CR19-010: The United States vs. Huawei

Published: 2019-01-30
Last Updated: 2019-01-30 07:16:49 UTC
by Russ McRee (Version: 1)
1 comment(s)

As I scrolled through my Twitter feed this evening, I came across a recommendation from @rob_schmitz, NPR's Shanghai correspondent, who recommended "not to just read stories/press releases about Huawei's tech theft, but to read, in full, the DOJ indictment. The evidence is abundant and clear that Huawei rewarded employees for stealing technology and has been covering it up for years." So in case you thought all the furor over Huawei's behavior was hype or exagerated, let me compel you to read the indictment per Rob's recommendation. This particular fiasco hits really close to home for me, as the United States District Court for the Western District of Washington is across the lake in Seattle, and T-Mobile, employer to friends and colleagues, is right in Bellevue, literally the next town over from where I both work and live. Here's the abstract of the ten counts filed: between June 2012 and September 2014, Huawei, and others unknown, consprired to steal trade secrets (Count 1), attempted to steal trade secrets (Count 2), committed seven counts of wire fraud (Counts 3-9), and  obstructed justice (Count 10), in a campaign against T-Mobile. The indictment reads like a novel, and covers Huawei's not-so-covert efforts to steal Tappy, T-Mobile's robotic phone testing system in order to expedite the development of their own related product. 

Grab a preferred beverage, a bag of popcorn, and take Rob's advice, read the indictment: https://www.justice.gov/opa/press-release/file/1124996/download. I'll keep opinions to myself and let you form your own, as well as let justice follow its due course, but allow me this one Captain Obvious moment: if you have something they want, they will attempt and/or succeed at stealing it. To believe otherwise is shortsighted and foolish, this is just yet another of a plethora of examples over these past many years. And it's not going to get better. 

Russ McRee | @holisticinfosec

1 comment(s)

Comments

Just a reminder that this is not new behavior on the part of Huawei. According to WSJ article "Huawei Admits Copying Code From Cisco in Router Software" https://www.wsj.com/articles/SB10485560675556000 (full article requires subscription) a Huawei employee obtained Cisco source code in 1999 which was incorporated in at least one Huawei product in the early 2000's.

I remember hearing (but do not have a link or evidence) that at least one of Huawei's products had Cisco's "EIGRP" feature (a Cisco-proprietary routing protocol) and that "Huawei's implementation" even had some identical bugs to Cisco's original implementation.

- Darrell

Diary Archives