely know if you’re unhappy. They know your prejudices and you musical taste.

The most chilling revelation about Cambridge Analytica is that even seemingly disconnected data helps build a picture of your mood. It reveals what you are thinking.

A Huawei phone’s inherent insecurity has less to do with its country of origin, more to do with the Android operating system.

That means much of your personal information automatically goes back to Google and is for sale. It knows where you’ve been, what you bought, who you talk to and so on. We’re told the data is anonymous, but that doesn’t stop companies from being able to identify and target you.

You agreed to be spied on

You agreed to this when you bought an Android phone. You confirmed your agreement when you clicked on the permission button when setting up the phone software. You agreed all over again when you first used Google Maps. And so on.

If you’d like to double down on enabling malevolent snoops, install a Facebook or Instagram app. Once one of these is on your phone, little you do remains a mystery to anyone with curiosity and a budget. Facebook takes this snooping to another level.

Some people reading this will think it’s quaint and old fashioned to be concerned about personal privacy and security. Perhaps it is.

In most cases the nature of information gathered by Facebook and Google is more valuable to spooks than having a back door into your phone. And a lot less trouble.

Insecurities

One other thing to consider. Given that Facebook has, and continues, to act in bad faith, you can’t trust the company’s promise it keeps your data safe. Spies may be able to buy your Facebook data. State sponsored attackers probably know how to steal it.

All the above applies to any other Android phone whether it is made in China or South Korea.

If you worry about owning a Huawei phone, you should worry about it being an Android phone.

Things are more serious if you work in the military, in a strategic sector or deal with trade secrets. Spies are as likely to be interested in blueprints for cutting-edge engineering as they are in troop placements.

Risk management

Another set of rules applies if you work in those roles. Foreign governments would like phone level access to your data. Even if there’s any truth in the allegations Huawei phones are only marginally more risky than, say, a Samsung phone. That said, extra prudence won’t hurt.

It may also pay to invest in extra security features. Samsung has a nice line of enterprise-grade phone security.

An iPhone looks safer, although Apple isn’t entirely squeaky clean in this department. While Apple gathers data, the company makes a virtue out of protecting its customers in a way the Android phone makers do not.

Apple’s business model is selling hardware and services. Google’s Android business model relies on collecting personal data. It’s that simple.

By all means be cynical about Apple’s claims. Skepticism is healthy. The world would be a safer place if more consumers thought these things through before buying devices. And also be aware that you can blow much of Apple’s protection the moment you install Facebook or any other pernicious data gathering app.

You have no business worrying about Huawei handing over your phone data to Chinese spies if you’re happy to hand over the same information to the likes of Facebook and Google. It’ll probably end up in the same hands either way.

Disclosure: Bill Bennett has travelled to China and elsewhere as Huawei’s guest on three occasions. He owns an iPhone and keeps tame Androids for testing purposes. 

InternetNZ research shows 94 percent of New Zealanders are concerned about the security of their personal data. Yet despite the high level of fear, researchers found only a fraction of users take practical steps to protect themselves from risk. 

Only one-third of New Zealanders surveyed used account authentication, either two-factor or multi-factor. Meanwhile less than half of those questioned make regular data backups. 

There is also concern about children being able to see inappropriate content online. The survey found this concerns 92 percent of those questioned. 

There are positives. Nine out of ten respondents told InternetNZ the benefits of the internet outweigh the negatives. When asked to be more specific about those benefits, 83 percent named having access to information. 

Commenting on the survey results, Andrew Cushen, InternetNZ’s outreach and engagement officer says: “As more and more of our lives are spent on the Internet, being able to access information online has now become a necessity. 

“This is why it’s so important that we continue to try and close digital divides in New Zealand. Every New Zealander deserves the opportunity to harness the power of the Internet”. 

Cushen says the fact that many people are not protecting themselves online is something we need to improve if New Zealanders are to stay safe online. 

He says: “We all need to take personal responsibility for our safety on the internet”. 

Cushen says the concern over inappropriate content is a reminder that families should talk to each other about the different types of content and what to do if they come across anything upsetting. He says; “We need to ensure that people of all ages feel safe on the Internet.”

The data comes from an annual survey commissioned by InternetNZ and conducted by Colmar Brunton. The research examines local internet attitudes.

Huawei is no longer welcome as a phone network build in some western democracies.

There’s an unproven suspicion the company is already spying for China. Even if it is not spying, western governments are wary of depending on a Chinese firm for critical infrastructure.

Sooner or later those fears about Huawei network equipment will spill over into phone handsets.

Negative headlines and ministerial statements here and overseas have already damaged Huawei’s brand. It could get worse.

Implications

What could fear of Huawei mean for the phone market?

It may lead to reduced choice, higher prices and less innovation. Mind you, the second two are already happening, with or with a Huawei effect.

Last year Huawei was the fourth most popular phone brand in New Zealand. It sits behind Samsung, Apple and Vodafone. Huawei had roughly ten percent of the market by unit numbers. The top two brands dominate by a long way.

Because Vodafone-branded handsets are at the low-end of the market, Huawei was number three in terms of revenue. Huawei’s share of revenue was also about ten percent. This number matters more than unit sales.

Huawei fast growing

Also important, Huawei was by far the fastest-growing phone brand in New Zealand both in terms of unit sales and revenue growth. It took market share from both Apple and Samsung.

Huawei plays an important role in New Zealand’s market. It puts pressure on the top two brands and ensures Android phone buyers have a plausible alternative to Samsung.

New Zealand is one of Huawei’s better markets. The phones are invisible in the US. In Australia Huawei is number five in the market, but with a much smaller share. Apple sells roughly 18 phones for every phone sold by Huawei. Samsung sells about 12.

Both Australia and the US have been wary of Huawei network hardware for some time.

Fear spill over

Of course other factors are at play, but it’s reasonable to assume those network security fears have something of a knock-on effect in the handset market.

It’s likely something similar will happen here.

Phone buyers might reason that if ministers and intelligence agencies are concerned about snooping at the network level, the same might apply to Huawei mobile phones, tablets and personal computers.

At the same time, people might look askance when a phone owner reveals they own a Huawei handset. Phone snobbery is real enough already, this is another level.

Employers might decide they don’t want employees doing business on a Huawei handset. There doesn’t need to be an outright ban, a lot of frowning will have a chilling effect.

Retail

It may even become harder to buy a Huawei phone. If things get worse, it’s possible the telcos will want to distance themselves from the brand. That means you either won’t see the handsets in Spark, Vodafone or 2degrees stores or they will be relegated to almost under-the-counter status.

Huawei may decide it needs to ramp up its marketing to calm customer fears. It’s possible, the company is good at talking to the industry, but consumer communication has not been a Huawei strength.

Who wins?

If consumers and retailers turn their back on Huawei, it will take price pressure off rival phone makers. Samsung will benefit most. Huawei has been snapping at Samsung’s heels for some time. Huawei Android phones tend to be as good as Samsung models, but cost a little less.

Apple stands to benefit too. We’ll come back to that point in another post.

There’s every possibility that unease about Huawei phones will spread to other Chinese brands.

Oppo has made a splash here, but the brand needs to work hard to explain why it should not be tarred with the same brush.

After all, if the Chinese government can bully its most prestigious technology company into handing over data, stomping on a smaller player will be simple.

All of this is speculation. It’s possible the scare goes away. It could be that New Zealanders don’t follow Americans and Australians in treating the Huawei brand with caution or suspicion. But on overseas evidence, we should prepare for a phone market shake up.

In my next post about Huawei, I’m going to look at why spying-related suspicion about the company’s phone handsets is misplaced.

Disclosure: Bill Bennett has travelled to China and elsewhere as Huawei’s guest on three occasions.